Enabling SSL on VirtualHosts Revisited

--000e0cd1100030c35f047b0261b7
Content-Type: text/plain; charset=ISO-8859-1

There's a problem with the 2 VirtualHost entries I had to add for SSL. Now
every request to httpd is being handled by these VirtualHosts, even requests
for with hostnames that don't match them.

Here's my current config:

<VirtualHost *>
ServerName blah.mysite.com
...

<VirtualHost foo.mysite.com:80>
ServerName foo.mysite.com
...

<VirtuaHost foo.mysite.com:443>
ServerName foo.mysite.com
...
SSL stuff

<VirtualHost *>
ServerName bar.othersite.com
...

Since added the 2 for foo.mysite.com, EVERY request is handled by
foo.mysite.com, even those for blah.mysite.com and bar.mysite.com. Even
after changing the first one to <VirtualHost blah.mysite.com:80>, httpd
would still try to use foo.mysite.com for http://blah.mysite.com/test.html!
!!

Any ideas?

httpd 2.2

--000e0cd1100030c35f047b0261b7
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

There's a problem with the 2 VirtualHost entries I had to add for SSL.=
=A0 Now every request to httpd is being handled by these VirtualHosts, even=
requests for with hostnames that don't match them. Here's m=
y current config: 
 <VirtualHost *> =A0=A0=A0 ServerName <a href=3D"http://blah.my=
site.com">blah.mysite.com</a> =A0=A0=A0 ... <VirtualHost <a hr=
ef=3D"http://foo.mysite.com:80">foo.mysite.com:80</a>> =A0=A0=A0 Serv=
erName <a href=3D"http://foo.mysite.com">foo.mysite.com</a> 
=A0=A0=A0 ... <VirtuaHost <a href=3D"http://foo.mysite.com:443">f=
oo.mysite.com:443</a>> =A0=A0=A0 ServerName <a href=3D"http://foo.mys=
ite.com">foo.mysite.com</a> =A0=A0=A0 ... =A0=A0=A0 SSL stuff =
<VirtualHost *> 
=A0=A0=A0 ServerName <a href=3D"http://bar.othersite.com">bar.othersite.com=
</a> =A0=A0=A0 ... Since added the 2 for <a href=3D"http://foo.my=
site.com">foo.mysite.com</a>, EVERY request is handled by <a href=3D"http:/=
/foo.mysite.com">foo.mysite.com</a>, even those for <a href=3D"http://blah.=
mysite.com">blah.mysite.com</a> and <a href=3D"http://bar.mysite.com">bar.m=
ysite.com</a>.=A0 Even after changing the first one to <VirtualHost <a h=
ref=3D"http://blah.mysite.com:80">blah.mysite.com:80</a>>, httpd would s=
till try to use <a href=3D"http://foo.mysite.com">foo.mysite.com</a> for <a=
href=3D"http://blah.mysite.com/test.html!">http://blah.mysit e.com/test.htm=
l!</a>!! 
 Any ideas? httpd 2.2 

--000e0cd1100030c35f047b0261b7--

Jonathan Mast wrote:
> There's a problem with the 2 VirtualHost entries I had to add for SSL. Now
> every request to httpd is being handled by these VirtualHosts, even requests
> for with hostnames that don't match them.
>
> Here's my current config:
>
> <VirtualHost *>
> ServerName blah.mysite.com
> ...
>
> <VirtualHost foo.mysite.com:80>
> ServerName foo.mysite.com
> ...
>
> <VirtuaHost foo.mysite.com:443>
> ServerName foo.mysite.com
> ...
> SSL stuff
>
> <VirtualHost *>
> ServerName bar.othersite.com
> ...
>
> Since added the 2 for foo.mysite.com, EVERY request is handled by
> foo.mysite.com, even those for blah.mysite.com and bar.mysite.com. Even
> after changing the first one to <VirtualHost blah.mysite.com:80>, httpd
> would still try to use foo.mysite.com for http://blah.mysite.com/test.html!
> !!
>
> Any ideas?
>
> httpd 2.2
>
>
Hello Jonathan,

You should only use <VirtualHost *:PORT> or <VirtualHost IP:PORT> when
setting up vhosts.

Also, you'll need a NameVirtualHost that matches that IP:PORT if you use
more than one virtual host on that port.

Finally, when doing name-based vhosts with SSL, note that the
certificate for the first listed virtual host will always be used,
unless you implement SNI.

Frank.

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
" from the digest: users-digest-unsubscribe [at] httpd.apache.org
For additional commands, e-mail: users-help [at] httpd.apache.org

If one or more virtual host entries match the address:port for the
request, but no server names in those entries match, then the first
virtual host definition in the config file, not the global
configuration, will control handling for that request.

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
" from the digest: users-digest-unsubscribe [at] httpd.apache.org
For additional commands, e-mail: users-help [at] httpd.apache.org

Possibly the information you need is here:-

http://httpd.apache.org/docs/2.2/vhosts/name-based.html

When adding a name-based Virtual Host the...

"Main host goes away

If you are adding virtual hosts to an existing web server, you must
also create a <VirtualHost> block for the existing host. The
ServerName and DocumentRoot included in this virtual host should be
the same as the global ServerName and DocumentRoot. List this virtual
host first in the configuration file so that it will act as the
default host."

Cheers,
Phil.

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
" from the digest: users-digest-unsubscribe [at] httpd.apache.org
For additional commands, e-mail: users-help [at] httpd.apache.org

--000e0cd1b0c8410d38047b033a77
Content-Type: text/plain; charset=ISO-8859-1

OK, so I added NameVirtualHost foo.mysite.com:80 and NameVirtualHost
foo.mysite.com:443 above their respective sections and it seems to work
despite not being recommended as per the docs, but this was the only way to
do it because all my domains: mysite.com, othersite.com, etc point to a
single IP.

Any idea on why using hostnames in NameVirtualHost directives is not
recommended? Is this something that could come back and bite me?

Thanks for the help!

On Fri, Dec 18, 2009 at 10:34 AM, Philip Wigg <phil [at] philipwigg.co.uk> wrote:

> Possibly the information you need is here:-
>
> http://httpd.apache.org/docs/2.2/vhosts/name-based.html
>
> When adding a name-based Virtual Host the...
>
> "Main host goes away
>
> If you are adding virtual hosts to an existing web server, you must
> also create a <VirtualHost> block for the existing host. The
> ServerName and DocumentRoot included in this virtual host should be
> the same as the global ServerName and DocumentRoot. List this virtual
> host first in the configuration file so that it will act as the
> default host."
>
> Cheers,
> Phil.
>
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
> " from the digest: users-digest-unsubscribe [at] httpd.apache.org
> For additional commands, e-mail: users-help [at] httpd.apache.org
>
>

--000e0cd1b0c8410d38047b033a77
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

OK, so I added NameVirtualHost <a href=3D"http://foo.mysite.com:80">foo.mys=
ite.com:80</a> and NameVirtualHost <a href=3D"http://foo.mysite.com:443">fo=
o.mysite.com:443</a> above their respective sections and it seems to work d=
espite not being recommended as per the docs, but this was the only way to =
do it because all my domains: <a href=3D"http://mysite.com">mysite.com</a>,=
<a href=3D"http://othersite.com">othersite.com</a>, etc point to a single =
IP. 
 Any idea on why using hostnames in NameVirtualHost directives is not re=
commended?=A0 Is this something that could come back and bite me? Th=
anks for the help! <div class=3D"gmail_quote">On Fri, Dec 18, 2009 a=
t 10:34 AM, Philip Wigg <<a href=3D"mailto:phil [at] philip=
wigg.co.uk">phil [at] philipwigg.co.uk</a>> wrote: 
<blockquote class=3D"gmail_quote" style=3D"border-left: 1px solid rgb(204, =
204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Possibly the info=
rmation you need is here:- 
 
<a href=3D"http://httpd.apache.org/docs/2.2/vhosts/name-based.html" target=
=3D"_blank">http://httpd.apache.org/docs/2.2/vhosts/name-bas ed.html</a> 
 
When adding a name-based Virtual Host the... 
 
"Main host goes away 
 
If you are adding virtual hosts to an existing web server, you must 
also create a <VirtualHost> block for the existing host. The 
ServerName and DocumentRoot included in this virtual host should be 
the same as the global ServerName and DocumentRoot. List this virtual 
host first in the configuration file so that it will act as the 
default host." 
 
Cheers, 
Phil. 
<div><div></div><div class=3D"h5"> 
------------------------------------------------------------ --------- 
The official User-To-User support forum of the Apache HTTP Server Project.<=
br>
See <URL:<a href=3D"http://httpd.apache.org/userslist.html" target=3D"_b=
lank">http://httpd.apache.org/userslist.html</a>> for more info. 
To unsubscribe, e-mail: <a href=3D"mailto:users-unsubscribe [at] httpd.apache.or=
g">users-unsubscribe [at] httpd.apache.org</a> 
=A0 " =A0 from the digest: <a href=3D"mailto:users-digest-unsubscribe=
[at] httpd.apache.org">users-digest-unsubscribe [at] httpd.apache.org</a> 
For additional commands, e-mail: <a href=3D"mailto:users-help [at] httpd.apache.=
org">users-help [at] httpd.apache.org</a> 
 
</div></div></blockquote></div> 

--000e0cd1b0c8410d38047b033a77--

Jonathan Mast wrote:
> OK, so I added NameVirtualHost foo.mysite.com:80 and NameVirtualHost
> foo.mysite.com:443 above their respective sections and it seems to work
> despite not being recommended as per the docs, but this was the only way to
> do it because all my domains: mysite.com, othersite.com, etc point to a
> single IP.
>
> Any idea on why using hostnames in NameVirtualHost directives is not
> recommended? Is this something that could come back and bite me?
>
> Thanks for the help!
>
> On Fri, Dec 18, 2009 at 10:34 AM, Philip Wigg <phil [at] philipwigg.co.uk> wrote:
>
>
>> Possibly the information you need is here:-
>>
>> http://httpd.apache.org/docs/2.2/vhosts/name-based.html
>>
>> When adding a name-based Virtual Host the...
>>
>> "Main host goes away
>>
>> If you are adding virtual hosts to an existing web server, you must
>> also create a <VirtualHost> block for the existing host. The
>> ServerName and DocumentRoot included in this virtual host should be
>> the same as the global ServerName and DocumentRoot. List this virtual
>> host first in the configuration file so that it will act as the
>> default host."
>>
>> Cheers,
>> Phil.
>>
>> ------------------------------------------------------------ ---------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
>> " from the digest: users-digest-unsubscribe [at] httpd.apache.org
>> For additional commands, e-mail: users-help [at] httpd.apache.org
>>
>>
>>
>
>
Jonathan,

Using a hostname in the <VirtualHost> line will active DNS resolution
for EVERY HTTP request. Surely, you don't want that to happen.

Instead, use a ServerName in your virtual host.

Frank.

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
" from the digest: users-digest-unsubscribe [at] httpd.apache.org
For additional commands, e-mail: users-help [at] httpd.apache.org

--000e0cd10730281efb047b03c2b0
Content-Type: text/plain; charset=ISO-8859-1

Frank, I've always used the ServerName directive, here's what my configs
look like:
NameVirtualHost foo.mysite.com:80
<VirtualHost foo.mysite.com:80>
ServerName foo.mysite.com

</VirtualHost>

NameVirtualHost foo.mysite.com:443
<VirtualHost foo.mysite.com:443>
ServerName foo.mysite.com

SSL Stuff...
</VirtualHost>

My question was specifically why putting the hostname as opposed to the addr
in the NameVirtualHost was discouraged in the docs (they don't explain it
any further)?

On Fri, Dec 18, 2009 at 11:41 AM, Frank Gingras
<francois.gingras [at] gmail.com>wrote:

> Jonathan Mast wrote:
>
>> OK, so I added NameVirtualHost foo.mysite.com:80 and NameVirtualHost
>> foo.mysite.com:443 above their respective sections and it seems to work
>> despite not being recommended as per the docs, but this was the only way
>> to
>> do it because all my domains: mysite.com, othersite.com, etc point to a
>> single IP.
>>
>> Any idea on why using hostnames in NameVirtualHost directives is not
>> recommended? Is this something that could come back and bite me?
>>
>> Thanks for the help!
>>
>> On Fri, Dec 18, 2009 at 10:34 AM, Philip Wigg <phil [at] philipwigg.co.uk>
>> wrote:
>>
>>
>>
>>> Possibly the information you need is here:-
>>>
>>> http://httpd.apache.org/docs/2.2/vhosts/name-based.html
>>>
>>> When adding a name-based Virtual Host the...
>>>
>>> "Main host goes away
>>>
>>> If you are adding virtual hosts to an existing web server, you must
>>> also create a <VirtualHost> block for the existing host. The
>>> ServerName and DocumentRoot included in this virtual host should be
>>> the same as the global ServerName and DocumentRoot. List this virtual
>>> host first in the configuration file so that it will act as the
>>> default host."
>>>
>>> Cheers,
>>> Phil.
>>>
>>> ------------------------------------------------------------ ---------
>>> The official User-To-User support forum of the Apache HTTP Server
>>> Project.
>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>> To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
>>> " from the digest: users-digest-unsubscribe [at] httpd.apache.org
>>> For additional commands, e-mail: users-help [at] httpd.apache.org
>>>
>>>
>>>
>>>
>>
>>
>>
> Jonathan,
>
> Using a hostname in the <VirtualHost> line will active DNS resolution for
> EVERY HTTP request. Surely, you don't want that to happen.
>
> Instead, use a ServerName in your virtual host.
>
> Frank.
>
>
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
> " from the digest: users-digest-unsubscribe [at] httpd.apache.org
> For additional commands, e-mail: users-help [at] httpd.apache.org
>
>

--000e0cd10730281efb047b03c2b0
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Frank, I've always used the ServerName directive, here's what my co=
nfigs look like: NameVirtualHost <a href=3D"http://foo.mysite.com:80">fo=
o.mysite.com:80</a> <VirtualHost <a href=3D"http://foo.mysite.com:80"=
>foo.mysite.com:80</a>> 
=A0=A0=A0 ServerName=A0=A0 <a href=3D"http://foo.mysite.com">foo.mysite.com=
</a> =A0=A0=A0 </VirtualHost> NameVirtualHost <a href=
=3D"http://foo.mysite.com:443">foo.mysite.com:443</a> <VirtualHost <a=
href=3D"http://foo.mysite.com:443">foo.mysite.com:443</a>> 
=A0=A0=A0 ServerName=A0=A0 <a href=3D"http://foo.mysite.com">foo.mysite.com=
</a> =A0=A0=A0 =A0=A0=A0 SSL Stuff... </VirtualHost> <br=
>My question was specifically why putting the hostname as opposed to the ad=
dr in the NameVirtualHost was discouraged in the docs (they don't expla=
in it any further)? 
 <div class=3D"gmail_quote">On Fri, Dec 18, 2009 at 11:41 AM, Frank =
Gingras <<a href=3D"mailto:francois.gingras [at] gmail.com"=
>francois.gingras [at] gmail.com</a>> wrote: <blockquote class=3D"g=
mail_quote" style=3D"border-left: 1px solid rgb(204, 204, 204); margin: 0pt=
0pt 0pt 0.8ex; padding-left: 1ex;">
<div><div></div><div class=3D"h5">Jonathan Mast wrote: 
<blockquote class=3D"gmail_quote" style=3D"border-left: 1px solid rgb(204, =
204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
OK, so I added NameVirtualHost <a href=3D"http://foo.mysite.com:80" target=
=3D"_blank">foo.mysite.com:80</a> and NameVirtualHost 
<a href=3D"http://foo.mysite.com:443" target=3D"_blank">foo.mysite.com:443<=
/a> above their respective sections and it seems to work 
despite not being recommended as per the docs, but this was the only way to=
 
do it because all my domains: <a href=3D"http://mysite.com" target=3D"_blan=
k">mysite.com</a>, <a href=3D"http://othersite.com" target=3D"_blank">other=
site.com</a>, etc point to a 
single IP. 
 
Any idea on why using hostnames in NameVirtualHost directives is not 
recommended? =A0Is this something that could come back and bite me? 
 
Thanks for the help! 
 
On Fri, Dec 18, 2009 at 10:34 AM, Philip Wigg <<a href=3D"mailto:phil [at] ph=
ilipwigg.co.uk" target=3D"_blank">phil [at] philipwigg.co.uk</a>> wrote: 
 
=A0 
<blockquote class=3D"gmail_quote" style=3D"border-left: 1px solid rgb(204, =
204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Possibly the information you need is here:- 
 
<a href=3D"http://httpd.apache.org/docs/2.2/vhosts/name-based.html" target=
=3D"_blank">http://httpd.apache.org/docs/2.2/vhosts/name-bas ed.html</a> 
 
When adding a name-based Virtual Host the... 
 
"Main host goes away 
 
If you are adding virtual hosts to an existing web server, you must 
also create a <VirtualHost> block for the existing host. The 
ServerName and DocumentRoot included in this virtual host should be 
the same as the global ServerName and DocumentRoot. List this virtual 
host first in the configuration file so that it will act as the 
default host." 
 
Cheers, 
Phil. 
 
------------------------------------------------------------ --------- 
The official User-To-User support forum of the Apache HTTP Server Project.<=
br>
See <URL:<a href=3D"http://httpd.apache.org/userslist.html" target=3D"_b=
lank">http://httpd.apache.org/userslist.html</a>> for more info. 
To unsubscribe, e-mail: <a href=3D"mailto:users-unsubscribe [at] httpd.apache.or=
g" target=3D"_blank">users-unsubscribe [at] httpd.apache.org</a> 
=A0" =A0 from the digest: <a href=3D"mailto:users-digest-unsubscribe [at] =
httpd.apache.org" target=3D"_blank">users-digest-unsubscribe [at] httpd.apache.o=
rg</a> 
For additional commands, e-mail: <a href=3D"mailto:users-help [at] httpd.apache.=
org" target=3D"_blank">users-help [at] httpd.apache.org</a> 
 
 
=A0 =A0 
</blockquote>
 
=A0 
</blockquote></div></div>
Jonathan, 
 
Using a hostname in the <VirtualHost> line will active DNS resolution=
for EVERY HTTP request. Surely, you don't want that to happen. 
 
Instead, use a ServerName in your virtual host. 
 
Frank.<div><div></div><div class=3D"h5"> 
 
------------------------------------------------------------ --------- 
The official User-To-User support forum of the Apache HTTP Server Project.<=
br>
See <URL:<a href=3D"http://httpd.apache.org/userslist.html" target=3D"_b=
lank">http://httpd.apache.org/userslist.html</a>> for more info. 
To unsubscribe, e-mail: <a href=3D"mailto:users-unsubscribe [at] httpd.apache.or=
g" target=3D"_blank">users-unsubscribe [at] httpd.apache.org</a> 
=A0" =A0 from the digest: <a href=3D"mailto:users-digest-unsubscribe [at] =
httpd.apache.org" target=3D"_blank">users-digest-unsubscribe [at] httpd.apache.o=
rg</a> 
For additional commands, e-mail: <a href=3D"mailto:users-help [at] httpd.apache.=
org" target=3D"_blank">users-help [at] httpd.apache.org</a> 
 
</div></div></blockquote></div> 

--000e0cd10730281efb047b03c2b0--

Jonathan Mast wrote:
> OK, so I added NameVirtualHost foo.mysite.com:80
> <http://foo.mysite.com:80> and NameVirtualHost foo.mysite.com:443
> <http://foo.mysite.com:443> above their respective sections and it
> seems to work despite not being recommended as per the docs, but this
> was the only way to do it because all my domains: mysite.com
> <http://mysite.com>, othersite.com <http://othersite.com>, etc point
> to a single IP.
>
> Any idea on why using hostnames in NameVirtualHost directives is not
> recommended? Is this something that could come back and bite me?

Sounds like there may be some confusion on the best way to set this up.
Assuming your IP address is 1.2.3.4, you should set it up as follows:

------------------------------

NameVirtualHost 1.2.3.4:80

<VirtualHost 1.2.3.4:80>
ServerName blah.mysite.com
...
</VirtualHost>

<VirtualHost 1.2.3.4:80>
ServerName foo.mysite.com
...
</VirtualHost>

<VirtualHost 1.2.3.4:443>
ServerName foo.mysite.com
...
SSL stuff
</VirtualHost>

<VirtualHost 1.2.3.4:80>
ServerName bar.othersite.com
...
</VirtualHost>

------------------------------

If your IP address changes, you can substitute * from the IP address in
all locations for port 80. I've had trouble myself using *:443 for SSL,
so it may not be supported. As pointed out, using the hostname in the
NameVirtualHost and <VirtualHost> directives is not recommended (DNS
lookups).

--
Justin Pasher

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
" from the digest: users-digest-unsubscribe [at] httpd.apache.org
For additional commands, e-mail: users-help [at] httpd.apache.org

On Fri, Dec 18, 2009 at 12:06 PM, Jonathan Mast
<jhmast.developer [at] gmail.com> wrote:
> Frank, I've always used the ServerName directive, here's what my configs
> look like:
> NameVirtualHost foo.mysite.com:80
> <VirtualHost foo.mysite.com:80>
> =A0=A0=A0 ServerName=A0=A0 foo.mysite.com
>
> </VirtualHost>
>
> NameVirtualHost foo.mysite.com:443
> <VirtualHost foo.mysite.com:443>
> =A0=A0=A0 ServerName=A0=A0 foo.mysite.com
>
> =A0=A0=A0 SSL Stuff...
> </VirtualHost>
>
> My question was specifically why putting the hostname as opposed to the a=
ddr
> in the NameVirtualHost was discouraged in the docs (they don't explain it
> any further)?

It's just unnecessarily confusing, because anyone looking at yout
config needs to know what set of addresses that resolved to when you
started your webserver. It's also going to mysteriously send
requests to the base server config, or other vhosts, when you get a
request for that hostname that arrive on a different interface.

Most people who a) have vhost trouble and b) put hostnames as the
first parm in VirtualHost are misunderstanding name-based virtualhosts
configuration. Most of them don't even need to discriminate between
IP addresses at all, and should just have *:port.

--
Eric Covener
covener [at] gmail.com

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
" from the digest: users-digest-unsubscribe [at] httpd.apache.org
For additional commands, e-mail: users-help [at] httpd.apache.org

Jonathan Mast wrote:
> Frank, I've always used the ServerName directive, here's what my configs
> look like:
> NameVirtualHost foo.mysite.com:80
> <VirtualHost foo.mysite.com:80>
> ServerName foo.mysite.com
>
> </VirtualHost>
>
> NameVirtualHost foo.mysite.com:443
> <VirtualHost foo.mysite.com:443>
> ServerName foo.mysite.com
>
> SSL Stuff...
> </VirtualHost>
>
> My question was specifically why putting the hostname as opposed to the addr
> in the NameVirtualHost was discouraged in the docs (they don't explain it
> any further)?
>
>
> On Fri, Dec 18, 2009 at 11:41 AM, Frank Gingras
> <francois.gingras [at] gmail.com>wrote:
>
>
>> Jonathan Mast wrote:
>>
>>
>>> OK, so I added NameVirtualHost foo.mysite.com:80 and NameVirtualHost
>>> foo.mysite.com:443 above their respective sections and it seems to work
>>> despite not being recommended as per the docs, but this was the only way
>>> to
>>> do it because all my domains: mysite.com, othersite.com, etc point to a
>>> single IP.
>>>
>>> Any idea on why using hostnames in NameVirtualHost directives is not
>>> recommended? Is this something that could come back and bite me?
>>>
>>> Thanks for the help!
>>>
>>> On Fri, Dec 18, 2009 at 10:34 AM, Philip Wigg <phil [at] philipwigg.co.uk>
>>> wrote:
>>>
>>>
>>>
>>>
>>>> Possibly the information you need is here:-
>>>>
>>>> http://httpd.apache.org/docs/2.2/vhosts/name-based.html
>>>>
>>>> When adding a name-based Virtual Host the...
>>>>
>>>> "Main host goes away
>>>>
>>>> If you are adding virtual hosts to an existing web server, you must
>>>> also create a <VirtualHost> block for the existing host. The
>>>> ServerName and DocumentRoot included in this virtual host should be
>>>> the same as the global ServerName and DocumentRoot. List this virtual
>>>> host first in the configuration file so that it will act as the
>>>> default host."
>>>>
>>>> Cheers,
>>>> Phil.
>>>>
>>>> ------------------------------------------------------------ ---------
>>>> The official User-To-User support forum of the Apache HTTP Server
>>>> Project.
>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe [at] httpd.apache.org
>>>> For additional commands, e-mail: users-help [at] httpd.apache.org
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>> Jonathan,
>>
>> Using a hostname in the <VirtualHost> line will active DNS resolution for
>> EVERY HTTP request. Surely, you don't want that to happen.
>>
>> Instead, use a ServerName in your virtual host.
>>
>> Frank.
>>
>>
>> ------------------------------------------------------------ ---------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
>> " from the digest: users-digest-unsubscribe [at] httpd.apache.org
>> For additional commands, e-mail: users-help [at] httpd.apache.org
>>
>>
>>
>
>
I believe the fact I just gave you was compelling enough; a DNS lookup
for every HTTP request is *extremely* expensive. You don't want that to
happen.

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
" from the digest: users-digest-unsubscribe [at] httpd.apache.org
For additional commands, e-mail: users-help [at] httpd.apache.org

Enabling SSL on VirtualHosts Revisited

Re: Enabling SSL on VirtualHosts Revisited

Re: Enabling SSL on VirtualHosts Revisited

Re: Re: Enabling SSL on VirtualHosts Revisited

Re: Re: Enabling SSL on VirtualHosts Revisited

Re: Re: Enabling SSL on VirtualHosts Revisited

Re: Re: Enabling SSL on VirtualHosts Revisited

Re: Re: Enabling SSL on VirtualHosts Revisited

Re: Re: Enabling SSL on VirtualHosts Revisited

Re: Re: Enabling SSL on VirtualHosts Revisited