Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Apache: Users

port 80 + 8080 + SSL (443)

 

 

Apache users RSS feed   Index | Next | Previous | View Threaded


peterskurt at msn

Feb 16, 2009, 7:22 AM

Post #1 of 7 (2215 views)
Permalink
port 80 + 8080 + SSL (443)

I would like to set up my server to respond with the same website for incoming requests to both port 80 and 8080, but a different virtual server for 443. I set up something like below, but it seems like overkill.





Listen 80
Listen 8080

Listen 443

NameVirtualHost 172.20.30.40:80
NameVirtualHost 172.20.30.40:8080
NameVirtualHost 192.168.1.40:80
NameVirtualHost 192.168.1.40:8080


<VirtualHost 172.20.30.40:80 172.20.30.40:8080 192.168.1.40:80 192.168.1.40:8080>
ServerName www.example.com

ServerAlias LOCALNAME
DocumentRoot /var/www
</VirtualHost>


NameVirtualHost 172.20.30.40:443
NameVirtualHost 192.168.1.40:443

<VirtualHost 172.20.30.40:443 192.168.1.40:443>
ServerName www.example.com
DocumentRoot /var/secwww
</VirtualHost>





Is there an "easier" way to do this? Also, is this right? I do get a warning that Apache2 cannot determine the servername, and I'm not sure what to do to get rid of that error.



On a similar, but equally important note:



I did something like above, but I get a timeout for incoming to https:// when I'm testing it from outside my router. Any hints at what might be going wrong there?



Regards,

Kurt


uhlar at fantomas

Feb 16, 2009, 7:30 AM

Post #2 of 7 (2153 views)
Permalink
Re: port 80 + 8080 + SSL (443) [In reply to]

On 16.02.09 08:22, KURT PETERS wrote:
> I would like to set up my server to respond with the same website for
> incoming requests to both port 80 and 8080, but a different virtual server
> for 443. I set up something like below, but it seems like overkill.

> Listen 80
> Listen 8080
> Listen 443
>
> NameVirtualHost 172.20.30.40:80
> NameVirtualHost 172.20.30.40:8080
> NameVirtualHost 192.168.1.40:80
> NameVirtualHost 192.168.1.40:8080
>
> <VirtualHost 172.20.30.40:80 172.20.30.40:8080 192.168.1.40:80 192.168.1.40:8080>
> ServerName www.example.com
>
> ServerAlias LOCALNAME
> DocumentRoot /var/www
> </VirtualHost>
>
> NameVirtualHost 172.20.30.40:443
> NameVirtualHost 192.168.1.40:443
>
> <VirtualHost 172.20.30.40:443 192.168.1.40:443>
> ServerName www.example.com
> DocumentRoot /var/secwww
> </VirtualHost>

That should work.

> Is there an "easier" way to do this? Also, is this right? I do get a
> warning that Apache2 cannot determine the servername, and I'm not sure
> what to do to get rid of that error.

I don't think there is any easier way, not this is an overkill.
The servername error message is apparently related to different vhost...
or the main server if you don't have ServerName in main config.

> On a similar, but equally important note:

> I did something like above, but I get a timeout for incoming to https://
> when I'm testing it from outside my router. Any hints at what might be
> going wrong there?

port 443 is firewalled or not NAT'ed from outside

--
Matus UHLAR - fantomas, uhlar [at] fantomas ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The 3 biggets disasters: Hiroshima 45, Tschernobyl 86, Windows 95

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd
" from the digest: users-digest-unsubscribe [at] httpd
For additional commands, e-mail: users-help [at] httpd


karel at e-tunity

Feb 16, 2009, 7:41 AM

Post #3 of 7 (2130 views)
Permalink
Re: port 80 + 8080 + SSL (443) [In reply to]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Kurt,

On Feb 16, 2009, at 4:22 PM, KURT PETERS wrote:

> <VirtualHost 172.20.30.40:80 172.20.30.40:8080 192.168.1.40:80
> 192.168.1.40:8080>
> ServerName www.example.com
> ServerAlias LOCALNAME
> DocumentRoot /var/www
> </VirtualHost>
>
> NameVirtualHost 172.20.30.40:443
> NameVirtualHost 192.168.1.40:443
>
> <VirtualHost 172.20.30.40:443 192.168.1.40:443>
> ServerName www.example.com
> DocumentRoot /var/secwww
> </VirtualHost>
>
> Is there an "easier" way to do this?

Since you aren't serving different content based on the hostname that
a browser is requesting, I think that you don't need NameVirtualHost.
You might try simplifying by:

Listen 80
Listen 8080
<VirtualHost *:80 *:8080>
...
</VirtualHost>

Listen 443
<VirtualHost *:443>
...
</VirtualHost>

This is all off the top of my head, you'd need to check directives in
the docs. But answering your question: this may be an easier way, but
your method is certainly valid as well and isn't "overdoing it".

- --
Best regards / met vriendelijke groet, Karel Kubat
Mob +31 6 2956 4861



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)

iEYEARECAAYFAkmZiUcACgkQ23FrzRzybNXKrgCdHWT08hYfX7x4rtjDMGH5GsCD
KEwAniB7GWZDcDoTiTm22d/03tApP+ml
=ahBk
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd
" from the digest: users-digest-unsubscribe [at] httpd
For additional commands, e-mail: users-help [at] httpd


edwardspl at ita

Feb 16, 2009, 7:43 AM

Post #4 of 7 (2134 views)
Permalink
Re: port 80 + 8080 + SSL (443) [In reply to]

Hello,

IP-based or Named-based ?
how many NIC with your Server machine ?

Ed.

KURT PETERS wrote:

> I would like to set up my server to respond with the same website for
> incoming requests to both port 80 and 8080, but a different virtual
> server for 443. I set up something like below, but it seems like overkill.
>
>
> Listen 80
> Listen 8080
> Listen 443
>
> NameVirtualHost 172.20.30.40:80
> NameVirtualHost 172.20.30.40:8080
> NameVirtualHost 192.168.1.40:80
> NameVirtualHost 192.168.1.40:8080
>
> <VirtualHost 172.20.30.40:80 172.20.30.40:8080 192.168.1.40:80
> 192.168.1.40:8080>
> ServerName www.example.com <http://www.example.com>
> ServerAlias LOCALNAME
> DocumentRoot /var/www
> </VirtualHost>
>
> NameVirtualHost 172.20.30.40:443
> NameVirtualHost 192.168.1.40:443
>
> <VirtualHost 172.20.30.40:443 192.168.1.40:443>
> ServerName www.example.com <http://www.example.com>
> DocumentRoot /var/secwww
> </VirtualHost>
>
>
> Is there an "easier" way to do this? Also, is this right? I do get a
> warning that Apache2 cannot determine the servername, and I'm not sure
> what to do to get rid of that error.
>
> On a similar, but equally important note:
>
> I did something like above, but I get a timeout for incoming to
> https:// when I'm testing it from outside my router. Any hints at
> what might be going wrong there?
>
> Regards,
> Kurt
>
>
> __________ Information from ESET Smart Security, version of virus
> signature database 3856 (20090216) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com


covener at gmail

Feb 16, 2009, 10:27 AM

Post #5 of 7 (2124 views)
Permalink
Re: port 80 + 8080 + SSL (443) [In reply to]

> <VirtualHost 172.20.30.40:443 192.168.1.40:443>
> ServerName www.example.com
> DocumentRoot /var/secwww
> </VirtualHost>

in addition to Karel' response, you do need mod_ssl directives to
actually service SSL on this port.


--
Eric Covener
covener [at] gmail

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd
" from the digest: users-digest-unsubscribe [at] httpd
For additional commands, e-mail: users-help [at] httpd


peterskurt at msn

Feb 17, 2009, 10:35 PM

Post #6 of 7 (2118 views)
Permalink
RE: port 80 + 8080 + SSL (443) [In reply to]

Thanks for your help. The *:80 method seems to work. Just have 2 follow-up questions:

1) Did I need to put the Listen 443 AFTER the </VirtualHost> for the 80 and 8080? In other words, does apache2 do the parsing of virtual hosts and "listens" in order?
2) I use godaddy's forwarding feature for my domain name <whatever.com>
does anyone know why I have to use the actual IP address when I want to get my web server to respond to anything other than the port 80 at <whatever.com>? For instance, if I type in <http://www.myserver.com:8080> it does not work, but if I use <http://172.20.30.40:8080> it does!
I'm wondering if this is a godaddy problem or my Apache2 set up. I put my machine in a DMZ for a short period of time to see if it was my router, and that doesn't seem to be the case: it doesn't work with my machine in the DMZ either.
Regards,
Kurt


--Forwarded Message Attachment--
From: karel [at] e-tunity
To: users [at] httpd
Date: Mon, 16 Feb 2009 16:41:59 +0100
Subject: Re: [users [at] http] port 80 + 8080 + SSL (443)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Kurt,

On Feb 16, 2009, at 4:22 PM, KURT PETERS wrote:

> <VirtualHost 172.20.30.40:80 172.20.30.40:8080 192.168.1.40:80
> 192.168.1.40:8080>
> ServerName www.example.com
> ServerAlias LOCALNAME
> DocumentRoot /var/www
> </VirtualHost>
>
> NameVirtualHost 172.20.30.40:443
> NameVirtualHost 192.168.1.40:443
>
> <VirtualHost 172.20.30.40:443 192.168.1.40:443>
> ServerName www.example.com
> DocumentRoot /var/secwww
> </VirtualHost>
>
> Is there an "easier" way to do this?

Since you aren't serving different content based on the hostname that
a browser is requesting, I think that you don't need NameVirtualHost.
You might try simplifying by:

Listen 80
Listen 8080
<VirtualHost *:80 *:8080>
...
</VirtualHost>

Listen 443
<VirtualHost *:443>
...
</VirtualHost>

This is all off the top of my head, you'd need to check directives in
the docs. But answering your question: this may be an easier way, but
your method is certainly valid as well and isn't "overdoing it".

- --
Best regards / met vriendelijke groet, Karel Kubat
Mob +31 6 2956 4861



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)

iEYEARECAAYFAkmZiUcACgkQ23FrzRzybNXKrgCdHWT08hYfX7x4rtjDMGH5GsCD
KEwAniB7GWZDcDoTiTm22d/03tApP+ml
=ahBk
-----END PGP SIGNATURE-----


--Forwarded Message Attachment--
Date: Mon, 16 Feb 2009 13:27:59 -0500
From: covener [at] gmail
To: users [at] httpd
Subject: Re: [users [at] http] port 80 + 8080 + SSL (443)

> <VirtualHost 172.20.30.40:443 192.168.1.40:443>
> ServerName www.example.com
> DocumentRoot /var/secwww
> </VirtualHost>

in addition to Karel' response, you do need mod_ssl directives to
actually service SSL on this port.


--
Eric Covener
covener [at] gmail


krist.vanbesien at gmail

Feb 17, 2009, 11:33 PM

Post #7 of 7 (2108 views)
Permalink
Re: RE: port 80 + 8080 + SSL (443) [In reply to]

On Wed, Feb 18, 2009 at 7:35 AM, KURT PETERS <peterskurt [at] msn> wrote:
> Thanks for your help. The *:80 method seems to work. Just have 2 follow-up
> questions:
>
> 1) Did I need to put the Listen 443 AFTER the </VirtualHost> for the 80 and
> 8080? In other words, does apache2 do the parsing of virtual hosts and
> "listens" in order?

No. You can safely put all the "Listens" up front.

> 2) I use godaddy's forwarding feature for my domain name <whatever.com>
> does anyone know why I have to use the actual IP address when I want to get
> my web server to respond to anything other than the port 80 at
> <whatever.com>? For instance, if I type in <http://www.myserver.com:8080>
> it does not work, but if I use <http://172.20.30.40:8080> it does!
> I'm wondering if this is a godaddy problem or my Apache2 set up.

It's a "GoDaddy" problem. The way their forwarding works is that they
set up a virtualhost with your domain name on one of their servers,
and forward all requests. But they only do this for port 80.

You need to make whatever.com point directly to your IP, in stead of
using a forwarding service. If your IP is dynamic you could use a
service like zoneedit.com. I've been using them for ages now for my
homeserver.


Krist

--
krist.vanbesien [at] gmail
krist [at] vanbesien
Bremgarten b. Bern, Switzerland
--
A: It reverses the normal flow of conversation.
Q: What's wrong with top-posting?
A: Top-posting.
Q: What's the biggest scourge on plain text email discussions?

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd
" from the digest: users-digest-unsubscribe [at] httpd
For additional commands, e-mail: users-help [at] httpd

Apache users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.