stackoom
  简体   繁体   中英

Apache2, vhosts and SSL

 原文  2015-01-25 21:31:54       apache/ ssl/ apache2/ vhosts

Question

My setup:
site1.com | Port 80
site2.com | Port 80
panel.site1.com | Rewrites port 80 traffic to 443

This works until someone tries https:// site[x].com and the server redirects them to my panel. I need this panel to be open to the ~100 people who will use it, but I don't want the wrong people stumbling across it.

I've tried adding: 

<VirtualHost *:443>
    ServerAdmin me@email
    ServerName site1.com
    ServerAlias www.site1.com

    RewriteEngine On
    RewriteCond %{HTTPS} on
    RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>

to the vhost of site1.com, but it still returns the control panel. I believe this is because the certs are checked before Apache vhost rules are applied, but I'm not really sure. Is there a fix for this or is it simply the limitations of Apache2+SSL?

1 answers

solution1
 2  2015-01-26 08:25:29

Apache document states that .

If no matching ServerName or ServerAlias is found in the set of virtual hosts containing the most specific matching IP address and port combination, then the first listed virtual host that matches that will be used.

And so looks like you have kept the <VirtualHost> section of panel.site1.com on top of all other virtual host section. Because of this, requests for https://site[x].com will land in it, and so the issue is not related to SSL .

Update:

You can try below configuration and it should work. 

<VirtualHost *:80>
    ServerName www.site1.com
    ServerAlias site1.com
    DocumentRoot /var/www/site1

    RewriteEngine on
    RewriteCond %{HTTPS} off
    RewriteCond %{HTTP_HOST} ^panel.site1.com
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
</VirtualHost>

<VirtualHost *:80>
    ServerName www.site2.com
    ServerAlias site2.com
    DocumentRoot /var/www/site2
</VirtualHost>

<VirtualHost *:443>
    ServerName panel.site1.com
    DocumentRoot /var/www/panel
    SSLEngine on
    SSLOptions +StrictRequire
    SSLCertificateFile /opt/apache1/conf/server.crt
    SSLCertificateKeyFile /opt/apache1/conf/server.key
</VirtualHost>

How this works

  1. When request are for http://site1.com the first VirtualHost section will be selected.
  2. When request are for http://site2.com the second VirtualHost section will be selected.
  3. If a request arrives for http://site[x].com then first VirtualHost section will be selected.
  4. If a request arrives for http://panel.site1.com the request will be redirected to https://panel.site1.com and the third VirtualHost section will be selected.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Apache2 Perl vHosts Error Multiple Apache2 vhosts are pointing to the same website Gitlab on Apache2 with SSL apache2 and ssl module Instaling SSL on apache2 Apache 2.4 Restrict SSL to specific subdomain Vhosts Error setting up multiple vhosts with Apache2 on Mint 15 Apache2 and HeartBleed SSL issue Apache2 SSL certificate error apache2 handle subdomains and SSL
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM