EzDevInfo.com

virtualhost interview questions

Top virtualhost frequently asked interview questions

Turn off error and access logs for one virtual host

If I dont set a error log inside a virtual host it will default to the default error/access log. Is there a way to turn this off for one virtual host?


Source: (StackOverflow)

How can I see how much bandwidth each Apache Virtual Host is using?

I have Apache set up to serve several Virtual Hosts, and I would like to see how much bandwidth each site uses. I can see how much the entire server uses, but I would like more detailed reports.

Most of the things I have found out there are for limiting bandwidth to virtual hosts, but I don't want to do that; I just want to see which sites are using how much bandwidth.

This isn't for billing purposes, just for information.

Is there an apache module I should use? Or is there some other way to do this?


Source: (StackOverflow)

Advertisements

How to find all hostnames in DNS attached to one IP?

If I have multiple hosts configured on one machine (a la apache's VirtualHosts), how can I do a lookup on the IP and find all domains configured to reach it?

For example, I have several web and email domains hooked-to my server. How can I find all domains that point to it?

Is it even possible?

I have DNS A entries for all the domains I own, plus I know some friends' domains point to my server. What I'd like to see is if folks I don't know about are pointing there, too. (Or if someone has repointed their domain elsewhere, and I can delete their 'old' website from my server.)


Source: (StackOverflow)

Multiple SSL domains on the same IP address and same port?

This is a Canonical Question about Hosting multiple SSL websites on the same IP.

I was under the impression that each SSL Certificate required it's own unique IP Address/Port combination. But the answer to a previous question I posted is at odds with this claim.

Using information from that Question, I was able to get multiple SSL certificates to work on the same IP address and on port 443. I am very confused as to why this works given the assumption above and reinforced by others that each SSL domain website on the same server requires its own IP/Port.

I am suspicious that I did something wrong. Can multiple SSL Certificates be used this way?


Source: (StackOverflow)

Apache Default/Catch-All Virtual Host?

If I have 3 domains, domain1.com, domain2.com, and domain3.com, is it possible to set up a default virtual host to domains not listed? For example, if I would have:

<VirtualHost 192.168.1.2 204.255.176.199>
DocumentRoot /www/docs/domain1
ServerName domain1
ServerAlias host
</VirtualHost>

<VirtualHost 192.168.1.2 204.255.176.199>
DocumentRoot /www/docs/domain2
ServerName domain2
ServerAlias host
</VirtualHost>

<VirtualHost 192.168.1.2 204.255.176.199>
DocumentRoot /www/docs/everythingelse
ServerName *
ServerAlias host
</VirtualHost>

If you register a domain and point it to my server, it would default to everythingelse showing the same as domain3. Is that possible?


Source: (StackOverflow)

Redirect URL within Apache VirtualHost?

I have a dedicated server with Apache, on which I've set up some VirtualHosts. I've set up one to handle the www domain as well as the non-www domain.

My VH .conf file for the www:

<VirtualHost *>
  DocumentRoot /var/www/site
  ServerName www.example.com
  <Directory "/var/www/site">
    allow from all
  </Directory>
</VirtualHost>

With this .htaccess:

RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_HOST} ^www.example.com [NC]
RewriteRule ^(.*)$ http://example.com/$1 [L,R=301]

Is there a simple way to redirect the www to the non-www version? Currently I'm sending both versions to the same DocumentRoot and using .htaccess but I'm sure I must be able to do it in the VirtualHost file.


Source: (StackOverflow)

How can I tell which config file Apache is using?

I'm trying to set up virtual hosts on Mac OS X. I've been modifying httpd.conf and restarting the server, but haven't had any luck in getting it to work. Furthermore, I notice that it's not serving files in the DocumentRoot mentioned in httpd.conf (Libraries/WebServer/Documents), but in a different directory (/usr/local/apache2/htdocs). I don't see this folder mentioned anywhere in httpd.conf. Furthermore, PHP works, but the "LoadModule php5_module" line is commented out. This makes me think it's using another .conf file. How can I figure out which config is actually being loaded?

Update: I just deleted that httpd.conf and apache behaves the same after restart, so it definitely wasn't using it!


Source: (StackOverflow)

nginx name-based virtual hosts on IPv6

I have an nginx server serving up nearly half a dozen different websites. It's running on a Linode that just got IPv6 native support (Dallas data center), and I'm trying to configure most of my sites for dual-stack operation. I got the first one up and running using an IPv6-only subdomain like so:

server {
    listen [::]:80 ipv6only=on;
    listen 80;

    server_name example.com ipv6.example.com;

    root /var/www/example.com/htdocs;

    #More stuff, including PHP, WordPress
}

This works great -- example.com is IPv4-only (for now), and ipv6.example.com is IPv6-only (primarily there for testing purposes). I can ping6 ipv6.example.com, and even wget ipv6.example.com without breaking a sweat -- this much was pleasantly pain-free (after finding the "gotcha" with the way nginx binds virtual hosts, necessitating the ipv6only=on argument and the dual listen directives).

However, I'm now trying to expand this to support my other domains, starting with static.example.com; when I take the same approach as above, though (the dual listen directives, including the ipv6only=on argument), I get the following error when restarting nginx:

* Starting Nginx Server...
nginx: [emerg] a duplicate listen options for [::]:80 in /etc/nginx/sites-enabled/example.com.conf:3

It seems that perhaps nginx's method of binding for IPv6 doesn't permit name-based virtual hosts? Will I have to get additional IPv6 addresses from my host (not a problem) and use IP-based virtual hosting on IPv6 with named-based virtual hosting over IPv4? Or am I missing a solution that will allow my configurations to remain consistent on both stacks?

I was hoping to have my site fully on the IPv6 stack in time for World IPv6 Day, but unless I can clear this up quickly I may not be ready. Not a big deal from any practical standpoint -- none of my sites qualify as a "major organization" by any stretch of the imagination -- but help me save my geek cred!

Edited to add:

Thanks to the answer from @kolbyjack, I have a fully functional dual-stack web server now. Just for clarity's sake, I'm editing in the solution he gave me so everyone can see clearly what the answer is.

My default catchall vhost has the following listen directives:

listen 80 default_server;
listen 8080 default_server;
listen [::]:80 default_server ipv6only=on;
listen [::]:8080 default_server ipv6only=on;

I don't know if the order matters, but there it is. Then, each additional vhost has the following listen directives:

listen 80;
listen [::]:80;

(Or 8080 for the one that listens on that port instead.) The important part here appears to be the total lack of any additional arguments on all but the default vhost's listen directives -- i.e. no repetition of ipv6only=on.

Again, much thanks to @kolbyjack for the solution here!


Source: (StackOverflow)

How can I solve the apache2 httpd error "mixing * ports and non-* ports with a NameVirtualHost address is not supported"

Here is the error I get when booting up Apache2:

 * Starting web server apache2
 apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
 [Wed Oct 21 16:37:26 2009] [error] VirtualHost *:80 -- mixing * ports and non-* ports with a NameVirtualHost address is not supported, proceeding with undefined results
 [Wed Oct 21 16:37:26 2009] [error] VirtualHost *:80 -- mixing * ports and non-* ports with a NameVirtualHost address is not supported, proceeding with undefined results
 [Wed Oct 21 16:37:26 2009] [error] VirtualHost *:80 -- mixing * ports and non-* ports with a NameVirtualHost address is not supported, proceeding with undefined results
 [Wed Oct 21 16:37:26 2009] [error] VirtualHost *:80 -- mixing * ports and non-* ports with a NameVirtualHost address is not supported, proceeding with undefined results
 [Wed Oct 21 16:37:26 2009] [warn] NameVirtualHost *:80 has no VirtualHosts

I first followed this guide on setting up Apache to host multiple sites:

http://www.debian-administration.org/articles/412

I then found a similar question on ServerFault and tried applying the solution, but it didn't help.

Here is an example of my final VirtualHost config:

<VirtualHost *:80>
    ServerAdmin admin@xxx.com
    ServerName  www.xxx.com
    ServerAlias xxx.com

    # Indexes + Directory Root.
    DirectoryIndex index.html
    DocumentRoot /var/www/www.xxx.com

    # Logfiles
    ErrorLog  /var/www/www.xxx.com/logs/error.log
    CustomLog /var/www/www.xxx.com/logs/access.log combined
</VirtualHost>

with the domain X'd out to protect the innocent :-)

Also, I have the conf.d/virtual.conf file mentioned in the guide looking like this:

NameVirtualHost *

The odd thing is that everything appears to work fine for two of the three sites.


Source: (StackOverflow)

A domain I've never heard of resolves to my website [duplicate]

I've discovered (via looking at mod_pagespeed cache entries) that a completely random domain I've never heard of before is resolving to my website.

If I visit this domain, my website loads. The DNS for that domain is pointing to my server's IP.

Right now in my vhost config I have *:80, which I'm guessing is where I'm going wrong.

I immediately changed this to example.com:80 where example.com is my domain. Assuming this would mean the server would only respond to and fulfil requests for my domain name, rather than any request on port 80.

My original vhost config;

<VirtualHost *:80>
    DocumentRoot "/var/www/example.com"
    <Directory "/var/www/example.com">
        Order allow,deny
        Allow from all
        Allowoverride all
    </Directory>
</VirtualHost>

My new tried config;

Listen 80
ServerName example.com

<VirtualHost example.com:80>
    DocumentRoot "/var/www/example.com"
    <Directory "/var/www/example.com">
        Order allow,deny
        Allow from all
        Allowoverride all
    </Directory>
</VirtualHost>

When I tried to restart apache with the new config I got the following error:

 * Restarting web server apache2 [Fri Mar 28  08:55:47.821904 2014] [core:error] [pid 5555] (EAI 2)Name or service not known: AH00549: Failed to resolve server name for 152.155.254.241 (check DNS) -- or specify an explicit ServerName
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80

Note: The IP beginning 152 in the above error has been slightly edited, but the original wasn't my server's IP address anyway.

Can anyone offer advice on this issue? Is the domain (actually there's a couple) that is resolving to my website innocently just the previous user of the dedicated server, whose DNS is just still pointing to it? How can I resolve the apache virtual host config issue, and any other advice is welcome.

Thanks.


Source: (StackOverflow)

Resolving to virtual host very slow on Mac OS X Lion

Since upgrading to Mac OS X Lion (from Snow Leopard), I have noticed that resolving to a virtual host is very slow (between about 3 seconds). I have found a number of tips (e.g., not using the .local TLD) that might resolve this, but they do not apply to my setup.

My setup is quite simple: - Apache 2 (shipped with Lion) - enabled PHP - added a few virtual hosts - installed Mail and SMTP Pear packages

Apache's hosts file looks like this:

127.0.0.1   localhost
255.255.255.255 broadcasthost
::1             localhost 
fe80::1%lo0 localhost
127.0.0.1   tbi.dev
127.0.0.1   www.tbi.dev
127.0.0.1   test1.tbi.dev
127.0.0.1   test2.tbi.dev
127.0.0.1   psa.dev
127.0.0.1   snd.dev

And Apache's virtual hosts file looks like this:

<VirtualHost *:80>
    DocumentRoot "/Users/Bart/Sites/tbi"
    ServerName tbi.dev
</VirtualHost>

<VirtualHost *:80>
    DocumentRoot "/Users/Bart/Sites/tbi"
    ServerName tbi.dev
    ServerAlias *.tbi.dev www.tbi.dev
</VirtualHost>

<VirtualHost *:80>
    DocumentRoot "/Users/Bart/Sites/psa"
    ServerName psa.dev
</VirtualHost>

<VirtualHost *:80>
    DocumentRoot "/Users/Bart/Sites/sandbox"
    ServerName snd.dev
</VirtualHost>

The setup is basically identical to my setup on Snow Leopard, but Apache's performance for resolving virtual hosts is significantly different. I run Mac OS X Lion 10.7.2, but the issue was already present when running 10.7.1.

This might seem like a small issue, but when you're accessing a virtual hosts a few hundreds of times a day then this adds up to a significant waste of time as you can imagine.


Source: (StackOverflow)

Apache "Client denied by server configuration", despite allowing access to directory (vhost configuration)

in Apache on Ubuntu I've set up a vhost, but in the browser I keep getting a "403 Access forbidden" error; the log says "Client denied by server configuration: /home/remix/".

Looking for the solution online I found many posts about the directory access (Allow from all, etc), but as far as I know I already did that. In httpd-vhosts.conf there is the following code:

NameVirtualHost *:80

<VirtualHost *:80>
    ServerAdmin webmaster@dummy-host.example.com
    DocumentRoot "/opt/lampp/htdocs/"
    ServerName localhost
    ServerAlias localhost
    ErrorLog "logs/dummy-host.example.com-error_log"
    CustomLog "logs/dummy-host.example.com-access_log" common
</VirtualHost>

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    DocumentRoot "/home/remix/"
    ServerName testproject
    ServerAlias testproject
    <Directory "/home/remix/">
        Options Indexes FollowSymLinks Includes ExecCGI
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
</VirtualHost>

I've also added

127.0.0.1    testproject

to the /etc/hosts file.

Also, the /home/remix/ folder contains an index.html file and vhosts are enabled in httpd.conf.

Is there anything I'm not seeing?

Edit: This is the Apache error_log entry:

[Sat Aug 18 09:15:32.666938 2012] [authz_core:error] [pid 6587] 
[client 127.0.0.1:38873] AH01630: client denied by server configuration: /home/remix/

Source: (StackOverflow)

Declaring multiple ports for the same VirtualHosts

Declare multiple ports for the same VirtualHosts:

SSLStrictSNIVHostCheck off
# Apache setup which will listen for and accept SSL connections on port 443.
Listen 443
# Listen for virtual host requests on all IP addresses
NameVirtualHost *:443

<VirtualHost *:443>
  ServerName domain.localhost
  DocumentRoot "/Users/<my_user_name>/Sites/domain/public"
  <Directory "/Users/<my_user_name>/Sites/domain/public">
    Order allow,deny
    Allow from all
  </Directory>

  # SSL Configuration
  SSLEngine on
  ...
</VirtualHost>

How can I declare a new port ('listen', ServerName, ...) for 'domain.localhost'?

If I add the following code, apache works (too much) also for all other subdomain of 'domain.localhost' (subdomain1.domain.localhost, subdomain2.domain.localhost, ...):

<VirtualHost *:80>
  ServerName pjtmain.localhost:80
  DocumentRoot "/Users/Toto85/Sites/pjtmain/public"
  RackEnv development
  <Directory "/Users/Toto85/Sites/pjtmain/public">
    Order allow,deny
    Allow from all
  </Directory>
</VirtualHost>

Source: (StackOverflow)

How to set up multiple websites / virtual hosts on MAMP? [closed]

How do you configure MAMP to manage/host multiple websites at one time for development?


Source: (StackOverflow)

Redirect to SSL only if browser supports SNI

I have Apache 2.2 with mod_ssl and a bunch of sites in HTTPS on the same IP/port with VirtualHosting, so client must support SNI to connect to those virtual hosts.

I would like to configure my server the following way:

When a user types www.dummysite.com and his browser supports SNI (Server Name Indication), any HTTP request is redirected to https:// where an HSTS header is sent. But if the browser doesn't support SNI then the request is served by HTTP.

The above rule, stated as is, is actually a fallback rule for those people that still run old browsers, as Mozilla and Chrome don't have this problem, just to avoid leaving these users out of the site.

I would like to do this redirecting at the Apache config level, perhaps with a filter on the user agent. I wouldn't like to touch running applications except making sure that no direct http:// references are present (otherwise they imply a security warning)

[Edit] (while editing the question I forgot the question): what is the list of SNI-enabled user agents to redirect?


Source: (StackOverflow)