httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Darrel Austin <>
Subject Re: Port-based Virtual Hosts
Date Tue, 15 Jan 2002 16:15:00 GMT
> It's not to do with security - just separating web-sites: For example,
> you might have a production web site accessible on port 80 and connected
> to the web via a FW and a development version of the site on port 8000
> accessible only internally (the FW blocks access to 8000 form the web).
> So you can make changes to the development files and review them on port
> 8000 before checking them out on the production site.

Ah. That makes sense.

> - You have two separate machines which contain two separate sites.


> For
> whatever reason, you cannot combine the content on a single server.

I could, of course. But we wanted to do this just to be able to play with
two servers (these are old machines, and we thought splitting the loads
wouldn't hurt). I KNOW that there is a better way to do this...switch ISPs
to one that provided multiple IPs. ;)

> - You have one external IP address to which both domain names are
> assigned.


> - You want to distinguish between the two sites...


> Clearly straight name-based VH-ing will not work because the sites are
> on different machines.


> Port-based will kind-of work with the router setup you defined above but
> the problem is that your URLs will be like http://domain1/ and
> http://domain2:8080/ which is ugly, but worse, might not work in some
> locations if an intermediate FW blocks non-standard ports like 8080.

I wouldn't necessarily mind this. I'd be OK with that. The catch is, I'm not
sure how to get http://domain2:8080 to show up. If I just send people to
domai2:8080, would server 2, simply by listening to port 8080, know that it
belongs to it? And, if so, would I then just set up port-based VHs on server

> Coming back to NBVHing, using a redirect or rewrite [R] for the second
> site is cleaner (the user types in "domain2" but gets redirected to
> "domain2:8080") but still suffers from the risk of FW-blocking.

This would be even better. An HTML redirect was what I was thinking (what is
a rewrite?). If I did this, would I set up a VH on server one to accept to point to a page that redirects to and then
have a port-based VH on server two?

> I'm not an expert on mod_proxy so RTFM thoroughly before going live but
> then the idea would be that server 1 would carry your external IP
> address and receive the requests but go to server 2 (which would carry
> an internal IP address) for domain2 data. Server 2 would just serve a
> single site with no need for NBVHing.

Wow. Sounds like I might have some fun figuring that out. ;o) If I go that
route, it sounds like server 1 would have to live outside of the router, and
server 2 would sit behind the router.

I might ponder this for a day or so and then I might just break down and get
a second IP address. ;)

Thanks, Owen!


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message