> -----Original Message----- > From: John P. Speno [mailto:[EMAIL PROTECTED] > Sent: Sonntag, 6. November 2005 00:07 > To: users@httpd.apache.org > Subject: [EMAIL PROTECTED] Limiting SSL to a specific virtual host > > > On a 1.3.27 server with 1 IP address and 3 name based virtual hosts. > As it is now, if you use 'https' with any of the domain names that > resolves to this server's address, you'll see the same > document root. > How do I limit the SSL part to work for just "www.example2.com" and > not for any of the other domains?
The key thing to note is that the SSL VH must be unique at the TCP/IP layer. That is, it must use a unique IP & port combination. The simplest way to achievet this is to put the port number on all tags containingIPs, eg: NameVirtualHost *:80 <VH *:80> ServerName www.example1.com DocumentRoot /example1 <VH *:80> ServerName www.example2.com DocumentRoot /example2 <VH *:443> ServerName www.example2.com <-- not really necessary with SSL DocumentRoot /example2 Now the name-virtual hosting only works on port 80 and anything coming in on port 443 is uniquely assigned to the SSL VH. > Also, suggestions on what > to return > in those other cases are also welcome (404? Something else?). Since all your domains resolve to the same IP, they will all end up in the SSL VH and serve example2. NB - Remember that you can't do name-based VHs with SSL. Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. > > Here's my minimal config: > > ServerName www.example1.com > DocumentRoot /example1 > <VirtualHost *> > </VirtualHost> > > <VirtualHost *> > ServerName www.example2.com > DocumentRoot /example2 > </VirtualHost> > > <VirtualHost *> > ServerName www.example3.com > DocumentRoot /example3 > </VirtualHost> > > <VirtualHost _default_:443> > # I only want this port to "work" for https://www.example2.com/* > DocumentRoot /example2 > </VirtualHost> > > Thanks. > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP > Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] > " from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a private and personal nature. It is not related to the exchange or business activities of the SWX Group. Le présent e-mail est un message privé et personnel, sans rapport avec l'activité boursière du Groupe SWX. This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
