From: Eric Covener
In a name-based virtual host context, the value of the first
- defined virtual host (the default host) in a set of
When name-based virtual hosting is used, the value for this
directive is taken from the default (first-listed) virtual host for the
-
When name-based virtual hosting is used, the value for this
- directive is taken from the default (first-listed) virtual host for the
-
When name-based virtual hosting is used, the value for this
- directive is taken from the default (first-listed) virtual host for the
-
A single
This directive, and the corresponding
Although addr can be a hostname, it is recommended -that you always use an IP address or a wildcard. A wildcard -NameVirtualHost matches only virtualhosts that also have a literal wildcard -as their argument.
- -In cases where a firewall or other proxy receives the requests and -forwards them on a different IP address to the server, you must specify the -IP address of the physical interface on the machine which will be -servicing the requests.
- -In the example below, requests received on interface 192.0.2.1 and port 80 -will only select among the first two virtual hosts. Requests received on -port 80 on any other interface will only select among the third and fourth -virtual hosts. In the common case where the interface isn't important -to the mapping, only the "*:80" NameVirtualHost and VirtualHost directives -are necessary.
- -If no matching virtual host is found, then the first listed - virtual host that matches the IP address and port will be used.
- - -IPv6 addresses must be enclosed in square brackets, as shown - in the following example:
+Prior to 2.3.11,
Note that the argument to the
This directive currently has no effect.
*
, which is used only in combination with
- NameVirtualHost *
to match all IP addresses; or*
, which acts as a wildcard and matches
+ any IP address._default_
, which is an alias for *
_default_
, which is used only
- with IP virtual hosting to catch unmatched IP addresses.When using IP-based virtual hosting, the special name
- _default_
can be specified in
- which case this virtual host will match any IP address that is
- not explicitly listed in another virtual host. In the absence
- of any _default_
virtual host the "main" server config,
- consisting of all those definitions outside any VirtualHost
- section, is used when no IP-match occurs.
You can specify a :port
to change the port that is
- matched. If unspecified then it defaults to the same port as the
- most recent :*
- to match all ports on that address. (This is recommended when used
- with _default_
.)
A
If no matching virtual host is found, then the first listed - virtual host that matches the IP address will be used. As a - consequence, the first listed virtual host is the default virtual - host.
+When a request is received, the server first maps it to the best matching
+
If multiple virtual hosts contain the best matching IP address and port, + the server selects from these virtual hosts the best match based on the + requested hostname. If no matching name-based virtual host is found, + then the first listed virtual host that matched the IP address will be + used. As a consequence, the first listed virtual for a given IP address + and port combination is default virtual host for that IP and port + combination.
See the security tips diff --git a/docs/manual/upgrading.xml b/docs/manual/upgrading.xml index dd31588bb5..a5f385da7e 100644 --- a/docs/manual/upgrading.xml +++ b/docs/manual/upgrading.xml @@ -225,7 +225,6 @@ module="filter">FilterProvider syntax has changed and now uses a boolean expression to determine if a filter is applied. - @@ -239,6 +238,12 @@ ignored.
Ignoring deprecated use of DefaultType in line NN of /path/to/httpd.conf
- remove mixing * ports and non-* ports with a NameVirtualHost address is not supported
, Either NameVirtualHost w.x.y.z:n has no VirtualHosts, or there is more than one identical NameVirtualHost line, or your VirtualHost declarations do not match the NameVirtualHost line
- these are not new messages, but they now cause startup to fail_default_ is not allowed in NameVirtualHost directive
- self-explanatory; was never valid, but now causes startup to fail.If using IP-based vhosts, the address can be specified
- as _default_
, which will match a request if no
- other vhost has the explicit address on which the request was
- received.
If using name-based vhosts, the address can be specified as +
The address can be specified as
*
, which will match a request if no
other vhost has the explicit address on which the request was
- received. The corresponding NameVirtualHost
- directive must also use *
.
The address appearing in the VirtualHost
directive can have an optional port. If the port is unspecified,
@@ -95,11 +89,10 @@
results from DNS lookups) are called the vhost's
address set.
If you want Apache to discriminate on the
- basis of the HTTP Host
header supplied by the client,
- the NameVirtualHost
directive must appear
- with the exact IP address (or wildcard) and port pair used in a
- corresponding set of VirtualHost
directives.
Apache automatically discriminates on the
+ basis of the HTTP Host
header supplied by the client
+ whenever the most specific match for an IP address and port combination
+ is listed in multiple virtual hosts.
The
ServerName
is specified, the server
attempts to deduce it from the server's IP address.
Multiple NameVirtualHost
directives can be used,
- each with a set of VirtualHost
directives, but only
- one NameVirtualHost
directive should be used for
- each specific IP:port pair.
The first name-based vhost in the configuration file for a
given IP:port pair is significant because it is used for all
requests received on that address and port for which no other
@@ -121,66 +109,6 @@
server does not support
If there are no vhosts defined for an address in a
- NameVirtualHost
directive, the
- NameVirtualHost
directive is ignored at startup and an error is
- logged.
The ordering of NameVirtualHost
and
- VirtualHost
directives is not important, which
- makes the following two examples identical (only the order of
- the VirtualHost
directives for one
- address set is important, see below):
- <VirtualHost 111.22.33.44> - # server A - ... - </VirtualHost> - <VirtualHost 111.22.33.44> - # server B - ... - </VirtualHost> - - NameVirtualHost 111.22.33.55 - <VirtualHost 111.22.33.55> - # server C - ... - </VirtualHost> - <VirtualHost 111.22.33.55> - # server D - ... - </VirtualHost> - |
-- # server A - </VirtualHost> - <VirtualHost 111.22.33.55> - # server C - ... - </VirtualHost> - <VirtualHost 111.22.33.44> - # server B - ... - </VirtualHost> - <VirtualHost 111.22.33.55> - # server D - ... - </VirtualHost> - - NameVirtualHost 111.22.33.44 - NameVirtualHost 111.22.33.55 - - |
-
(To aid the readability of your configuration you should - prefer the left variant.)
-For every vhost various default values are set. In particular:
@@ -245,10 +173,6 @@If there are no exact matches for the address and port, then
wildcard (*
) matches are considered.
If there are still no matches, then vhosts with IP
- address specified as _default_
that match the
- port are considered.
If no matches are found, the request is served by the main server.
@@ -260,17 +184,19 @@If there is no NameVirtualHost
directive
- matching the vhost, no further actions are performed and
- the request is served from the first matching vhost.
If there is exactly one VirtualHost
directive
+ listing the IP address and port combibation that was determined
+ to be the best match, no further actions are performed and
+ the request is served from the matching vhost.
If the entry corresponds to a name-based vhost, the "list" in - the remaining steps refers to the list of vhosts that matched, in - the order they were in the configuration file.
+If there are multiple VirtalHost
directives listing
+ the IP address and port combination that was determined to be the
+ best match, the "list" in the remaining steps refers to the list of vhosts
+ that matched, in the order they were in the configuration file.
If the connection is using SSL, the server supports You can, if you wish, replace You can, if you wish, replace However, it is additionally useful to use You have multiple domains going to the same IP and also want to
- serve multiple ports. By defining the ports in the "NameVirtualHost"
- tag, you can allow this to work. If you try using <VirtualHost
- name:port> without the NameVirtualHost name:port or you try to use
- the Listen directive, your configuration will not work. On some of my addresses, I want to do name-based virtual hosts, and
- on others, IP-based hosts. Any address mentioned in the argument to a virtualhost that never
+ appears in another virtual host is a strictly IP-based virtual host. IP-based virtual hosting is a method to apply different directives
+based on the IP address and port a request is received on. Most commonly,
+this is used to serve different websites on different ports or interfaces. In many cases, name-based
+virtual hosts are more convenient, because they allow
+many virtual hosts to share a single address/port.
+See Name-based vs. IP-based
+Virtual Hosts to help you decide. As the term IP-based indicates, the server
@@ -40,12 +52,8 @@
most commonly used to set them up), and/or using multiple
port numbers. In many cases, name-based
- virtual hosts are more convenient, because they allow
- many virtual hosts to share a single address/port.
- See Name-based vs. IP-based
- Virtual Hosts to help you decide.
- In the terminology of Apache HTTP Servr, using a single IP address
+ but multiple TCP ports, is also IP-based virtual hosting.
-
NameVirtualHost
directive.ServerAlias
+ ServerName
and ServerAlias
checks are never performed for an IP-based vhost._default_
- vhost and the NameVirtualHost
directive within
- the config file is not important. Only the ordering of
+ _default_
vhost catches a request only if
- there is no other vhost with a matching IP address
- and a matching port number for the request. The
- request is only caught if the port number to which the client
- sent the request matches the port number of your
- _default_
vhost which is your standard
- Listen
by default. A wildcard port can be
- specified (i.e., _default_:*
) to catch
- requests to any available port. This also applies to
- NameVirtualHost *
vhosts. Note that this is simply an
- extension of the "best match" principle, as a specific and exact match
- is favored over a wildcard._default_
vhost). In other words, the main server
+ *
vhost). In other words, the main server
only catches a request for an unspecified address/port
combination (unless there is a _default_
vhost
which matches that port)._default_
vhost or the main server is
- never matched for a request with an unknown or
- missing Host:
header field if the client
- connected to an address (and port) which is used for
- name-based vhosts, e.g., in a
- NameVirtualHost
directive.VirtualHost
directives because it will force
your server to rely on DNS to boot. Furthermore it poses a
@@ -408,10 +311,6 @@
readability of the configuration -- the post-config merging
process makes it non-obvious that definitions mixed in around
virtual hosts might affect all virtual hosts.)NameVirtualHost
and
- VirtualHost
definitions in your configuration to
- ensure better readability.
Listen 80
- # Listen for virtual host requests on all IP addresses
- NameVirtualHost *:80
<VirtualHost *:80>
*
with the actual
- IP address of the system. In that case, the argument to
- VirtualHost
must match the argument to
- NameVirtualHost
:
-
- <VirtualHost 172.20.30.40>
- # etc ...
- *
with the actual
+ IP address of the system, when you don't care to discriminate based
+ on the IP address or port.*
on systems where the IP address is not predictable - for
@@ -145,9 +135,6 @@
ServerName server.example.com
DocumentRoot /www/mainserver
- # This is the other address
- NameVirtualHost 172.20.30.50
-
<VirtualHost 172.20.30.50>
@@ -195,8 +182,6 @@
- NameVirtualHost 172.20.30.40
<VirtualHost 192.168.1.1 172.20.30.40>
Listen 8080
- NameVirtualHost 172.20.30.40:80
- NameVirtualHost 172.20.30.40:8080
-
<VirtualHost 172.20.30.40:80>
@@ -357,16 +338,13 @@
-
- NameVirtualHost 172.20.30.40
-
<VirtualHost 172.20.30.40>
@@ -540,8 +518,6 @@
ServerName www.example.com
DocumentRoot /www/example1
- NameVirtualHost 172.20.30.40
-
<VirtualHost 172.20.30.40 172.20.30.50>
@@ -581,8 +557,6 @@
-
<VirtualHost 172.20.30.40>
diff --git a/docs/manual/vhosts/index.xml b/docs/manual/vhosts/index.xml
index fbb2c247fe..055a404fa4 100644
--- a/docs/manual/vhosts/index.xml
+++ b/docs/manual/vhosts/index.xml
@@ -82,7 +82,6 @@ hosts
Specific IP addresses or ports have precedence over their wildcard + equivalents, and any virtual host that matches has precedence over + the servers base configuration.
+Almost any configuration directive can be
put in the VirtualHost directive, with the exception of
directives that control process creation and a few other
diff --git a/docs/manual/vhosts/mass.xml b/docs/manual/vhosts/mass.xml
index 4755130667..227e95fb50 100644
--- a/docs/manual/vhosts/mass.xml
+++ b/docs/manual/vhosts/mass.xml
@@ -43,7 +43,6 @@
-NameVirtualHost 111.22.33.44
<VirtualHost 111.22.33.44>
ServerName customer-1.example.com
DocumentRoot /www/hosts/customer-1.example.com/docs
diff --git a/docs/manual/vhosts/name-based.xml b/docs/manual/vhosts/name-based.xml
index 476547d355..1ff58e0875 100644
--- a/docs/manual/vhosts/name-based.xml
+++ b/docs/manual/vhosts/name-based.xml
@@ -62,6 +62,10 @@
they are on separate IP addresses.
Name-based virtual hosting builds off of the IP-based virtual host + selection algoirthm, meaning that searches for the proper server name + occur only between virtual hosts that have the best IP-based address.
+ @@ -71,23 +75,22 @@ host resolution is IP-based resolution. Name-based virtual host resolution only chooses the most appropriate name-based virtual host after narrowing down the candidates to the best IP-based match. Using a wildcard (*) - for the IP address in all of the NameVirtualHost and VirtualHost directives makes this + for the IP address in all of the VirtualHost directives makes this IP-based mapping irrelevant. -When a request arrives, the server will first check if it is using
- an IP address that matches exactly any
If no matching ServerName or ServerAlias is found in the - set of virtual hosts matching the NameVirtualHost directive, then - the first listed virtual host that matches the IP - address will be used.
When a request arrives, the server will find the best (most specific) matching
+
If no matching ServerName or ServerAlias is found in the set of + virtual hosts containing the most specific matching IP address and port + combination, then the first listed virtual host that + matches the will be used.
To use name-based virtual hosting, you must designate the IP
- address (and possibly port) on the server that will be accepting
- requests that need to be distinguished by hostname.
- This is configured using the *
as the argument to *:80
.
Note that mentioning an IP address in a
-
The next step is to create a httpd.conf
:
You can alternatively specify an explicit IP address in place of the
- *
in both the