httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From b...@kanka.de
Subject Re: [users@httpd] Alias-ed directory appears on multiple virtual hosts
Date Wed, 08 Dec 2010 12:55:34 GMT
Hello,

On 08.12.2010 13:45, Tom Evans wrote:
>> .. but at this point apache knows that there is something wrong with the
>> request or the configuration, and should throw an error instead of serving
>> the wrong data.
>
> Typically, you don't even get to that point. Most browsers will throw
> a fit if they request www.hostb.com and are served certificates for
> www.hosta.com.

And the experienced user has seen these warnings often, so he regularly 
clicked on "I understand the risks" and accepted the ssl session anyway - and 
it's even wiser in most cases to do because mostly you're better off (in web 
2.0 services for example) with an encrypted transfer and non-secure identity 
than with both non-secure...

> The best way to avoid this problem is not dummy vhosts, it is to not
> serve multiple websites from the same IP ...

In an ideal world, yes.
But in this world the number of available IPs is restricted, whereas the quest 
for new domains seems endless.
".. over 240 Million active and deleted domains in the .com .net .org .biz 
.info .mobi .asia .ie .eu .de .co.uk Top Level Domains.."
( http://www.hosterstats.com )

> ... if you intend on handling SSL
> for any one of those websites and not the others. SSL sites that share
> a certificate (eg, if you have a wildcard certificate) are fine to
> share an IP.

If there is exactly one SSL site a wildcard cert is not needed and makes 
little sense IMHO.

/ Bernd

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message