The Apache HTTP Server's built in virtual hosting allows the
server to provide different information based on which IP address,
hostname, or port is being requested. A complete guide to using
virtual hosts is available online at https://httpd.apache.org/docs-2.0/vhosts/.
To create a name-based virtual host, it is best to use the
virtual host container provided in httpd.conf as an example.
The virtual host example read as follows:
#NameVirtualHost *:80
#
#<VirtualHost *:80>
# ServerAdmin [email protected]
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
|
To activate name-based virtual hosting, uncomment the NameVirtualHost line by removing the hash mark
(#) and replace the asterisk (*) with the IP address assigned to the machine.
Next, configure a virtual host by uncommenting and customizing
the <VirtualHost> container.
On the <VirtualHost> line, change
the asterisk (*) to the server's IP
address. Change the ServerName to a
valid DNS name assigned to the machine, and
configure the other directives as necessary.
The <VirtualHost> container is
highly customizable and accepts almost every directive available
within the main server configuration.
 |
Tip |
| |
If configuring a virtual host to listen on a non-default port,
that port must be added to the Listen
directive in the global settings section of /etc/httpd/conf/httpd.conf file.
|
To activate a newly created virtual host, the Apache HTTP Server
must be reloaded or restarted. Refer to Section 10.4 Starting and Stopping
httpd for further
instructions.
Comprehensive information about creating and configuring both
name-based and IP address-based virtual hosts is provided online at
https://httpd.apache.org/docs-2.0/vhosts/.
By default, the Apache HTTP Server is configured as both a
non-secure and a secure server. Both the non-secure and secure
servers use the same IP address and hostname, but listen on
different ports: 80 and 443 respectively. This enables both
non-secure and secure communications to take place
simultaneously.
One aspect of SSL enhanced HTTP transmissions is that they are
more resource intensive than the standard HTTP protocol, so a
secure server cannot serve as many pages per second. For this
reason, it is often a good idea to minimize the information
available from the secure server, especially on a high traffic
website.
 |
Important |
| |
Do not use name-based virtual hosts in conjunction with a secure
Web server as the SSL handshake occurs before the HTTP request
identifies the appropriate name-based virtual host. Name-based
virtual hosts only work with the non-secure Web server.
|
The configuration directives for the secure server are contained
within virtual host tags in the /etc/httpd/conf.d/ssl.conf file.
By default, both the secure and the non-secure Web servers share
the same DocumentRoot. It is recommended
that a different DocumentRoot be made
available for the secure Web server.
To stop the non-secure Web server from accepting connections,
comment out the line in httpd.conf which
reads Listen 80 by placing a hash mark
(#) at the beginning of the line. When
finished, the line looks like the following example:
For more information on configuring an SSL enhanced Web server,
refer to the chapter titled Apache HTTP Secure
Server Configuration in the Red Hat
Enterprise Linux System Administration Guide. For advanced
configuration tips, refer to the Apache Software Foundation
documentation available online at the following URLs:
