httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Evans <tevans...@googlemail.com>
Subject Re: [users@httpd] VirtualHosts on different ports and trying a non-response when asking to a non-allowed service.
Date Mon, 10 Dec 2012 14:51:45 GMT
On Thu, Dec 6, 2012 at 7:59 PM, Pepe <pepinsoftware@hotmail.com> wrote:
> I have an apache server with 3 virtual host (all DNS work already done):
> http://www1.example.com --> listens on port 80
> http://www2.example.com --> listens on port 80 with required user
> authentication
> https://wwwsecure.example.com --> listens on port 443
> Everyone with different DocumentRoot.
>
> Everything working with "<VirtualHost>" directive
>
> I want that if someone types:
> http://wwwsecure.example.com   (--> request to port 80)
> the client do not receive any answer (like "page not found"). By now, the
> client receives the first virtual host (http://www1.example.com).
> And viceversa, if someone types:
> https://www1.example.com (--> request to port 443) or
> https://www2.example.com
> I would like the client do not receive any answer.
>
> Is this possible?
>
> Thanks.

If www1.example.com, www2.example.com and wwwsecure.example.com all
resolve to the same IP then there is no way to provide different
responses on www1 and www2 than on wwwsecure.

There are a few caveats to that statement however:

1) If you can use the same certificate for all three sites - a
wildcard certificate, or specifying the additional sites in
subjectAltName in the certificate - then you can produce a different
response after the SSL request has been decrypted. Keywords:
"subjectAltName SSL httpd"

2) If you can use SNI - your server, SSL libraries and all clients
support SNI - you can use name based virtual hosting. Keywords:"SNI
SSL httpd"

If you can't do either of those things, my original statement stands.

Cheers

Tom

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message