[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Running several name-based web sites on a single IP address

Posted on 2004-08-17
7
Medium Priority
?
450 Views
Last Modified: 2013-12-15
Hi, I am trying to create my own Linux Web Server, any advice anyone can offer me would be greatly appreciated.
I am a newbie when it comes to Networks & Linux.

I have installed Whitebox Linux, which from what I understand is based on Red Hat Enterprise Linux version 3.0 minus Red Hats logos & copyright etc.
Visit www.whiteboxlinux.net for product details if anyone is interested.

I have a Dlink DI-824VUP+ router, which is connected, to my ADSL modem; I also have a static IP address from my ISP.
Router local IP address is 192.168.0.1 and I have enabled static DHCP server to assign same IP to my Windows XP Desktop (192.168.0.2) & Windows XP Laptop (192.168.0.4).

My Linux box has a static IP address of 192.168.0.3.
I have also enabled the following on my router.
 Virtual Server FTP 192.168.0.3 TCP 21 / 21 always  
 Virtual Server HTTP 192.168.0.3 TCP 80 / 80 always  
 Virtual Server HTTPS 192.168.0.3 TCP 443 / 443 always

I have created several test usernames and folders which I can FTP from my other windows machines.
/home/username1/public_html/
/home/username2/public_html/
/home/username3/public_html/

1.Should I create users folders as above or should they be in another directory such as /var/www/html/?

2. Do I need to enable iptables on my Linux box or is it better to use the firewall that comes with my router?

3. I have a couple of registered domains which I have set the A records to point to IP address assigned by my ISP.I have read that I need to set CNAMES to point to this IP address to use virtual hosting, is this correct or should I use A records, can anyone please clarify?

When I enter my domain names remotely or locally I get redirected to my web server OK, but not to the correct user directories. The request go directly to /var/www/html/ apache test page.

xxx.xxx.xxx.xxx is my static IP assigned by my ISP.

Partial Contents of my httpd.comf shown below

NameVirtualHost 192.168.0.3
NameVirtualHost xxx.xxx.xxx.xxx
<VirtualHost 192.168.0.3 xxx.xxx.xxx.xxx>
       DocumentRoot /home/username1/public_html/
       ServerName username1.com
        ServerAlias www.username1.com
</VirtualHost>
<VirtualHost 192.168.0.3 xxx.xxx.xxx.xxx>
       DocumentRoot /home/username2/public_html/
       ServerName username2.com
        ServerAlias www.username2.com
</VirtualHost>
<VirtualHost 192.168.0.3>
       DocumentRoot /home/username3/public_html/
       ServerName username3.com
        ServerAlias www.username3.com
</VirtualHost>


4. I would like to access www.username1.com & www.username2.com locally and remotely but want to access
username3 just from my local network, is this possible??

Thanks for any feedback you provide.
0
Comment
Question by:sabecs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
7 Comments
 
LVL 22

Expert Comment

by:pjedmond
ID: 11825967
Yes it is possible. You need to use the htaccess capability within the folders that apply to username3.com:

http://www.freewebmasterhelp.com/tutorials/htaccess/2

is a nice little introduction. In particular, you set the allow settings for username3, to be only ips within your local network.
Note that it is conventional to deny from all, and then allow only the ips that you what to allow connections from.

You need to ensure that the main apache configuration file has:

AllowOverride AuthConfig

for that particular virtual domain, and remember that there are various levels of cascaded authority within this file.

HTH:)
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 11825991
Another idea is that you could create a virtual ip for username3.com:

ifconfig eth0:1 192.168.0.4 netmask 255.255.255.0 etc

and then access that domain via 192.168.0.4 instead of 192.168.0.3.  Connections from the outside world only being routed to 192.168.0.3 by your gateway/router/firewall etc
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 11826001
Another idea - put in an additional ethernet card into that box, and make this card only accessible from inside the network, using a similar approach to above.

I think that's me out of ideas.

HTH:)
0
 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

 
LVL 22

Expert Comment

by:pjedmond
ID: 11826006
Sorry - didn't read you Q properly - obviously that reference to 192.168.0.4, needs to be changed to a different ip address not previously allocated.
0
 
LVL 22

Assisted Solution

by:pjedmond
pjedmond earned 1000 total points
ID: 11826039
1.Should I create users folders as above or should they be in another directory such as /var/www/html/?

Either is good - some people specifically go for one option or the other depending on there partition allocation - the idea being that you might want the 'data' element to go on a RAID array.

2. Do I need to enable iptables on my Linux box or is it better to use the firewall that comes with my router?

Security is all about layers of defence. Using both is always better than using just one. You just need to get the correct balance between useability and security. The only secure system is one that has its connection to the internet cut! - Always take backups!

3. I have a couple of registered domains which I have set the A records to point to IP address assigned by my ISP.I have read that I need to set CNAMES to point to this IP address to use virtual hosting, is this correct or should I use A records, can anyone please clarify?

A records are fine - be careful with CNAMES as there is room  for 'strange' things to happen.
0
 
LVL 3

Accepted Solution

by:
dufduf earned 1000 total points
ID: 11831438
> 1.Should I create users folders as above or should they be in another directory such as  var/www/html/?

Matter of taste, I'd say. After all, it's your system.

> 2. Do I need to enable iptables on my Linux box or is it better to use the firewall that comes with my router?

You don't *need* to. Of course, you don't need to lock your doors, either. I strongly suggest that you set up a firewall for you linux-box. If you find that raw iptables gives you headache, check some nicer frontend.

> 3. I have a couple of registered domains which I have set the A records to point to IP address assigned by my ISP.I have read that I need to set CNAMES to point to this IP address to use virtual hosting, is this correct or should I use A records, can anyone please clarify?

I have A record for www.example.com and CNAMEs for example.conm, www.example2.com and example2.com, all pointing to same IP.

> When I enter my domain names remotely or locally I get redirected to my web server OK, but not to the correct user directories.

http://httpd.apache.org/docs/vhosts/

This is how I've done it.

httpd.conf

----- 8< ----- 8< -----

NameVirtualHost *

<VirtualHost *>
    ServerName www.example.com
    ServerAlias example.com
    ServerAdmin webmaster@example.com
    DocumentRoot /var/www/example_com
    ErrorLog logs/example_com-error.log
    CustomLog logs/example_com-access.log combined
</VirtualHost>

<VirtualHost *>
    ServerName www.example2.com
    ServerAlias example2.com
    ServerAdmin webmaster@example.com
    DocumentRoot /var/www/example2_com
    ErrorLog logs/example2_com-error.log
    CustomLog logs/example_com2-access.log combined
</VirtualHost>

----- 8< ----- 8< -----

This, and the dns-stuff I mentioned earlier.

> 4. I would like to access www.username1.com & www.username2.com locally and remotely but want to access username3 just from my local network

http://httpd.apache.org/docs/mod/mod_access.html

Basically, you say 'Deny from all Allow from 192.168.0' for the docroot of your username3.
0
 

Author Comment

by:sabecs
ID: 11838080
Thanks for all your help and comments.
0

Featured Post

Survive A High-Traffic Event with Percona

Your application or website rely on your database to deliver information about products and services to your customers. You can’t afford to have your database lose performance, lose availability or become unresponsive – even for just a few minutes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How many times have you wanted to quickly do the same thing to a list but found yourself typing it again and again? I first figured out a small time saver with the up arrow to recall the last command but that can only get you so far if you have a bi…
If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question