Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
On 08.12.10 12:45, Tom Evans wrote: The best way to avoid this problem is not dummy vhosts, it is to not serve multiple websites from the same IP if you intend on handling SSL for any one of those websites and not the others. SSL sites that share a certificate (eg, if you have a wildcard certificate) are fine to share an IP. but when anyone points any hostname to the same address, he can ONLY process it as - the main and only host on the adress - throw and error host not configured. for the latter, he must configure one more virtual host on the same IP/port pair because apache does NOT know the host not configured error so we must create it. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. The early bird may get the worm, but the second mouse gets the cheese. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
On 08.12.2010 12:48, Tom Evans wrote: ... and serve data from the www.hosta.com vhost. On 08.12.10 13:21, b...@kanka.de wrote: .. but at this point apache knows that there is something wrong with the request or the configuration, and should throw an error instead of serving the wrong data. I am also sorry but apache does not support any host not configured error, it just uses default (first configured) vhost in such case. I'd love if apache supported the host not configured error. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I drive way too fast to worry about cholesterol. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
On 07.12.10 19:08, b...@kanka.de wrote: I've switched to a new debian server with apache 2.2.9 and installed the 'phpgadmin' tool via a debian package. This copies the php sources outside of /var/www and sets an 'alias ..' directive in /etc/apache2/conf.d/ Now what happens to my surprise is that /phppgadmin is accessible via all my virtual hosts, not just the one (base host) where it is defined. The /etc/apache2/conf.d/ directory is included from main server config (/etc/apache2/apache2.conf) and thus aliases defined there apply in all virtual hosts. This is one of reasons why I dislike this automatic way of configuring of apache in distributions. I recommend you comment out the Include /etc/apache2/conf.d/ in /etc/apache2/apache2.conf and include it only in vhosts you need them. The /etc/apache2/conf.d/security should be apparently included right from apache2.conf, the other From the same reason I removed some mods-enabled/*.conf and load it from separate virtual hosts where needed, e.g.: mods-available/alias.conf mods-available/info.conf mods-available/status.conf mods-available/userdir.conf etc. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. One World. One Web. One Program. - Microsoft promotional advertisement Ein Volk, ein Reich, ein Fuhrer! - Adolf Hitler - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
Hello, On 08.12.2010 11:38, Matus UHLAR - fantomas wrote: Now what happens to my surprise is that /phppgadmin is accessible via all my virtual hosts, not just the one (base host) where it is defined. ... On 07.12.10 20:27, Joost de Heer wrote: SSL namebased virtualhosting will not work. .. He can have wildcard certificate or certificate with alternative names to avoid this error. Just to make it clear: What I perceived as a .. quirky behaviour of apache was that it did _not_ throw an error when https://not-ssl-configured-domain.xx is requested. How to run several https domains with one IP was not my challenge. / Bernd - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
On Wed, Dec 8, 2010 at 11:13 AM, b...@kanka.de wrote: Just to make it clear: What I perceived as a .. quirky behaviour of apache was that it did _not_ throw an error when https://not-ssl-configured-domain.xx is requested. How to run several https domains with one IP was not my challenge. / Bernd Until the incoming request has been received and decrypted, apache has no clue that the domain requested was 'not-ssl-configured-domain.xx'. That's kind of the point of SSL. In order to decrypt the request, apache must handshake with the client, passing certificates to the client indicating what the host is. This happens before the client sends any information about the request. Apache determines which vhost to use to send certificates from based on the ip:port, since no other information is available. Because of this, if you have two hosts, www.hosta.com and www.hostb.com, that resolve to the same IP address, and configure SSL for www.hosta.com, then requesting www.hostb.com via SSL will connect and handshake using certificates from www.hosta.com and serve data from the www.hosta.com vhost. It's not quirky, it's a direct consequence of how things work, and without changing how SSL works it will always work that way. Cheers Tom - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
Hello, On 08.12.2010 12:48, Tom Evans wrote: Until the incoming request has been received and decrypted, apache has no clue that the domain requested was 'not-ssl-configured-domain.xx'. That's kind of the point of SSL. Ok, thanks for pointing that out. Apache determines which vhost to use to send certificates from based on the ip:port, since no other information is available. Makes perfect sense. Because of this, if you have two hosts, www.hosta.com and www.hostb.com, that resolve to the same IP address, and configure SSL for www.hosta.com, then requesting www.hostb.com via SSL will connect and handshake using certificates from www.hosta.com ... Fine so far ... ... and serve data from the www.hosta.com vhost. .. but at this point apache knows that there is something wrong with the request or the configuration, and should throw an error instead of serving the wrong data. It's not quirky, it's a direct consequence of how things work, .. Look at my solution - having to define a dummy-vhost to catch the ssl-requests for all domains not explicitely ssl-defined, in order to restrain the service to the one domain it was meant for. At least at this point a kind of ServerName ... exclusive directive for the config (and logic behind) could make sense, or maybe it exists and my weary eyes overread it. / Bernd - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
ServerName ... exclusive directive for the config (and logic behind) could make sense, or maybe it exists and my weary eyes overread it. This facility is effectively already there by creating a default (first-listed) name-based virtual host and handling unspecified domains that show up on that interface however you desire. -- Eric Covener cove...@gmail.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
Hello, On 08.12.2010 13:31, Eric Covener wrote: ServerName ... exclusive directive for the config (and logic behind) could make sense, ... This facility is effectively already there by creating a default (first-listed) name-based virtual host and handling unspecified domains that show up on that interface however you desire. Having to define a dummy ssl-vhost, including the SSLProtocol and Certificate directives, then repeating these directives for the domain that is actually used - that's exactly what I call 'quirky'. And the situation of having one IP and various vhosts, while offering ssl-encrypted services from one domain only, is not too rare. / Bernd - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
On Wed, Dec 8, 2010 at 12:21 PM, b...@kanka.de wrote: Hello, On 08.12.2010 12:48, Tom Evans wrote: Until the incoming request has been received and decrypted, apache has no clue that the domain requested was 'not-ssl-configured-domain.xx'. That's kind of the point of SSL. Ok, thanks for pointing that out. Apache determines which vhost to use to send certificates from based on the ip:port, since no other information is available. Makes perfect sense. Because of this, if you have two hosts, www.hosta.com and www.hostb.com, that resolve to the same IP address, and configure SSL for www.hosta.com, then requesting www.hostb.com via SSL will connect and handshake using certificates from www.hosta.com ... Fine so far ... ... and serve data from the www.hosta.com vhost. .. but at this point apache knows that there is something wrong with the request or the configuration, and should throw an error instead of serving the wrong data. Typically, you don't even get to that point. Most browsers will throw a fit if they request www.hostb.com and are served certificates for www.hosta.com. The best way to avoid this problem is not dummy vhosts, it is to not serve multiple websites from the same IP if you intend on handling SSL for any one of those websites and not the others. SSL sites that share a certificate (eg, if you have a wildcard certificate) are fine to share an IP. It's not quirky, it's a direct consequence of how things work, .. Look at my solution - having to define a dummy-vhost to catch the ssl-requests for all domains not explicitely ssl-defined, in order to restrain the service to the one domain it was meant for. But you still able to connect and request https://www.hostb.com/, it will still fail with a certificate error message to the user that doesn't make sense. It is better if the site does not exist, that you cannot connect to it, which you cannot do if you share an IP. To my mind, this is a consequence of choosing a less than ideal hosting structure, Apache shouldn't/can't do any more. At least at this point a kind of ServerName ... exclusive directive for the config (and logic behind) could make sense, or maybe it exists and my weary eyes overread it. / Bernd - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
Hello, On 08.12.2010 13:45, Tom Evans wrote: .. but at this point apache knows that there is something wrong with the request or the configuration, and should throw an error instead of serving the wrong data. Typically, you don't even get to that point. Most browsers will throw a fit if they request www.hostb.com and are served certificates for www.hosta.com. And the experienced user has seen these warnings often, so he regularly clicked on I understand the risks and accepted the ssl session anyway - and it's even wiser in most cases to do because mostly you're better off (in web 2.0 services for example) with an encrypted transfer and non-secure identity than with both non-secure... The best way to avoid this problem is not dummy vhosts, it is to not serve multiple websites from the same IP ... In an ideal world, yes. But in this world the number of available IPs is restricted, whereas the quest for new domains seems endless. .. over 240 Million active and deleted domains in the .com .net .org .biz .info .mobi .asia .ie .eu .de .co.uk Top Level Domains.. ( http://www.hosterstats.com ) ... if you intend on handling SSL for any one of those websites and not the others. SSL sites that share a certificate (eg, if you have a wildcard certificate) are fine to share an IP. If there is exactly one SSL site a wildcard cert is not needed and makes little sense IMHO. / Bernd - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
Hello, On 08.12.2010 14:13, Tom Evans wrote: ... And the experienced user has seen these warnings often, so he regularly clicked on I understand the risks and accepted the ssl session anyway - and it's even wiser in most cases to do because mostly you're better off (in web 2.0 services for example) with an encrypted transfer and non-secure identity than with both non-secure... What 'experienced' (stupid?) users do is neither here nor there. I rarely trust self signed certs and would never accept a certificate for a host that isn't what it claims to be. Since 'experienced' users do do this sort of thing, don't give them an option to do so. I don't give them this opportunity, neither do you and all the other responsible people on this ML. The reality on the world wide web is different, and leads to users spontanously clicking I understand the risk even if it's not really true. The best way to avoid this problem is not dummy vhosts, it is to not serve multiple websites from the same IP ... In an ideal world, yes. But in this world the number of available IPs is restricted, whereas the quest for new domains seems endless. IPv4 addresses aren't exactly tricky to lay your hands on, despite the endless yearly warnings that IPv4 will run out in the next N years. If you have a direct contract with the backbone provider, fine. If your server has a rented place in a data center your IP range is normally restricted. If you have one SSL site, and many non SSL sites, you should host on 2 distinct IPs, ... I prefer to keep my few IPs for real SSL services instead of nicer-written configuration. ... The cost of obtaining a second IP is small compared to the brand cost of having badly served SSL sites. My SSL and non-SSL sites are served perfectly now that I found the hack-around (with the help of this ML). I'd just prefer that apache offered a more concise way to configure that. / Bernd - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
On Wed, Dec 8, 2010 at 7:43 AM, b...@kanka.de wrote: Hello, On 08.12.2010 13:31, Eric Covener wrote: ServerName ... exclusive directive for the config (and logic behind) could make sense, ... This facility is effectively already there by creating a default (first-listed) name-based virtual host and handling unspecified domains that show up on that interface however you desire. Having to define a dummy ssl-vhost, including the SSLProtocol and Certificate directives, then repeating these directives for the domain that is actually used - that's exactly what I call 'quirky'. And the situation of having one IP and various vhosts, while offering ssl-encrypted services from one domain only, is not too rare. And at least 50% of the world would think whatever you intuitively expect to happen in this case is quirky. That's why there's a configuration file. -- Eric Covener cove...@gmail.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
Hello, On 08.12.2010 15:03, Eric Covener wrote: And at least 50% of the world would think whatever you intuitively expect to happen in this case is quirky. That's why there's a configuration file. I expect nothing to happen intuitively. What happens now, serving any-SSL violating the vhost definition, is simply wrong. Then, to overcome this, I propose a less quirky configuration, for example with ServerName .. exclusive / Bernd - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
On Wed, Dec 8, 2010 at 9:54 AM, b...@kanka.de wrote: Hello, On 08.12.2010 15:03, Eric Covener wrote: And at least 50% of the world would think whatever you intuitively expect to happen in this case is quirky. That's why there's a configuration file. I expect nothing to happen intuitively. What happens now, serving any-SSL violating the vhost definition, is simply wrong. Then, to overcome this, I propose a less quirky configuration, for example with ServerName .. exclusive So it would handshake with the wrong information and serve the wrong virtualhosts error documents? Sounds wrong. -- Eric Covener cove...@gmail.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
Hello, On 08.12.2010 16:01, Eric Covener wrote: .. I propose a less quirky configuration, for example with ServerName .. exclusive So it would handshake with the wrong information and serve the wrong virtualhosts error documents? The exclusive defined vhost would do what the second vhost in my solution does, okay? So it would do what the admin intented it to do, and it would do right so. / Bernd - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] Alias-ed directory appears on multiple virtual hosts
Hello, I've switched to a new debian server with apache 2.2.9 and installed the 'phpgadmin' tool via a debian package. This copies the php sources outside of /var/www and sets an 'alias ..' directive in /etc/apache2/conf.d/ Now what happens to my surprise is that /phppgadmin is accessible via all my virtual hosts, not just the one (base host) where it is defined. I also decided to serve the tool only via https, so I moved the directive to the SSL part of my config. Simplified, my vhost.conf (included by httpd.conf) looks like this: NameVirtualHost 1.2.3.4:80 VirtualHost 1.2.3.4:80 ServerName www.onesite.com ServerAlias onesite.com *.onesite.com DocumentRoot /var/www/ /VirtualHost VirtualHost 1.2.3.4:80 ServerName www.twosite.com ServerAlias twosite.com *.twosite.com DocumentRoot /var/www/two/ /VirtualHost ## SSL ## NameVirtualHost 1.2.3.4:443 VirtualHost 1.2.3.4:443 ServerName www.onesite.com ServerAlias onesite.com *.onesite.com DocumentRoot /var/www/ # pgAdmin Alias /phppgadmin /usr/share/phppgadmin/ Directory /usr/share/phppgadmin/ DirectoryIndex index.php Options +FollowSymLinks /Directory /VirtualHost # end vhost.conf So, what works as designed: http://onesite.com http://twosite.com https://onesite.com/phppgadmin What works not and should not work - i.e. throws a 404 error: http://onesite.com/phppgadmin http://twosite.com/phppgadmin What works and should _not_ work: https://twosite.com/phppgadmin It seems that the Alias directive is applied to _all_ hosts, not just the one inside the VirtualHost .. / block. From the apache docs: http://httpd.apache.org/docs/current/mod/mod_alias.html#alias I read the context: Virtual host means it is only effective in the respective host, but maybe I misunderstood this? Any hints how to restrict /phppgadmin on the first domain? / Bernd - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
What works and should _not_ work: https://twosite.com/phppgadmin You only listed one port 443 virtualhost, and it has the Alias in it. Apache finds the best match for the IP:Port, then looks at the ServerName/ServerAlias in that set of NameVirtualHost's. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
Hello, On 07.12.2010 19:13, Eric Covener wrote: What works and should _not_ work: https://twosite.com/phppgadmin You only listed one port 443 virtualhost, and it has the Alias in it. Apache finds the best match for the IP:Port, then looks at the ServerName/ServerAlias in that set of NameVirtualHost's. But there it finds only onsite.com definitions - so I'd expect it not to serve anything with https://twosite.com/... - right? / Bernd - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
On Tue, Dec 7, 2010 at 1:26 PM, b...@kanka.de wrote: Hello, On 07.12.2010 19:13, Eric Covener wrote: What works and should _not_ work: https://twosite.com/phppgadmin You only listed one port 443 virtualhost, and it has the Alias in it. Apache finds the best match for the IP:Port, then looks at the ServerName/ServerAlias in that set of NameVirtualHost's. But there it finds only onsite.com definitions - so I'd expect it not to serve anything with https://twosite.com/... - right? No, based on my short description of how a virtualhost is found, you never jump to 2nd-best IP:PORT match to match up a servername/serveralias (especially in this case where you'd be jumping from HTTPS to HTTP) - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
Hello, On 07.12.2010 19:35, Eric Covener wrote: ... No, based on my short description of how a virtualhost is found, you never jump to 2nd-best IP:PORT match to match up a servername/serveralias ... Right, so I'd expect apache to throw an error - instead it uses a ServerName from another virtualhost declaration - strange, IMHO... So the (merely elegant) solution would be to add SSL-virtualhost definitions for all other domains? / Bernd - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
Now what happens to my surprise is that /phppgadmin is accessible via all my virtual hosts, not just the one (base host) where it is defined. All your virtual hosts or all your SSL virtual hosts? https://onesite.com/phppgadmin https://twosite.com/phppgadmin SSL namebased virtualhosting will not work. Joost - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
Hi, On 07.12.2010 20:27, Joost de Heer wrote: Now what happens to my surprise is that /phppgadmin is accessible via all my virtual hosts, not just the one (base host) where it is defined. All your virtual hosts or all your SSL virtual hosts? The latter. https://onesite.com/phppgadmin https://twosite.com/phppgadmin SSL namebased virtualhosting will not work. So apache should throw an error, right? / Bernd - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
So apache should throw an error, right? Apache uses the first virtual host in each set of NameVirtualHost's as a default/catch-all after IP-based vhosting as selected that host:port. -- Eric Covener cove...@gmail.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] Hacked / Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
Ho, On 07.12.2010 20:33, Eric Covener wrote: Apache uses the first virtual host in each set of NameVirtualHost's as a default/catch-all after IP-based vhosting ... Now I understand, thanks for your patience in explaining it. What I did now is add a dummy-domain on top of my SSL config: ## SSL ## NameVirtualHost 1.2.3.4:443 VirtualHost 1.2.3.4:443 DocumentRoot/var/www/ ServerName www.catch-dummy.xx SSLEngine on SSLProtocol all -SSLv2 SSLCertificateFile ... /VirtualHost VirtualHost 1.2.3.4:443 ServerName www.onesite.com ServerAlias onesite.com *.onesite.com DocumentRoot /var/www/ # pgAdmin Alias /phppgadmin /usr/share/phppgadmin/ Directory /usr/share/phppgadmin/ DirectoryIndex index.php Options +FollowSymLinks /Directory /VirtualHost ## end This works, albeit looks more like a hack than a solution... / Bernd - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org