Virtual Hosts Setup - Administration

The second article in our series on setting up webservers the easy way, this article covers setting up virtual hosts, allowing you to server multiple domains from one box; and certificates, which are needed to do SSL.

TABLE OF CONTENTS:

By: Israel Denis Jr. and Eugene Otto

Poor Best

Rating:

/ 2

June 26, 2000

print this article

SEARCH DEV SHED

TOOLS YOU CAN USE

Now it is time to configure Apache to handle some virtual hosts. Virtual Hosting is quite simple to do because of the flexibilty that is offered by Apache. First, you need a DNS server to point the domain of the virtual host to the IP of the webserver. Use a CNAME record in the DNS to point your_virtual_domain.com to the server's IP. Second, you need to modify the Apache configuration file httpd.conf to add the new virtual domain. Remember, this is just a very basic example, we encourage you to read up on the Apache Directives.

Let's look at a snippet of the httpd.conf:

#---------------------------------------------------------------#

# VIRTUAL HOST SECTION NON-SSL

#---------------------------------------------------------------#

# VirtualHost directive allows you to specify another virtual

# domain on your server. Most Apache options can be specified

# within this section.

Listen 10.10.10.10:80

# Mail to this address on errors

ServerAdmin webmaster@domain1.com

# Where documents are kept in the virtual domain

# this is an absolute path. So you may want to put

# in a location where the owner can get to it.

DocumentRoot /home/vhosts/domain1.com/www/

# Since we will use PHP to create basically

# all our file we put a directive to the Index file.

DirectoryIndex index.php

# Name of the server

ServerName www.domain1.com

# Log files Relative to ServerRoot option

ErrorLoglogs/domain1.com-error_log

TransferLog logs/domain1.com-access_log

RefererLog logs/domain1.com-referer_log

AgentLoglogs/domain1.com-agent_log

# Use CGI scripts in this domain. In the next case you

# can see that it does not have CGI scripts. Please

# read up on the security issues relating to CGI-scripting

ScriptAlias /cgi-bin/ /var/www/cgi-bin/domain1.com/

AddHandler cgi-script .cgi

AddHandler cgi-script .pl

</VirtualHost>

Listen 10.10.10.20:80

# This is another domain. Note that you could host

# multiple domains this way...

# Mail to this address on errors

ServerAdmin webmaster@domain2.com

# Where documents are kept in the virtual domain

DocumentRoot /virtual/domain2.com/www/html

# Name of the server

ServerName www.domain2.com

# Log files Relative to ServerRoot option

ErrorLoglogs/domain2.com-error_log

TransferLog logs/domain2.com-access_log

RefererLog logs/domain2.com-referer_log

AgentLoglogs/domain2.com-agent_log

# No CGI's for this host

</VirtualHost>

# End: virtual host section

Use the example above to help create virtual hosts on your server. If you want, you can read more about every directive at http://www.apache.org.

#--------------------------------------------#

# SSL Virtual Host Context

#--------------------------------------------#

Listen 10.10.10.30:80

# General setup for the virtual host

DocumentRoot /usr/local/apache/htdocs

ServerAdminwebmaster@securedomain1.com

ServerName www.securedomain1.com

ErrorLoglogs/domain1.com-error_log

TransferLoglogs/domain1.com-transfer_log

# SSL Engine Switch:

# Enable/Disable SSL for this virtual host.

SSLEngine on

# Server Certificate:

# Point SSLCertificateFile at a PEM encoded certificate. If

# the certificate is encrypted, then you will be prompted for a

# pass phrase. Note that a kill -HUP will prompt again. A test

# certificate can be generated with `make certificate' under

# built time. Keep in mind that if you've both a RSA and a DSA

# certificate you can configure both in parallel (to also allow

# the use of DSA ciphers, etc.)

# Note that I keep my certificate files located in a central

# location. You could change this if you are an ISP, or ASP.

SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt

# Server Private Key:

# If the key is not combined with the certificate, use this

# directive to point at the key file. Keep in mind that if

# you've both a RSA and a DSA private key you can configure

# both in parallel (to also allow the use of DSA ciphers, etc.)

SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key

# Per-Server Logging:

# The home of a custom SSL log file. Use this when you want a

# compact non-error SSL logfile on a virtual host basis.

CustomLog /usr/local/apache/logs/ssl_request_log \

"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

Keep in mind that there are many more directives you can specify. We would need to cover those in an article related specifically to configuring Apache. This document is meant only to be an introductory guide to get you started.

Next: Creating Certificates >>