httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Charles Sprickman <sp...@bway.net>
Subject [users@httpd] Port-based vhosts
Date Tue, 10 Mar 2009 01:24:39 GMT
Hello all,

I've got "port-based" virtual hosting working, but am having some 
difficulties with enforcing the creation of proper self-referential URLs.

In short, I'm using a scheme in one place (and hopefully others) where I 
have multiple virtual private servers that only have one public IP. 
However the host has multiple public IPs.  There are numerous reasons why 
I'm doing this, but one important one is that the IP mapping from the main 
host to the virtual private servers makes it easier to change IP->VPS 
mappings - a change in firewall config is much easier (and has less 
downtime) than switching VPS IPs around.  Name-based virthosting is not 
desired (yes, it would work, yes what browsers don't send host headers, 
etc. - but this is what we're contracted to provide).

So on the host, I redirect requests with "pf".  So if a request comes to 
IP x.x.x.2, port 80, the firewall redirects it to x.x.x.30 port 8030.  If 
a request comes to IP x.x.x.3, port 80, it redirects to x.x.x.30 port 
8031, etc.

In the VPS, apache is configured without name-based virtual hosting.

I set it to listen on multiple ports:

Listen x.x.x.30:8030
Listen x.x.x.30:8031

Then virtual host blocks for each host:

<VirtualHost x.x.x.30:8030>
  ServerName www.foo.com
  DocumentRoot /var/www/foo.com
</VirtualHost>

<VirtualHost x.x.x.30:8031>
  ServerName www.bar.com
  DocumentRoot /var/www/bar.com
</VirtualHost>

I also put a catchall virthost at the top to catch config errors, etc.

So in short, this does work, until I get into the murky area of keeping 
the URL consistent in the browser.  For example, let's take "www.foo.com". 
I always want visitors to see "www.foo.com" in the browser URL field.  If 
I set "UseCanonicalName On" in the virthosts, the ServerName seems not to 
be enforced like it is with traditional IP or name-based hosting.  If I 
point "giantpornstash.blah.com" at the IP that "www.foo.com" resolves to, 
the user will browse the site with "giantpornstash.blah.com" in the 
browser address field.  It is my (limited) understanding that this should 
not happen with the ServerName and UseCanonicalName settings properly 
configured, and basically can't happen with Name-based virthosts (host 
header doesn't match).

What am I missing?  I suspect there's some issue here that is DNS-related 
in that apache is unaware of the IP->port trickery the firewall is using. 
Perhaps it sees that the IP each ServerName maps to is not the IP it's 
listening on?  I've been over the virthost and "dns problems" sections of 
the docs, and what I'm doing is not clearly addressed.

So I guess my questions are two:

-Is port-based virtual hosting officially supported?
-How can I enforce setting the proper hostname in this scenario?

I am quite enamored with this method for a number of projects I'm working 
on as it addresses some fundamental shortcomings in the VPS implementation 
I'm using.

Thanks,

Charles

ps - in case you're wondering why the name is important, it mainly has to 
deal with Joomla, and specifically with what data (provided by the browser 
request) is cached when Joomla's caching plugin is enabled.  It's *very* 
easy to "poison" this cache with the wrong URL, leading to menus that 
point to places other than your site...

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message