• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 138
  • Last Modified:

Doubt about VirtualHosts on Apache

Hi.

I have an apache 2 server over linux with two sites configured by name-based virtual hosts.
Also I have a default web site so when a user access to the webserver without using any of the two names of the sites it appears a default web page. For all this configurations I'm using *:80 as configuration on apache virtualhosts.

Now I have added a new IP address to this server and I would like to add a diferent web site by using this IP. How should I configure the server for making this IP going to a different folder but maintain all the rest of configuration? Should I replace the * by the old IP or maybe is there a way to make the IP-rule execute before the * rule?

Thanks.
0
gplana
Asked:
gplana
  • 13
  • 11
  • 2
  • +3
3 Solutions
 
Jan SpringerCommented:
You'll add that IP as (i.e.) ifcfg-eth0:0 (don't configure the gateway)

When DNS is configured to point to that IP, the proper virt host container will handle the action as long as you have:

<Virtualhost *:80>

or whatever port you're using.
0
 
Dave BaldwinFixer of ProblemsCommented:
Below is the format I use for all of my Virtual Hosts files on my Ubuntu system.  I did not have to modify the 'eth0' setup, Apache does it when it reboots.  If you are using a different 'ethx' you might have to do something different.

NameVirtualHost 10.202.46.98
<VirtualHost 10.202.46.98>
     ServerAdmin webmaster@localhost
     ServerName aaa
     DocumentRoot /var/www/aaa/
     <Directory /var/www/aaa/>
         Options Indexes FollowSymLinks MultiViews
         AllowOverride None
         Order allow,deny
         allow from all
     </Directory>

     ErrorLog /var/log/apache2/error.log

     # Possible values include: debug, info, notice, warn, error, crit,
     # alert, emerg.
     LogLevel warn

     CustomLog /var/log/apache2/access.log combined
     ServerSignature On

</VirtualHost>

Open in new window

0
 
gplanaAuthor Commented:
My question is: if I have more than one IP address on my server, can I configure one IP to a site, and the rest to another site? I mean, is it possible to put an IP and an asterisc ? How can we put more weight on the IP than on the * so the * is used as "default", i.e. is it used just if no other rule applies?
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
Dave BaldwinFixer of ProblemsCommented:
I have about 7 IPs on my Ubuntu server but there are all setup like above except for the default site.  I don't know what you think 'weight' means.  If you only have one site at a different IP address, then that is the only site that will appear at that IP address.  All the rest will appear at the default machine IP address.
0
 
shalomcCTOCommented:
Place to IP specific vhost before the default * , like this

<Virtualhost 10.1.1.1:80>
....
</Virtualhost>


<Virtualhost *:80>
....
</Virtualhost>

Open in new window

0
 
gplanaAuthor Commented:
Thank you for your answer shalomc.
Yes, this is what I need, however, shouldn't I put every site at a different file on sites-available (and then create a link on sites-enabled by using a2ensite) ?

If so, how can I teach apache to load one file before another?
0
 
Dave BaldwinFixer of ProblemsCommented:
shouldn't I put every site at a different file on sites-available (and then create a link on sites-enabled by using a2ensite) ?
Yes.  You don't need to teach Apache anything about loading the files.
0
 
gplanaAuthor Commented:
Dave, I need to force the IP configured site be loaded first in order to make its rules with more priority than the default site (which has an asterisk (*) as its IP. The question is how to force the order of loading the site-enabled files.
0
 
Dave BaldwinFixer of ProblemsCommented:
Why do you think that?  Have you tried it the 'normal' way?  There is no priority when the site has a different IP address.  The site with the specified IP address should be the only one to respond to that IP address.  At least that the way it works here.
0
 
gplanaAuthor Commented:
Dave, if you have a file with the specific IP, and another file with an asterisk as IP (which match any IP) then both files matches. Imagine that these files have configured the DocumentRoot at different folders. How can Apache decide which is the one? I have read first rule is that get more priority in case of conflict...

Hope my question is clear now.
0
 
Dave BaldwinFixer of ProblemsCommented:
an asterisk as IP (which match any IP)
That is misleading.  The server only listens on the machine IP address with '*'.  It just means that you don't have to specify it.  The virtual host with a specific IP address will only show up when you go to that address.  They don't get confused.

I have two Ubuntu servers here.  One has 9 IP based virtual hosts and the other has 7 in addition to the default site with '*' for the address.  I don't have any problems.  Apache seems to figure it out just fine without me doing anything about the 'loading order'.
0
 
gplanaAuthor Commented:
Sorry Dave but I think you don't get it.

Imagine I have one file with this configuration:

<Virtualhost 10.1.1.1:80>
   DocumentRoot /var/www/aaa/
   ...
</Virtualhost>

Open in new window


and another file with this configuration:

<Virtualhost *:80>
   DocumentRoot /var/www/zzz/
   ....
</Virtualhost>

Open in new window


If I go to http://10.1.1.1 which application will be shown? aaa or zzz ? It depends on the order the files are loaded, don't it?
0
 
Dave BaldwinFixer of ProblemsCommented:
No, it doesn't.  I am sitting here at my Ubuntu system.  Debian is similar, CentOS is Not.  The last two lines in 'apache2.conf' are:
# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/

Open in new window


This is my 'sites-enabled' directory.  You can see that there is nothing that forces any particular order.  At least none that I can find.
sites-enabled
I just configured an IP based Virtual Host on my CentOS sytem and it is done differently and was a pain in the pattootie.  It's all done in 'httpd.conf' and I had to add the IP address to the network configuration separately which I did not have to do with Ubuntu.  At least I don't remember doing it!!
0
 
gplanaAuthor Commented:
I'm doing some tests. I think files on sites-enabled are loaded in alphabetical order. I will test it and let you know.
0
 
Dave BaldwinFixer of ProblemsCommented:
I have no idea about the order.  The order in which they are listed is because of the file viewer, not because of any 'natural' order.  It is almost impossible to get the 'natural order' of the files in any modern file viewer on any system.  They always sort them for viewing.
0
 
Dave BaldwinFixer of ProblemsCommented:
I'm done for tonight.  I'll check in again tomorrow.
0
 
gplanaAuthor Commented:
I have made a couple of tests. It looks that no matter what is the name of the file, it applies the IP rule first. Maybe apache is inteligent and when there is a conflict of rules it applies the most restrictive?

The important thing is that it seems to work now, but I would like to understand. I have looked at some documentations but I haven't found this explained...
0
 
Daniel McAllisterPresident, IT4SOHO, LLCCommented:
The order the files are loaded are the order any includes are executed.

That said, when you include an entire folder, the results are indeed in lexical order (not quite alphabetical). (In other words, CAPS come before lower case)... this is a Linux/UNIX thing, not an APACHE thing.... on a Windows server (yes, you can run apace on Windows), they would be in true alphabetical order (if not creation order).

So, Apache loads the rules in the order in which they appear while reading the config files. Then, the FIRST virtualhost entry that matches an inquiry should be one used -- there is no "intelligence" involved -- kinda like looking for your lost sock -- as soon as you find a match, you go with it... you don't keep looking to perhaps find a better matching sock!

Thus if you have:
   <Virtualhost *:80>
      Website A
   </Virtualhost>
before you have
   <Virtualhost 192.1.1.1:80>
      Website B
   </Virtualhost>

A request coming in on IP address 192.1.1.1:80 will still load Website A (because it matches the *:80 first).
Simply reverse the order, and you'll get the desired result.... that is, put
   <Virtualhost 192.1.1.1:80>
      Website B
   </Virtualhost>
before you have
   <Virtualhost *:80>
      Website A
   </Virtualhost>

And NOW you'll have the preferred behavior.

NOTE: This is why you need to be careful where you load your files -- in general, load them MOST restrictive FIRST, and your default must be LAST.

I hope this helps...

Dan
IT4SOHO
0
 
gplanaAuthor Commented:
Thanks it4soho. But in my case website B is loaded even if I rename the file to go after 000default (on site-enabled folder). It seems to run always the more restrictive rule, even if I force the reload of apache (service apache2 reload) and empty the cache on the browse in client machine.

Why could this be happening?
0
 
Dave BaldwinFixer of ProblemsCommented:
On my CentOS Apache 'httpd.conf', it says the exact opposite, to put the '*' entry before the IP entry.  On my Ubuntu system, it seems to load the virtual host files and figure it out so they come up where and when they should.
0
 
Daniel McAllisterPresident, IT4SOHO, LLCCommented:
I will avoid making any remarks about working differently on one version of Linux vs. another. If you're using Apache httpd, the behavior is the same -- only the config files are different (and they, naturally, set the behavior).

Per http://stackoverflow.com/questions/5474477/how-to-debug-an-apache-virtual-host-configuration, I suggest looking at the output of what the SERVICE says it has read as its configuration. Often, a simple syntax error changes what WE (as humans) think we're setting up, vs what IT (the computer) thinks we're setting up.... and getting the computer to share it's version of the configuration (sans comments and human-readable distractions) often reveals the disconnect.

In your case, that's probably simply running httpd -S

Dan
0
 
gplanaAuthor Commented:
I'm in debian, and no httpd.conf file on my apache (I'm running apache2, not apache). https -S says the command is not recognized.
0
 
Dave BaldwinFixer of ProblemsCommented:
Debian is like Ubuntu and uses 'apache2.conf' and 'apache2 -S' will display the virtual hosts.

CentOS and Redhat will have 'httpd.conf' and 'httpd -S' will display the virtual hosts on them.

Yes, I just checked that on both systems.
0
 
gplanaAuthor Commented:
It says: apache2: bad user name ${APACHE_RUN_USER}
0
 
Dave BaldwinFixer of ProblemsCommented:
Please post the entire message.  That isn't enough.  You did use a capital S right?
0
 
gplanaAuthor Commented:
Sorry but after:
 apache2 -S

Open in new window

it says:
 apache2: bad user name ${APACHE_RUN_USER} 

Open in new window

That's all
0
 
serialbandCommented:
For a one time deal you just need to set the environment variable.

export APACHE_RUN_USER=www-data
export APACHE_RUN_GROUP=www-data


You'll should edit /etc/apache2/apache2.conf and add:

User www-data
Group www-data


Then edit /etc/apache2/envvars and add

APACHE_RUN_USER=www-data
APACHE_RUN_GROUP=www-data
0
 
Dave BaldwinFixer of ProblemsCommented:
This page http://ubuntuforums.org/showthread.php?t=804436 may explain what you are seeing and what @serialband is saying.  On my Ubuntu system, my 'normal' user is set up as a 'superuser' or admin so I don't see that problem.  This might work:

sudo apache2 -S
0
 
Dave BaldwinFixer of ProblemsCommented:
So I fired up my Ubuntu and CentOS systems again.  Seems Ubuntu uses 'www-data' for the Apache user and CentOS uses 'apache' for the Apache user.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

  • 13
  • 11
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now