Re: [users@httpd] Suggestion/Question about HTTP & HTTPS configurations
If you really don't need vhost-specific HTTPS configurations (have wildcard certificate?), you can probably make HTTPS copies of all of your HTTP vhosts with some clever use of mod_proxy and mod_rewrite. I wouldn't recommend going this way though, sounds like interesting exercise but more trouble than benefits in production. > Debian uses "Include" by default because of it's built-in `a2ensite` > shortcut. Even with the Include (as your code illustrates) there needs to be > a Virtual Host configuration block for HTTP on port 80 and for HTTPS on port > 443. You can still use your Include within that Include. Works great for me. > Unless specifically configured differently, why not assume they are the same > (as HTTP/port 80 for a matching Virtual Host)? Because: * Most real installations are more complex than that. * Apache configuration does not work this way (what if I don't want either of HTTP or HTTPS vhosts?) * Every HTTPS vhost normally needs some configuration, at least a separate certificate. * Finally, your proposed behavior is not even a good default these days (redirect from HTTP to HTTPS is). -- With Best Regards, Marat Khalili On May 20, 2017 7:46:39 PM GMT+03:00, Adam Powellwrote: >Hi Daniel, > >Thanks for trying to help but maybe I didn't explain this well enough. > >Debian uses "Include" by default because of it's built-in `a2ensite` >shortcut. > >Even with the Include (as your code illustrates) there needs to be a >Virtual Host configuration block for HTTP on port 80 and for HTTPS on >port >443. > >Unless specifically configured differently, why not assume they are the >same (as HTTP/port 80 for a matching Virtual Host)? > >I hope that helps clarify. > >Adam Powell >http://www.adaminfinitum.com > > >On Sat, May 20, 2017 at 6:05 AM, Daniel wrote: > >> There is a directive called "Include" >> >> With this directive you can specify any number of directives in a >file >> and then define the Include pointing to the same file wherever you >may >> need. >> >> For instance >> >> >> Include conf/common.conf >> >> >> >> SSLEngine on >> SSLCertificatefile conf/x509.crt >> SSLCertitificateKeyFile conf/rsa.key >> Include conf/common.conf >> >> >> and common.conf can have: >> ServerName myserver.exam.com >> DocumentRoot /var/www >> DirectoryIndex index.html >> FallbackResource /index.html >> Redirect /one/ /two/ >> Header set myheader "Hello" >> # and all directives you may need. >> >> >> >> >> 2017-05-20 2:53 GMT+02:00 Adam Powell : >> > Hello, >> > >> > I am a user of Apache in the sense that I install it, configure it >and >> run >> > it to host sites...I'm hoping this is the correct list to send this >to. >> > >> > Anyway, I recently did my first "from scratch" Apache install, >build and >> > configuration in a cloud server (I had always used cPanel & WHM >before). >> > >> > My suggestion is that Apache should "assume" that port 80 for HTTP >and >> port >> > 443 for HTTPS and that they both serve the same content. >> > >> > I'm not suggesting people shouldn't be able to customize it, but >adding >> > duplicate and redundant directives for each Virtual Host for HTTP >and >> HTTPS >> > seems unneeded. >> > >> > In short, I'm suggesting a "smart default" that in the absence of a >> specific >> > Virtual Host configuration for HTTPS, just assumes that the HTTPS >matches >> > the HTTP config for that Virtual Host. >> > >> > Background: I got Apache (2.4.x) up and running on a Debian VM, >> configured >> > all my Virtual Hosts, installed an SLL certificate and went to view >the >> > HTTPS version of a site. >> > >> > I was redirected to the 'default' page for the server (not the >default >> page >> > for the Virtual Host). >> > >> > I then realized I needed additional, identical rules for that >Virtual >> Host >> > for HTTPS on port 443...simply put, it seems like that extra level >of >> > configuration shouldn't be required...that it should work that way >> > automagically unless specifically configured otherwise. >> > >> > If not, I'd love to know why that's a bad idea. >> > >> > Thanks! >> > >> > Adam Powell >> > http://www.adaminfinitum.com >> > >> >> >> >> -- >> Daniel Ferradal >> IT Specialist >> >> email dferradal at gmail.com >> linkedin es.linkedin.com/in/danielferradal >> >> - >> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org >> For additional commands, e-mail: users-h...@httpd.apache.org >> >>
Re: [users@httpd] Suggestion/Question about HTTP & HTTPS configurations
Hi Daniel, Thanks for trying to help but maybe I didn't explain this well enough. Debian uses "Include" by default because of it's built-in `a2ensite` shortcut. Even with the Include (as your code illustrates) there needs to be a Virtual Host configuration block for HTTP on port 80 and for HTTPS on port 443. Unless specifically configured differently, why not assume they are the same (as HTTP/port 80 for a matching Virtual Host)? I hope that helps clarify. Adam Powell http://www.adaminfinitum.com On Sat, May 20, 2017 at 6:05 AM, Danielwrote: > There is a directive called "Include" > > With this directive you can specify any number of directives in a file > and then define the Include pointing to the same file wherever you may > need. > > For instance > > > Include conf/common.conf > > > > SSLEngine on > SSLCertificatefile conf/x509.crt > SSLCertitificateKeyFile conf/rsa.key > Include conf/common.conf > > > and common.conf can have: > ServerName myserver.exam.com > DocumentRoot /var/www > DirectoryIndex index.html > FallbackResource /index.html > Redirect /one/ /two/ > Header set myheader "Hello" > # and all directives you may need. > > > > > 2017-05-20 2:53 GMT+02:00 Adam Powell : > > Hello, > > > > I am a user of Apache in the sense that I install it, configure it and > run > > it to host sites...I'm hoping this is the correct list to send this to. > > > > Anyway, I recently did my first "from scratch" Apache install, build and > > configuration in a cloud server (I had always used cPanel & WHM before). > > > > My suggestion is that Apache should "assume" that port 80 for HTTP and > port > > 443 for HTTPS and that they both serve the same content. > > > > I'm not suggesting people shouldn't be able to customize it, but adding > > duplicate and redundant directives for each Virtual Host for HTTP and > HTTPS > > seems unneeded. > > > > In short, I'm suggesting a "smart default" that in the absence of a > specific > > Virtual Host configuration for HTTPS, just assumes that the HTTPS matches > > the HTTP config for that Virtual Host. > > > > Background: I got Apache (2.4.x) up and running on a Debian VM, > configured > > all my Virtual Hosts, installed an SLL certificate and went to view the > > HTTPS version of a site. > > > > I was redirected to the 'default' page for the server (not the default > page > > for the Virtual Host). > > > > I then realized I needed additional, identical rules for that Virtual > Host > > for HTTPS on port 443...simply put, it seems like that extra level of > > configuration shouldn't be required...that it should work that way > > automagically unless specifically configured otherwise. > > > > If not, I'd love to know why that's a bad idea. > > > > Thanks! > > > > Adam Powell > > http://www.adaminfinitum.com > > > > > > -- > Daniel Ferradal > IT Specialist > > email dferradal at gmail.com > linkedin es.linkedin.com/in/danielferradal > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >
Re: [users@httpd] Suggestion/Question about HTTP & HTTPS configurations
There is a directive called "Include" With this directive you can specify any number of directives in a file and then define the Include pointing to the same file wherever you may need. For instance Include conf/common.conf SSLEngine on SSLCertificatefile conf/x509.crt SSLCertitificateKeyFile conf/rsa.key Include conf/common.conf and common.conf can have: ServerName myserver.exam.com DocumentRoot /var/www DirectoryIndex index.html FallbackResource /index.html Redirect /one/ /two/ Header set myheader "Hello" # and all directives you may need. 2017-05-20 2:53 GMT+02:00 Adam Powell: > Hello, > > I am a user of Apache in the sense that I install it, configure it and run > it to host sites...I'm hoping this is the correct list to send this to. > > Anyway, I recently did my first "from scratch" Apache install, build and > configuration in a cloud server (I had always used cPanel & WHM before). > > My suggestion is that Apache should "assume" that port 80 for HTTP and port > 443 for HTTPS and that they both serve the same content. > > I'm not suggesting people shouldn't be able to customize it, but adding > duplicate and redundant directives for each Virtual Host for HTTP and HTTPS > seems unneeded. > > In short, I'm suggesting a "smart default" that in the absence of a specific > Virtual Host configuration for HTTPS, just assumes that the HTTPS matches > the HTTP config for that Virtual Host. > > Background: I got Apache (2.4.x) up and running on a Debian VM, configured > all my Virtual Hosts, installed an SLL certificate and went to view the > HTTPS version of a site. > > I was redirected to the 'default' page for the server (not the default page > for the Virtual Host). > > I then realized I needed additional, identical rules for that Virtual Host > for HTTPS on port 443...simply put, it seems like that extra level of > configuration shouldn't be required...that it should work that way > automagically unless specifically configured otherwise. > > If not, I'd love to know why that's a bad idea. > > Thanks! > > Adam Powell > http://www.adaminfinitum.com > -- Daniel Ferradal IT Specialist email dferradal at gmail.com linkedin es.linkedin.com/in/danielferradal - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] Suggestion/Question about HTTP & HTTPS configurations
Hello, I am a user of Apache in the sense that I install it, configure it and run it to host sites...I'm hoping this is the correct list to send this to. Anyway, I recently did my first "from scratch" Apache install, build and configuration in a cloud server (I had always used cPanel & WHM before). My suggestion is that Apache should "assume" that port 80 for HTTP and port 443 for HTTPS and that they both serve the same content. I'm not suggesting people shouldn't be able to customize it, but adding duplicate and redundant directives for each Virtual Host for HTTP and HTTPS seems unneeded. In short, I'm suggesting a "smart default" that in the absence of a specific Virtual Host configuration for HTTPS, just assumes that the HTTPS matches the HTTP config for that Virtual Host. Background: I got Apache (2.4.x) up and running on a Debian VM, configured all my Virtual Hosts, installed an SLL certificate and went to view the HTTPS version of a site. I was redirected to the 'default' page for the server (not the default page for the Virtual Host). I then realized I needed additional, identical rules for that Virtual Host for HTTPS on port 443...simply put, it seems like that extra level of configuration shouldn't be required...that it should work that way automagically unless specifically configured otherwise. If not, I'd love to know why that's a bad idea. Thanks! Adam Powell http://www.adaminfinitum.com