Apache configuration with virtual hosts and SSL on a local network

https apache-2.2 ssl virtualhost xampp

Solution 1:

When apache cant mactch vhost it opens the default one. There is always a default, if not explicitly defined it is the first vhost definition in your config file.

You can use httpd -S to check what are your default vhosts

And you can define default and forbid access to it if you like as defraagh pointed

Solution 2:

Named virtual hosting isn't supported for SSL based virtual hosts.

The problem stems from the fact that the ServerName is also encrypted in the SSL request. Thus, when the server receives a request for "somedomainname" or whatever, it's going to default to a named VHost that isn't on 443.

Solution:

  • Put your liseners outside of your VHost definitions
  • Change :443 to an IP address. The server performs reverse DNS lookups automatically.

Corrected:

# Listen :80
Listen *:80
# Listen on IP Address for :443
Listen 127.0.0.1:443

<VirtualHost development.somedomain.co.nz:80>
   ServerName development.somedomain.co.nz
   DocumentRoot "~/sites/development.somedomain.co.nz"

   DirectoryIndex index.php

   # Stay consistent with your syntax definitions. This and the 443 Vhost Directory
   # were not Quoted. That's not to say it makes a difference guaranteed,
   # but it's always a good habit. 
   <Directory "~/sites/development.somedomain.co.nz">
       Options Indexes FollowSymLinks ExecCGI Includes
       AllowOverride All
       Order allow,deny
       Allow from all
   </Directory>
</VirtualHost>

<VirtualHost localhost:80>
   ServerName localhost
   DocumentRoot "~/"

   <Directory "~/">
      Options Indexes FollowSymLinks ExecCGI Includes
      AllowOverride All
      Order allow,deny
      Allow from all
   </Directory>
</VirtualHost>

<IfModule mod_ssl.c>

   # Does this need to exist outside of the VHost Definition ?? 
   AcceptMutex flock

   <VirtualHost 127.0.0.1:443>
       ServerName development.assldomain.co.nz
       DocumentRoot "~/sites/development.assldomain.co.nz"
       DirectoryIndex index.php
       SSLEngine on
       SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
       SSLCertificateFile /Applications/XAMPP/etc/ssl.crt/server.crt
       SSLCertificateKeyFile /Applications/XAMPP/etc/ssl.key/server.key
       BrowserMatch ".*MSIE.*" \
             nokeepalive ssl-unclean-shutdown \
             downgrade-1.0 force-response-1.0

       <Directory "~/sites/development.assldomain.co.nz">
           SSLRequireSSL
           Options Indexes FollowSymLinks ExecCGI Includes
           AllowOverride All
           Order allow,deny
           Allow from all
       </Directory>
   </VirtualHost>

</IfModule>

Solution 3:

Add a default VirtualHost at the end of your file to catch requests directed to hosts you didn't explicitely specify :

 <VirtualHost _default_:*>
    DocumentRoot /~/void
    ...
 </VirtualHost>

Related

SQL Server Database Backups using VSS versus native SQL Server
Linux servers seeing bad download performance behind Sonicwall firewall
Distributed Nagios Installation
username and password for rsync in script
Running multiple services on Port 443, Tunnel SSH over HTTPS
Is it possible to search an apt repository via a web browser?
What is the structure of a typical IT department? [closed]
What is the `shadow` group used for?
LVM2 vs MDADM performance
If you haven't already watched my first video, there's a link to it in the description below. Ungrammatical? [duplicate]
Is the infinitive form of the verb appropriate in this sentence?
Is the "ng" sound often pronounced simultaneously with the "n" sound?