Tutorials in ‘Web servers’ Category

How to setup Apache HTTP and HTTPS virtual hosts

Virtual hosting is a way of hosting several servers on a single machine. This technique is widely used in shared web hosting, because it greatly reduces hosting costs, since multiple customers use one server.

There are three types of virtual hosting:

  • Name-based – when the virtual hosts is determined by its domain. A problem with this approach is that it is completely dependent on the DNS.
  • IP-based – when each site is differentiated via his IP. A natural complication is that this requires a different IP for each site.
  • Port-based – when each site is described with the same domain, but different port. Naturally, the problem that users don’t generally use ports arises. Additionally, some firewalls block uncommon ports.

Using Apache, we will setup two name-based virtual hosts – an HTTP one and an HTTPS one. Both will work on the standard ports 80 for HTTP and 443 for HTTPS. Naturally we will see how to set port-based hosts.

Note: This tutorial assumes standard file places and settings for Apache on CentOS.

Note: The goal of this tutorial is not to provide extensive knowledge on configuring virtual hosts, but to provide a general-purpose working configuration. For more find-tuned configurations refer to the Apache documentation on virtual hosts.

We assume that <domain> is the domain for our virtual host. In the httpd/conf.d directory (usually /etc/httpd/conf.d) create a file called <domain>.conf

Note: It is not necessary to call your file <domain>.conf, but it’s a sort of a convention and makes editing hosts easier. The file for the HTTP virtual host should contain:

# <domain> HTTP Virtual Host
<VirtualHost *:80>
    # General
    ServerAdmin <administrator_e_mail>
    DocumentRoot /var/www/html/<domain>
    ServerName www.<domain>
    ServerAlias <domain>
    # Logging
    ErrorLog logs/<domain>-error_log
    CustomLog logs/<domain>-access_log common

<administrator_e_mail> is the e-mail of the site administrator. After you set this file restart the HTTP Server daemon:

service httpd restart

To setup an HTTPS virtual host, again create the <domain>.conf file in the /httpd/conf.d. Again we assume <domain> is the domain-name:

# <domain> HTTPS Virtual Host
<VirtualHost *:443>
    # General
    ServerAdmin <administrator_e_mail>
    DocumentRoot /var/www/html/<domain>
    ServerName www.<domain>
    ServerAlias <domain>
    # Logging
    ErrorLog logs/<domain>-ssl_error_log
    TransferLog logs/<domain>-ssl_access_log
    CustomLog logs/<domain>-ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
    LogLevel warn
    # SSL Engine
    SSLEngine on
    # SSL Protocol
    SSLProtocol all –SSLv2
    # SSL Cipher Suite
    # Server Certificate
    SSLCertificateFile <path_to_certificate>
    # Server Private Key
    SSLCertificateKeyFile <path_to_private_key>
    # SSL Engine Options
    <Files ~ "\.(cgi|shtml|phtml|php3?)$">
        SSLOptions +StdEnvVars
    <Directory "/var/www/cgi-bin">
        SSLOptions +StdEnvVars
    # SSL Protocol Adjusments
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown owngrade-1.0 force-response-1.0

Of course, after setting this, restart the HTTP daemon:

service httpd restart

It is easily noticeable, that you can setup port-based virtual hosts quite easy, by using the same domain, but different ports in the .conf file.

Naturally this tutorial is not exhaustive, as such tutorial will be pretty much equal to documentation (which you can find here).

VN:F [1.9.18_1163]
Rating: 7.0/10 (2 votes cast)

How to use mod_deflate in Apache to optimize site speed

On April 9-th 2010 Google announced that the load speed of a website will be a key component in the new page rank generation formula. As a professional server administrator I have decided to test our webserver performance if we will be able to fit the new rules and keep our page rank. Of course I was not seeing any particular issue with the site speed but in google webmaster tools I had a very scary message and graph of the site speed. Read the rest of this entry »

VN:F [1.9.18_1163]
Rating: 0.0/10 (0 votes cast)

Apache Domain Set

In this tutorial I will show you how you can attach your domain with apache and create a subdomain.

Which is the first and most important – to have a real IP address
Once you have a real IP address and domain you just bought shifting DNS servers from the domain control panel with your real IP. So much better but now comes the hard part for me personally that I created many problems but I made it. Open Apache httpd.conf, find the following lines: Read the rest of this entry »

VN:F [1.9.18_1163]
Rating: 1.6/10 (11 votes cast)

Strip SSL with Apache mod_proxy part two

Greetings, reader.

This tutorial is the second part of the setup instructions how to Strip SSL part of a request with Apache mod_proxy. Lets remind you what the situation was. We have server A which has SSL support and can handle the initial request. Then we have server B which is supposed actually to handle the request but doesn”t support SSL. The goal is to relay the request which landed on Server A and to pass it to Server B

You can read the first part of the tutorial here Strip SSL with Apache mod_proxy part one

So the first part ended up with configuring a virtual host to handle HTTP request on Server A.

Now we need to configure a virtual host to handle HTTPS requests. Open /usr/local/apache2/conf/extra/httpd-ssl.conf with your favorite editor.

Read the rest of this entry »

VN:F [1.9.18_1163]
Rating: 5.5/10 (2 votes cast)

Strip SSL with Apache mod_proxy part one

Today I have faced a challenging situation. I needed to strip SSL from HTTP request to on of our servers platform and send it to another server without SSL. We use little tip as using Apache mod_proxy to implement this functionality.


We need to have apache with:

1. DSO support compiled (with mod_proxy support)
2. SSL certificate
3. configuration for Virtual Hosting
4. configuration for mod_proxy

By default our apache installations are with version 2.2.3 and we have support for DSO, this means if we have mod_proxy compiled for Apache 2.2.3 we can use without recompiling Apache from source and just put it in /usr/local/apache2/modules . If you need to compile new Apache instance we need to use configure options as follow: Read the rest of this entry »

VN:F [1.9.18_1163]
Rating: 0.0/10 (0 votes cast)