 | Warning |
|---|
| | If you plan to use the Apache Configuration
Tool, a GUI utility provided with Red Hat Linux, you may not
edit your Apache Web server's httpd.conf
configuration file. Conversely, if you want to edit
httpd.conf by hand, do not use the
Apache Configuration Tool.
If you need more information on the Apache Configuration
Tool, please see the Official Red Hat Linux Customization Guide.
|
You can use Apache's virtual hosts capability to run different servers
for different IP addresses, different host names or different ports on
the same machine. If you are interested in using virtual hosts, complete
information is provided in the Apache documentation on your machine or
on the Web at http://httpd.apache.org/docs/vhosts/.
 | Note |
|---|
| | You cannot use name-based virtual hosts with your secure Web server, because the
SSL handshake (when the browser accepts the secure Web server's
certificate) occurs before the HTTP request which identifies the
appropriate name-based virtual host. If you want to use name-based
virtual hosts, they will only work with your non-secure Web server.
|
Virtual hosts are configured within the httpd.conf
file, as described in the section called Configuration Directives in httpd.conf. Please
review that section before you start to change the virtual hosts
configuration on your machine.
The default configuration of your Web server runs a non-secure and a
secure server. Both servers use the same IP address and host name, but
they listen on different ports, and the secure server is a virtual
host. This configuration enables you to serve both secure and
non-secure documents in the most efficient manner possible. Setting
up the secure HTTP transmission is very resource intensive, so
generally you will be able to serve far fewer pages per second with a
secure server. You need to consider this when you decide what
information to include on the secure server, and which you can use the
non-secure server for.
The configuration directives for your secure server are contained
within virtual host tags in the httpd.conf file.
If you need to change something about the configuration of your secure
server, you will need to change the configuration directives inside
virtual host tags in the httpd.conf file. If you
want to enable certain features (for example, server side includes)
for your secure server, they will need to be enabled within the
virtual host tags that define your secure server.
The non-secure Web server is configured as the "non-virtual" host in
the httpd.conf file. In other words, the
non-secure Web server's configuration options are outside of the
virtual host tags in httpd.conf. If you want to
change something about your non-secure Web server, you will need to
change the configuration directives in httpd.conf
outside of the virtual host tags.
By default, both the secure and the non-secure Web servers share the
same DocumentRoot, a configuration directive
specified in httpd.conf. In other words, the
secure and the non-secure Web server look in the same place for the
HTML files that they provide in response to requests. By default, the
DocumentRoot is set to
/var/www/html.
To change the DocumentRoot so that it is no longer
shared by both the secure server and the non-secure server, change one
of the DocumentRoot directives in
httpd.conf. The DocumentRoot
outside the virtual host tags defines the
DocumentRoot for your non-secure Web server. The
DocumentRoot within the virtual host tags that
define your secure server is for your secure server.
If for some reason you want to disable the non-secure Web server on
your machine, you can. Your secure server listens on port 443, the
default port for secure Web communications, while your non-secure Web
server listens on port 80, the default port for non-secure Web
communications. To stop the non-secure Web server from accepting
connections, in httpd.conf, find the line which
reads:
Change the above line so that it reads:
Then comment out the Listen 80 line.
After these two steps, your Web server will be accepting connections on
port 443, the default port for secure Web communications. However,
your server will not accept connections on port 80, the default port
for non-secure communications, so the non-secure Web server will be
effectively disabled.
Most people will probably use their Web server as it is configured.
Therefore, they will be using the built-in virtual hosts capability, but
they will not have to do any manipulation of the virtual hosts directives
in httpd.conf. However, if you would like to use
the virtual hosts capability for some other reason, you can.
To create a virtual host, you will need to alter the virtual host lines,
provided as an example, in httpd.conf, or create
your own virtual host section. (Remember that name-based virtual
hosts will not work with your secure server — you will need to use IP
address-based virtual hosts if you need SSL-enabled virtual
hosts. Your non-secure server, however, will support both IP address
and name-based virtual hosts.)
The virtual host example lines read as follows:
#<VirtualHost ip.address.of.host.some_domain.com>
# ServerAdmin webmaster@host.some_domain.com
# DocumentRoot /www/docs/host.some_domain.com
# ServerName host.some_domain.com
# ErrorLog logs/host.some_domain.com-error_log
# CustomLog logs/host.some_domain.com-access_log common
#</VirtualHost> |
Uncomment all of the lines. Then add the correct information for your
machine and/or your virtual host to each line.
In the first line, change
ip.address.of.host.some_domain.com to your server's
IP address. Change the ServerName to a
valid DNS name to use for the virtual host. (In
other words, do not just make something up. Ask your system
administrator if you do not know how to get a valid domain name.)
You will also need to uncomment one of the
NameVirtualHost lines in
httpd.conf:
#NameVirtualHost 12.34.56.78:80
#NameVirtualHost 12.34.56.78 |
Uncomment one of the lines and change the IP address to the IP address
(and port if necessary) for that virtual host.
Many other configuration directives can be placed between the virtual
host tags, depending upon why you are setting up a virtual host.
If you set up a virtual host and want it to listen on a non-default
port (80 is the default port for non-secure Web communications; 443 is
the default port for secure Web communications), you will need to set up
a virtual host for that port and add a Listen
directive to httpd.conf, corresponding to that
port.
To have a virtual host work specifically for that port, add the port
number to the first line of the virtual host configuration. The first
line should look something like the following:
<VirtualHost ip_address_of_your_server:12331> |
This line would create a virtual host that listens on port 12331.
Substitute the port number you want to use for
12331 in the previous example.
Underneath the Listen lines in
httpd.conf, add a line like the following, which
will instruct your Web server to listen on port 12331:
You must restart httpd to start a new virtual host.
See the section called Starting and Stopping httpd for instructions on
how to start and stop httpd.
Much more complete information about creating and configuring both
name-based and IP address-based virtual hosts is provided on the Web
at http://httpd.apache.org/docs/vhosts/.
Please check the Apache Group's virtual host documentation for more
details on using virtual hosts.
