# [SOLVED] Apache defaults to first virtual server

## NotExcessive

Hi all;

I have a problem with Apache: I'm using a virtual name-server setup and that bit works fine, but when I go to the basic IP address with a browser, it takes me to the first virtual server instead of whatever I have in /var/www/localhost/htdocs.

The virtual servers are in a totally different directory, and if I go to http://localhost or https://localhost on the actual machine itself with links2, then I see index.html in /var/www/localhost/htdocs just as I should.

From the network, if I go to http://192.168.4.6 (the machine's address) I see the first virtual server instead, but if I go to https://192.168.1.6, then I see index.html in /var/www/localhost/htdocs, again just as I should be seeing.

Here are my configuration files for the default host settings:

/etc/apache2/vhosts.d/default_vhost_conf:

```
# Virtual Hosts

#

# If you want to maintain multiple domains/hostnames on your

# machine you can setup VirtualHost containers for them. Most configurations

# use only name-based virtual hosts so the server doesn't need to worry about

# IP addresses. This is indicated by the asterisks in the directives below.

#

# Please see the documentation at

# <URL:http://httpd.apache.org/docs/2.2/vhosts/>

# for further details before you try to setup virtual hosts.

#

# You may use the command line option '-S' to verify your virtual host

# configuration.

<IfDefine DEFAULT_VHOST>

# see bug #178966 why this is in here

# Listen: Allows you to bind Apache to specific IP addresses and/or

# ports, instead of the default. See also the <VirtualHost>

# directive.

#

# Change this to Listen on specific IP addresses as shown below to

# prevent Apache from glomming onto all bound IP addresses.

#

#Listen 12.34.56.78:80

Listen 80

# Use name-based virtual hosting.

NameVirtualHost *:80

# When virtual hosts are enabled, the main host defined in the default

# httpd.conf configuration will go away. We redefine it here so that it is

# still available.

#

# If you disable this vhost by removing -D DEFAULT_VHOST from

# /etc/conf.d/apache2, the first defined virtual host elsewhere will be

# the default.

<VirtualHost *:80>

<------>ServerName localhost

<------>Include /etc/apache2/vhosts.d/default_vhost.include

<------><IfModule mpm_peruser_module>

<------><------>ServerEnvironment apache apache

<------></IfModule>

</VirtualHost>

</IfDefine>

# vim: ts=4 filetype=apache
```

And of course I have  -D DEFAULT_VHOST in /etc/conf.d/apache2 as per the comment in the file.

/etc/apache2/vhosts.d/default_vhost.include:

```
DocumentRoot "/var/www/localhost/htdocs"

# This should be changed to whatever you set DocumentRoot to.

<Directory "/var/www/localhost/htdocs">

   # Possible values for the Options directive are "None", "All",

   # or any combination of:

   #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews

   #

   # Note that "MultiViews" must be named *explicitly* --- "Options All"

   # doesn't give it to you.

   #

   # The Options directive is both complicated and important.  Please see

   # http://httpd.apache.org/docs/2.2/mod/core.html#options

   # for more information.

   Options Indexes FollowSymLinks

   # AllowOverride controls what directives may be placed in .htaccess files.

   # It can be "All", "None", or any combination of the keywords:

   #   Options FileInfo AuthConfig Limit

   AllowOverride All

   # Controls who can get stuff from this server.

   Order allow,deny

   Allow from all

</Directory>

<IfModule alias_module>

   # Redirect: Allows you to tell clients about documents that used to

   # exist in your server's namespace, but do not anymore. The client

   # will make a new request for the document at its new location.

   # Example:

   #   Redirect permanent /foo http://www.example.com/bar

   # Alias: Maps web paths into filesystem paths and is used to

   # access content that does not live under the DocumentRoot.

   # Example:

   #   Alias /webpath /full/filesystem/path

   #

   # If you include a trailing / on /webpath then the server will

   # require it to be present in the URL.  You will also likely

   # need to provide a <Directory> section to allow access to

   # the filesystem path.

   # ScriptAlias: This controls which directories contain server scripts.

   # ScriptAliases are essentially the same as Aliases, except that

   # documents in the target directory are treated as applications and

   # run by the server when requested rather than as documents sent to the

   # client.  The same rules about trailing "/" apply to ScriptAlias

   # directives as to Alias.

   ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/"

</IfModule>

# "/var/www/localhost/cgi-bin" should be changed to whatever your ScriptAliased

# CGI directory exists, if you have that configured.

<Directory "/var/www/localhost/cgi-bin">

   AllowOverride None

   Options None

   Order allow,deny

   Allow from all

</Directory>

# vim: ts=4 filetype=apache
```

/etc/apache2/vhosts.d/default_ssl_vhost_conf:

```
<IfDefine SSL>

<IfDefine SSL_DEFAULT_VHOST>

<IfModule ssl_module>

# see bug #178966 why this is in here

# When we also provide SSL we have to listen to the HTTPS port

# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two

# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443"

Listen 443

<VirtualHost _default_:443>

   ServerName localhost

   Include /etc/apache2/vhosts.d/default_vhost.include

   ErrorLog /var/log/apache2/ssl_error_log

   <IfModule log_config_module>

      TransferLog /var/log/apache2/ssl_access_log

   </IfModule>

   ## SSL Engine Switch:

   # Enable/Disable SSL for this virtual host.

   SSLEngine on

   ## SSL Cipher Suite:

   # List the ciphers that the client is permitted to negotiate.

   # See the mod_ssl documentation for a complete list.

   SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

   ## Server Certificate:

   # Point SSLCertificateFile at a PEM encoded certificate. If the certificate

   # is encrypted, then you will be prompted for a pass phrase. Note that a 

   # kill -HUP will prompt again. Keep in mind that if you have both an RSA

   # and a DSA certificate you can configure both in parallel (to also allow

   # the use of DSA ciphers, etc.)

   SSLCertificateFile /etc/apache2/ssl/new.cert.cert

   ## Server Private Key:

   # If the key is not combined with the certificate, use this directive to

   # point at the key file. Keep in mind that if you've both a RSA and a DSA

   # private key you can configure both in parallel (to also allow the use of

   # DSA ciphers, etc.)

   SSLCertificateKeyFile /etc/apache2/ssl/new.cert.key

   ## Server Certificate Chain:

   # Point SSLCertificateChainFile at a file containing the concatenation of 

   # PEM encoded CA certificates which form the certificate chain for the

   # server certificate. Alternatively the referenced file can be the same as

   # SSLCertificateFile when the CA certificates are directly appended to the

   # server certificate for convinience.

   #SSLCertificateChainFile /etc/ssl/apache2/ca.crt

   ## Certificate Authority (CA):

   # Set the CA certificate verification path where to find CA certificates

   # for client authentication or alternatively one huge file containing all

   # of them (file must be PEM encoded).

   # Note: Inside SSLCACertificatePath you need hash symlinks to point to the

   # certificate files. Use the provided Makefile to update the hash symlinks

   # after changes.

   #SSLCACertificatePath /etc/ssl/apache2/ssl.crt

   #SSLCACertificateFile /etc/ssl/apache2/ca-bundle.crt

   ## Certificate Revocation Lists (CRL):

   # Set the CA revocation path where to find CA CRLs for client authentication

   # or alternatively one huge file containing all of them (file must be PEM 

   # encoded).

   # Note: Inside SSLCARevocationPath you need hash symlinks to point to the

   # certificate files. Use the provided Makefile to update the hash symlinks

   # after changes.

   #SSLCARevocationPath /etc/ssl/apache2/ssl.crl

   #SSLCARevocationFile /etc/ssl/apache2/ca-bundle.crl

   ## Client Authentication (Type):

   # Client certificate verification type and depth. Types are none, optional,

   # require and optional_no_ca. Depth is a number which specifies how deeply

   # to verify the certificate issuer chain before deciding the certificate is

   # not valid.

   #SSLVerifyClient require

   #SSLVerifyDepth  10

   ## Access Control:

   # With SSLRequire you can do per-directory access control based on arbitrary

   # complex boolean expressions containing server variable checks and other

   # lookup directives. The syntax is a mixture between C and Perl. See the

   # mod_ssl documentation for more details.

   #<Location />

   #   #SSLRequire (    %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \

   #   and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \

   #   and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \

   #   and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \

   #   and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20       ) \

   #   or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/

   #</Location>

   ## SSL Engine Options:

   # Set various options for the SSL engine.

   ## FakeBasicAuth:

   # Translate the client X.509 into a Basic Authorisation. This means that the

   # standard Auth/DBMAuth methods can be used for access control. The user 

   # name is the `one line' version of the client's X.509 certificate. 

   # Note that no password is obtained from the user. Every entry in the user 

   # file needs this password: `xxj31ZMTZzkVA'.

   ## ExportCertData:

   # This exports two additional environment variables: SSL_CLIENT_CERT and 

   # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the server

   # (always existing) and the client (only existing when client 

   # authentication is used). This can be used to import the certificates into

   # CGI scripts.

   ## StdEnvVars:

   # This exports the standard SSL/TLS related `SSL_*' environment variables. 

   # Per default this exportation is switched off for performance reasons, 

   # because the extraction step is an expensive operation and is usually 

   # useless for serving static content. So one usually enables the exportation

   # for CGI and SSI requests only.

   ## StrictRequire:

   # This denies access when "SSLRequireSSL" or "SSLRequire" applied even under

   # a "Satisfy any" situation, i.e. when it applies access is denied and no

   # other module can change it.

   ## OptRenegotiate:

   # This enables optimized SSL connection renegotiation handling when SSL 

   # directives are used in per-directory context.

   #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire

   <FilesMatch "\.(cgi|shtml|phtml|php)$">

      SSLOptions +StdEnvVars

   </FilesMatch>

   <Directory "/var/www/localhost/cgi-bin">

      SSLOptions +StdEnvVars

   </Directory>

   ## SSL Protocol Adjustments:

   # The safe and default but still SSL/TLS standard compliant shutdown

   # approach is that mod_ssl sends the close notify alert but doesn't wait

   # for the close notify alert from client. When you need a different

   # shutdown approach you can use one of the following variables:

   ## ssl-unclean-shutdown:

   # This forces an unclean shutdown when the connection is closed, i.e. no

   # SSL close notify alert is send or allowed to received.  This violates the

   # SSL/TLS standard but is needed for some brain-dead browsers. Use this when

   # you receive I/O errors because of the standard approach where mod_ssl

   # sends the close notify alert.

   ## ssl-accurate-shutdown:

   # This forces an accurate shutdown when the connection is closed, i.e. a

   # SSL close notify alert is send and mod_ssl waits for the close notify

   # alert of the client. This is 100% SSL/TLS standard compliant, but in

   # practice often causes hanging connections with brain-dead browsers. Use

   # this only for browsers where you know that their SSL implementation works

   # correctly. 

   # Notice: Most problems of broken clients are also related to the HTTP 

   # keep-alive facility, so you usually additionally want to disable 

   # keep-alive for those clients, too. Use variable "nokeepalive" for this.

   # Similarly, one has to force some clients to use HTTP/1.0 to workaround

   # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and

   # "force-response-1.0" for this.

   <IfModule setenvif_module>

      BrowserMatch ".*MSIE.*" \

         nokeepalive ssl-unclean-shutdown \

         downgrade-1.0 force-response-1.0

   </IfModule>

   ## Per-Server Logging:

   # The home of a custom SSL log file. Use this when you want a compact 

   # non-error SSL logfile on a virtual host basis.

   <IfModule log_config_module>

      CustomLog /var/log/apache2/ssl_request_log \

         "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

   </IfModule>

</VirtualHost>

</IfModule>

</IfDefine>

</IfDefine>

# vim: ts=4 filetype=apache
```

I can't see the error in the configuration; can anybody help?Last edited by NotExcessive on Thu Mar 14, 2013 11:06 pm; edited 1 time in total

----------

## eyoung100

See Avoiding the Default Website

Particularly the part about Alphabetical Order and 00*

This Series at Slicehost got me started: Apache Virtual Hosts on Gentoo - part 1

----------

## NotExcessive

 *eyoung100 wrote:*   

> See Avoiding the Default Website
> 
> Particularly the part about Alphabetical Order and 00*
> 
> This Series at Slicehost got me started: Apache Virtual Hosts on Gentoo - part 1

 

Thanks for that: I'd totally forgotten about the alphabetical ordering thing. Set the 00_ prefix on the default conf files and all good  :Smile: 

----------

## eyoung100

Not a Problem, just recently set up a dev box for mono using apache, took me a few hours last saturday... Dont forget to add Solved.

----------

