Posts Tagged ‘name-based’

How to setup Apache HTTP and HTTPS virtual hosts

Virtual hosting is a way of hosting several servers on a single machine. This technique is widely used in shared web hosting, because it greatly reduces hosting costs, since multiple customers use one server.

There are three types of virtual hosting:

  • Name-based – when the virtual hosts is determined by its domain. A problem with this approach is that it is completely dependent on the DNS.
  • IP-based – when each site is differentiated via his IP. A natural complication is that this requires a different IP for each site.
  • Port-based – when each site is described with the same domain, but different port. Naturally, the problem that users don’t generally use ports arises. Additionally, some firewalls block uncommon ports.

Using Apache, we will setup two name-based virtual hosts – an HTTP one and an HTTPS one. Both will work on the standard ports 80 for HTTP and 443 for HTTPS. Naturally we will see how to set port-based hosts.

Note: This tutorial assumes standard file places and settings for Apache on CentOS.

Note: The goal of this tutorial is not to provide extensive knowledge on configuring virtual hosts, but to provide a general-purpose working configuration. For more find-tuned configurations refer to the Apache documentation on virtual hosts.

We assume that <domain> is the domain for our virtual host. In the httpd/conf.d directory (usually /etc/httpd/conf.d) create a file called <domain>.conf

Note: It is not necessary to call your file <domain>.conf, but it’s a sort of a convention and makes editing hosts easier. The file for the HTTP virtual host should contain:

# <domain> HTTP Virtual Host
<VirtualHost *:80>
    # General
    ServerAdmin <administrator_e_mail>
    DocumentRoot /var/www/html/<domain>
    ServerName www.<domain>
    ServerAlias <domain>
 
    # Logging
    ErrorLog logs/<domain>-error_log
    CustomLog logs/<domain>-access_log common
</VirtualHost>

<administrator_e_mail> is the e-mail of the site administrator. After you set this file restart the HTTP Server daemon:

service httpd restart

To setup an HTTPS virtual host, again create the <domain>.conf file in the /httpd/conf.d. Again we assume <domain> is the domain-name:

# <domain> HTTPS Virtual Host
<VirtualHost *:443>
    # General
    ServerAdmin <administrator_e_mail>
    DocumentRoot /var/www/html/<domain>
    ServerName www.<domain>
    ServerAlias <domain>
 
    # Logging
    ErrorLog logs/<domain>-ssl_error_log
    TransferLog logs/<domain>-ssl_access_log
    CustomLog logs/<domain>-ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
    LogLevel warn
 
    # SSL Engine
    SSLEngine on
 
    # SSL Protocol
    SSLProtocol all –SSLv2
 
    # SSL Cipher Suite
    SSLCipherSuite LL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
 
    # Server Certificate
    SSLCertificateFile <path_to_certificate>
 
    # Server Private Key
    SSLCertificateKeyFile <path_to_private_key>
 
    # SSL Engine Options
    <Files ~ "\.(cgi|shtml|phtml|php3?)$">
        SSLOptions +StdEnvVars
    </Files>
    <Directory "/var/www/cgi-bin">
        SSLOptions +StdEnvVars
    </Directory>
 
    # SSL Protocol Adjusments
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown owngrade-1.0 force-response-1.0
</VirtualHost>

Of course, after setting this, restart the HTTP daemon:

service httpd restart

It is easily noticeable, that you can setup port-based virtual hosts quite easy, by using the same domain, but different ports in the .conf file.

Naturally this tutorial is not exhaustive, as such tutorial will be pretty much equal to documentation (which you can find here).

VN:F [1.9.18_1163]
Rating: 7.0/10 (2 votes cast)