# Apache & Vhost do you need it?

## DancesWithWords

Hi,

I've got a question?

Am I right in assuming that vhost is only necessary for using multiple virtual domains?

If that is true, how do you configure a simple webserver without vhost using apache 2.2.6?  I've run apache 2.0 for quite await and had now problems, but I can't seem to find a simple config for 2.2.6.

--

DWW

If needed I can post my old http.conf file and apache file.

----------

## magic919

You can remove vhosts from /etc/conf.d/apache2 and /etc/apache2/httpd.conf if you must.

----------

## DancesWithWords

 *magic919 wrote:*   

> You can remove vhosts from /etc/conf.d/apache2 and /etc/apache2/httpd.conf if you must.

 

"if you must" does not sound like a ring endorsement of my suggestion?  Should I conclude that even if using just one domain that it should be configured as a vhost?

--

DWW

----------

## magic919

I run half a dozen servers and only one serves multiple domains under Apache.  The Gentoo approach is the default vhost.    I'd deviate from that if I had a good reason.  There has been a heap of changes with Apache, as the forum will testify.  It's easier to stay on the Gentoo path, albeit a bit bumpy at times  :Smile: 

----------

## DancesWithWords

 *magic919 wrote:*   

> I run half a dozen servers and only one serves multiple domains under Apache.  The Gentoo approach is the default vhost.    I'd deviate from that if I had a good reason.  There has been a heap of changes with Apache, as the forum will testify.  It's easier to stay on the Gentoo path, albeit a bit bumpy at times 

 

Well it has been bumpy for me.  My understanding of apache is poor.  Thought I successfully got apache 2.0 to run, I've never got 2.2.6 to run successfully based on my old http.conf.  Mostly because I don't understand the gentoo way and I've never read a very good explanation of the gentoo way and apache 2.2.X

So if I interpret you right vhost is the way gentoo would like its users to go even if they are only using one domain?

---

bruce

----------

## magic919

Apache has been painful for many of us.  I'm sure the changes were not made lightly though.  The 2.2 method seems to be 4 config files - 1 httpd.conf and 3 in vhosts.d.

I'd say emerge 2.2 and accept its config files (all of them).  At that point it will work.  

Then either edit default_vhost.include or just create a further file 10_your_config.conf (in vhosts.d) with the details you want.

----------

## DancesWithWords

 *magic919 wrote:*   

> Apache has been painful for many of us.  I'm sure the changes were not made lightly though.  The 2.2 method seems to be 4 config files - 1 httpd.conf and 3 in vhosts.d.
> 
> I'd say emerge 2.2 and accept its config files (all of them).  At that point it will work.  
> 
> Then either edit default_vhost.include or just create a further file 10_your_config.conf (in vhosts.d) with the details you want.

 

Okay it is running, but I don't see my site; see message:

==========================================

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, root@localhost and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

Apache Server at stargazer.dvrdns.org Port 80

ERROR 500

--

DWW

----------

## i92guboj

If you don't need vhosts and fancy features, and you want to save some ram and resources, you should consider running something like lighttpd. It will still work with php and the like, but it is much lighter than apache. If apache is a must, then just ignore this post  :Smile: 

----------

## DancesWithWords

 *i92guboj wrote:*   

> If you don't need vhosts and fancy features, and you want to save some ram and resources, you should consider running something like lighttpd. It will still work with php and the like, but it is much lighter than apache. If apache is a must, then just ignore this post 

 

Thanks. I'll give that some thought, but in the meantime I'd like to get this apache thing whipped as I've been struggling with it for a while and I don't quit just like that.  

Right now I just want to get my Wordpress and Gallery working again.

--

bruce

----------

## pdr

Make sure that in /etc/conf.d/apache2 that you have:

```
APACHE2_OPTS="-D DEFAULT_VHOST -D PHP5"
```

You only need the '-D PHP5' if you installed php and want to use it with apache.

/etc/apache2/httpd.conf has an Include directive which will pull in all /etc/apache2/vhosts.d/*.conf files. If you look in /etc/apache2/vhosts.d you will see that the default setup comes with 00_default_ssl_vhost.conf and 00_default_vhost.conf. If you haven't mucked with them then the '-D DEFAULT_HOST' will make 00_default_vhost.conf be your virtual host (because the whole file contents is wrapped in a <IfDefine DEFAULT_VHOST> directive). Apache will ignore 00_default_ssl_vhost.conf because it is completely wrapped in a "<IfDefine SSL>" directive, which you did not define in APACHE2_OPTS.

Besides setting up normal stuff (basic security, listing to port 80, etc) 00_default_vhost.conf will also include /etc/apache2/vhosts.d/default_vhost_include to actually define things like your ServerAdmin email address, ServerName (which you need since this is included inside a VirtualHost tag in 00_default_vhost.conf). So edit this file (default_vhost.include) for your configuration.

----------

## DancesWithWords

 *pdr wrote:*   

> Make sure that in /etc/conf.d/apache2 that you have:
> 
> ```
> APACHE2_OPTS="-D DEFAULT_VHOST -D PHP5"
> ```
> ...

 

I'm still trying...

lastest error:

apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName

my default_vhost.include file:

====================

# ServerAdmin: Your address, where problems with the server should be

# e-mailed.  This address appears on some server-generated pages, such

# as error documents.  e.g. admin@your-domain.com

ServerAdmin root@localhost

# ServerName gives the name and port that the server uses to identify itself.

# This can often be determined automatically, but we recommend you specify

# it explicitly to prevent problems during startup.

#

# If your host doesn't have a registered DNS name, enter its IP address here.

#

#ServerName www.example.com:80

ServerName mysite.dvrdns.org:80

# DocumentRoot: The directory out of which you will serve your

# documents. By default, all requests are taken from this directory, but

# symbolic links and aliases may be used to point to other locations.

#

# If you change this to something that isn't under /var/www then suexec

# will no longer work.

DocumentRoot "/var/www/localhost/htdocs"

# This should be changed to whatever you set DocumentRoot to.

<Directory "/var/www/localhost/htdocs">

	# Possible values for the Options directive are "None", "All",

	# or any combination of:

	#   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews

	#

	# Note that "MultiViews" must be named *explicitly* --- "Options All"

	# doesn't give it to you.

	#

	# The Options directive is both complicated and important.  Please see

	# http://httpd.apache.org/docs/2.2/mod/core.html#options

	# for more information.

	Options Indexes FollowSymLinks

	# AllowOverride controls what directives may be placed in .htaccess files.

	# It can be "All", "None", or any combination of the keywords:

	#   Options FileInfo AuthConfig Limit

	AllowOverride FileInfo

	# Controls who can get stuff from this server.

	Order allow,deny

	Allow from all

</Directory>

<IfModule alias_module>

	# Redirect: Allows you to tell clients about documents that used to

	# exist in your server's namespace, but do not anymore. The client

	# will make a new request for the document at its new location.

	# Example:

	#   Redirect permanent /foo http://www.example.com/bar

	# Alias: Maps web paths into filesystem paths and is used to

	# access content that does not live under the DocumentRoot.

	# Example:

	#   Alias /webpath /full/filesystem/path

	#

	# If you include a trailing / on /webpath then the server will

	# require it to be present in the URL.  You will also likely

	# need to provide a <Directory> section to allow access to

	# the filesystem path.

	# ScriptAlias: This controls which directories contain server scripts.

	# ScriptAliases are essentially the same as Aliases, except that

	# documents in the target directory are treated as applications and

	# run by the server when requested rather than as documents sent to the

	# client.  The same rules about trailing "/" apply to ScriptAlias

	# directives as to Alias.

	ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/"

</IfModule>

# "/var/www/localhost/cgi-bin" should be changed to whatever your ScriptAliased

# CGI directory exists, if you have that configured.

<Directory "/var/www/localhost/cgi-bin">

	AllowOverride None

	Options None

	Order allow,deny

	Allow from all

</Directory>

DirectoryIndex index.html index.html.var index.php

# vim: ts=4 filetype=apache

===============================================

Now I don't want anything completed I just want to get me wordpress and gallery re-running.

----------

## pdr

The error means you have not set up hostname and resolv.conf correctly - search the forums.

If you are running only a single host you can use ServerName *:80

----------

## pdr

Here is my setup. My server does not run under DHCP - it has a static IP address of 192.168.1.2. It's name is "central", and for external access I have a DNS with DynDNS that is (changed to protect the innocent) xyz.homelinux.org and my fully qualified domain name is central.xyz.homelinux.org

Note that I have a router/firewall between the server and the DSL modem, and it (will) forwards port 80 packets to the server.

/etc/conf.d/domainname:

```

OVERRIDE = 1 (the default)

#DNSDOMAIN="..."

NISDOMAIN=""

```

/etc/conf.d/domainname:

```

HOSTNAME="central"

```

/etc/conf.d/net:

```

config_eth0=( "192.168.1.2 netmask 255.255.255.0" )

routes_eth0=( "default gw 192.168.1.1" )  - 192.168.1.1 is the router/firewall between the server and the DSL modem

dns_domain_eth0="xyz.homelinux.org"

```

/etc/resolv.conf:

```

domain xyz.homelinux.org

search central.xyz.homelinux.org

nameserver (the IP from my ISP)

nameserver (the secondary IP from my ISP)

```

Note that I run dnsmasq on my server as a name server for my local intranet, so some entries in resolv.conf might be to support that.. don't remember.

I commented out lots of LoadModule calls on httpd.conf, but that should not effect how I laid out default_vhost.include:

```

ServerAdmin (my email address)

ServerName xyz.homelinux.org (because external hit would be http://xyz.homelinux.org/somepage.php)

DocumentRoot /var/www/apps  (this is where I put my web apps)

<Directory "/var/www/apps">

    Options None

    AllowOverride None

    Order allow,deny

    Allow from 192.168 (will be changed to all when my site is done)

</Directory>

```

My site is using PHP, and not using SSL

/etc/conf.d/apache2:

```

... all default and commented out except:

APACHE2_OPTS="-D DEFAULT_VHOST -D LANGUAGE -D PHP5"

```

I have had the server available externally before, so I know the FQDN etc are all set up correctly.

----------

## pdr

Oh yeah..

In the internal intranet, I can hit apache using http://central/xxx.php or http://central.xyz.homelinux.org/xxx.php - doesn't matter. You would have to have appropriate entries in your resolv.conf on the local machine. From the server itself I can also use http://localhost/xxx.php

----------

## DancesWithWords

 *pdr wrote:*   

> Oh yeah..
> 
> In the internal intranet, I can hit apache using http://central/xxx.php or http://central.xyz.homelinux.org/xxx.php - doesn't matter. You would have to have appropriate entries in your resolv.conf on the local machine. From the server itself I can also use http://localhost/xxx.php

 

Thanks for this I've set up a second server, to test this stuff out on.  In the mean time I down graded the main server to a pre-2.2.6 apache version that I know works with the old httpd.conf.  :Smile: 

I'll master this new apache config system if it kills me. LOL  But honestly I just don't want hack something together this time, in the end I'd really like to know why it is configured the way it is.

--

DWW

PS. More updates to follow.

PPS. Don't I say thank you for your help yet?  If not, big thank you for your suggestions.

----------

## pdr

Whenever I'm setting up a new apache server, here is what I do:

1. emerge it   :Wink: 

2. Go through /etc/apache2/httpd.conf and for each LoadModule in it go to the apache web site documentation, look up the module and see what it does; if I do not explicitly need it, comment it out. Pay specific attention to the directives it supports - if you do not use any of the directives, you almost certainly do not need the module.

The above can lead to interesting effects you have to watch for. For example, I do not need any of the directives from mod_dir so I commented it out; however for reasons I do not agree with, the apache group uses the directive (NOT wrapped in an IfModule tag) in /etc/apache2/modules.d/70_mod_php.conf (they append index.php to the list of files that apache will use when the url requests a directory). So I went in and modified 70_mod_php.conf and wrapped the directive in an <IfModule ..></IfModule> tag.

3. In /etc/apache2/httpd.conf you can note that it Includes /etc/apache2/vhosts.d/*.conf, so my next stop is in that directory. You can see that by default there are two: 00_default_ssl_vhost.conf and 00_default_vhost.conf. Both have their entire contents wrapped in a <IfDefine ..></IfDefine> tag; so 00_default_ssl_vhost.conf contents will only get processed if SSL is defined (in /etc/conf.d/apache2 - the APACHE2_OPTS variable), and 00_default_vhost.conf contents will only get processed if DEFAULT_VHOST is defined (again, in APACHE2_OPTS).

If (at work) I am going to use multiple virtual hosts then I do NOT define DEFAULT_VHOST in APACHE2_OPTS, and instead make my own xxx.conf files in /etc/apache2/vhosts.d directory (I make one file for each vhost I want created). If I only want one host (at home - the config I showed earlier) I define DEFAULT_VHOST and use it's config.

For working with 00_default_vhost.conf I again go through line-by-line. Some of it is self-explanatory. I only have one active NIC on my server, so I leave the Listen directive commented out.

While I do not actually need NameVirtualHost directive (ie enabling virtual hosts), that is what I work with at work and am most comfortable with, so I leave it enabled.

Since I am running only one port, I leave the VirtualHost using *:80

Since I want to stick as close as I can to the default gentoo installation, I leave contents of the <VirtualHost></VirtualHost> intact - that is, that the majority of the config is Included from default_vhost.include. And that is my next step - walk through default_vhost.include line by line.

The comments in the file define why most of the directives are used they way they are (and how you should modify them).

I like to wipe out the default apache directory (/var/www/htdocs or whatever - I don't have it any more   :Razz:   ); I prefer using /var/www/apps and then having a separate directory under it for each application I plan to run. Because of that I set the DocumentRoot to /var/www/apps.

I then change the <Directory /var/www/htdocs></Directory> from the default to <Directory "/var/www/apps"></Directory> and give it the most draconian security by default - Options none, AllowOverride None, and only allow access from the local intranet. When an app is ready to be seen by the rest of the internet I will add a <Directory "/var/www/apps/my_good_app"></Directory> tag, and Allow all to access it. I comment out everything else that was in the file by default because I do not usually use cgi scripts (and in fact already disabled the module).

Basically I start with a minimal configuration and add to it only when needed. For example, as I said I don't use mod_dir. So if I want a user coming in on the "/" url (eg: http://xxx.homelinux.org/) to not get a 404 Not Found status, I have to add a directive to alias that to a real resource. And, in fact, I do leave mod_alias enabled for just this purpose. In fact I would actually use a Redirect (also in mod_alias) so that the user's browser and any proxy servers can cache the real resource URL instead.

----------

## DancesWithWords

 *pdr wrote:*   

> Whenever I'm setting up a new apache server, here is what I do:
> 
> 1. emerge it  
> 
> 2. Go through /etc/apache2/httpd.conf and for each LoadModule in it go to the apache web site documentation, look up the module and see what it does; if I do not explicitly need it, comment it out. Pay specific attention to the directives it supports - if you do not use any of the directives, you almost certainly do not need the module.
> ...

 

This is hugely useful info.  It is to bad that sometimes it is hard to come by.  As I work thru my new server I'll try to apply what you have give me here.

Thanks.

--

DWW

----------

## pdr

http://www.apache.org is your friend. If you go into the HTTP server section, documentation, they have a "Directive Quick Reference". The alphabet are links into the directives, so if you are in httpd.conf and see the LoadModule directive, go to the apache docs, click on the "L" link, and you'll find LoadModule; click on that link and you will see a description of the directive.

This is not as useful to add new features as you won't know the name of the directive to use yet, but to clean up the default config it is excellent. And it can also help if you find a directive that is "kind of like" what you are after - see what module the directive is in, and then look up that module - it will list all the directives that module supports.

----------

