Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

I have two named websites that I want to serve from the same machine using apache (www.firstsite.com and www.secondsite.com).  One site is to be externally accessible, in other words, you could get t

Posted on 2008-10-05
13
Medium Priority
?
395 Views
Last Modified: 2013-11-30
I have two named websites that I want to serve from the same machine using Apache on Windows XP (www.firstsite.com and www.secondsite.com).  One site is to be externally accessible, in other words, viewable from anywhere on the Internet.  The other site is to be accessible only on the local machine.  

It sounds simple, but I've tried a million ways from sunday and can't get it to work right.  What's the best way to do this?

Thanks
0
Comment
Question by:jacobs4020
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
13 Comments
 
LVL 5

Expert Comment

by:libin_v
ID: 22646153
You add an entery in the hosts file

Linux ( /etc/hosts )
127.0.0.1                  localhost              www.secondwebsite.com

Windows ( c:\windows\system32\drivers\etc\hosts )
127.0.0.1                   www.secondwebsite.com

The use virtual host configuration. Refer http://httpd.apache.org/docs/1.3/vhosts/name-based.html
 NameVirtualHost *

    <VirtualHost *>
    ServerName www.firstwebsite.com
    DocumentRoot /www/first
    </VirtualHost>

    <VirtualHost *>
    ServerName www.secondwebsite.com
    DocumentRoot /www/second
    </VirtualHost>
0
 
LVL 4

Expert Comment

by:urgoll
ID: 22650760
To make sure I'm covering all the bases, can you provide which version of Apache you are using ? I'm going to suppose it's version 2.0 for the rest of this email.

The snippet provided by libin_v aboive will configure the two virtualhosts you want using the servername as discriminent. This means that DNS (or any other naming scheme) must be correctly setup for this to work, as web clients will specify which hostname they want to contact in the "Host: " header, which apache will match against the ServerName and ServerAlias directives.

What the snippet does not is to take care of access control. Since the second  site is to be accessible only from the local machine, you need to prevent access from other places. In addition to the /etc/hosts modification presented above, you  need an "Allow" statement. Should you need to access it from other places, you can allow additional subnets.

Please refer to Apache's documentation for the meaning of those statements.


Hope this helps,
Christophe
NameVirtualHost *
 
<VirtualHost *>
   ServerName www.firstwebsite.com
   ServerAlias firstwebsite.com
   DocumentRoot /www/first
</VirtualHost>
 
<VirtualHost *>
   ServerName www.secondwebsite.com
   ServerAlias secondwebsite.com
   DocumentRoot /www/second
   Order allow,deny
   allow from 127.0.0.1
</VirtualHost>

Open in new window

0
 

Author Comment

by:jacobs4020
ID: 22651635
I get an error from Apache saying that Order isn't allowed in that spot.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:jacobs4020
ID: 22651643
I got an error saying that "Order" is not allowed at that spot.
0
 
LVL 4

Accepted Solution

by:
urgoll earned 500 total points
ID: 22651674
MY bad. Let's try this :
<VirtualHost *>
   ServerName www.firstwebsite.com
   ServerAlias firstwebsite.com
   DocumentRoot /www/first
   <Directory /www/first>
      Order allow,deny
      allow from all
   </Directory></VirtualHost>
 
<VirtualHost *>
   ServerName www.secondwebsite.com
   ServerAlias secondwebsite.com
   DocumentRoot /www/second
   <Directory /www/second>
      Order allow,deny
      allow from 127.0.0.1
   </Directory>
</VirtualHost>

Open in new window

0
 

Author Comment

by:jacobs4020
ID: 22654247
OK.  I've made the suggested changes.  My local-view-only site (www.secondsite.com) works fine.  It's accessible on my machine and not accessible from the outside.  My external view site i(www.firstsite.com) is accessible from other machines within my lan.  BUT....when accessed from outside the lan,  the index page appears to load, but it's blank.  There are no error messages or timeouts, just white space.  I tried changing the index page to something really simple (just test text), but the problem persists.  What's that about?
0
 
LVL 4

Expert Comment

by:urgoll
ID: 22655690
Can you look at the access_log and error_log files and see if there are entries related to your accessing the first site from outside of your LAN ? Off the top of my head, I can't see anything different between accessign from within and without your LAN.

If you are able to do a snoop/tcpdump on the server port 80 while accessing your firstsite from outside your LAN, it would help to look at the HTTP conversation.

Regards,
Christophe
0
 

Author Comment

by:jacobs4020
ID: 22656105
I've been using an anonymous proxy (www.hidemyass.com) to see how my site looks from the outside.  Thinking the blank page might be a problem with the proxy, I've used 2 or 3 others, but with the same result, so I don't think it's the proxy.  The access log shows the IP of the proxy, time/date, and then "GET / HTTP/1.0" 200 1174.  There is no corresponding entry in the error log.  

When I access the site from inside my lan, the access log shows the localhost IP, time/date, and then "GET /favicon.ico HTTP/1/1" 404 209.  In this case, there is a corresponding entry in the error log indicating that favicon.ico couldn't be found.  Until a couple of minutes ago, I didn't know what favicon.ico was, but now that I know, I can't see that would be a problem.  And, in this case (inside the lan) I can see the page just fine.

I'll be happy to do the snoop/tcpdump if you can tell me how to do it.

Thanks for your help.
0
 
LVL 4

Expert Comment

by:urgoll
ID: 22656136
Sure: as root:
# iptrace -a -i en1 -b  -p 80 trace.out

this assumes that your network interface is en1 - replace as necessary. Once it runs, do your network access, then CTRL-C when done. This will create a file named trace.out that you can post. I hope this works, I don't have access to an AIX server to confirm, this is from reading the man page on the 'net.
0
 

Author Comment

by:jacobs4020
ID: 22656231
Sorry.  I should have mentioned that I'm running XP Pro, not Linux.  Iptrace is a unix command right?
0
 
LVL 4

Expert Comment

by:urgoll
ID: 22656506
Yes, it is a Unix command. I have no expertise with Windows, but apparently this KB can point you in the right direction to generate a packet trace:

http://support.microsoft.com/kb/148942

Hopefuly this will work for you and you can post the resulting file.
0
 

Author Comment

by:jacobs4020
ID: 22661359
It turns out that it was a firewall problem.  I have Zonealarm free running and have the XP firewall disabled via the Security Center.  Apparently some vestiges of the XP firewall remain operational even when it is supposedly turned off.  I found a registry tweak to it off for good, and now the site is accessible externally.

Thank you for your help.
0
 

Author Closing Comment

by:jacobs4020
ID: 31503250
Many thanks for your competent help.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
This program is used to assist in finding and resolving common problems with wireless connections.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question