# Apache vhosts

## Shelnutt2

So I've googled and googled, I've read everything I can find but for the life of my I can't get vhosts to work.

I have to redirecting domains (a.org and b.org) that redirect to my home box. I wanted to set it up so that a person going to each domain would end up at different sites. At first I tried dynamic vhosting but that didn't work. So I decided to explicitly list them. I wasn't sure if I should put them both in the default.conf file or create two independent .conf files.

First I tried two .conf file one in each domain name. However then apache would start but didn't start a service. I ran nmap on myself and there was no port 80 service. Next I tried changing my httpd.conf and changing back to -D DEFAULT_VHOSTS from -D DYNAMIC_VHOSTS (which I tied when I tried dynamic vhosting). Still nothing. So I put both configs in my 00_default_vhost.conf file. Now apache is working and I can access both servers but only from this local box. If I take the domains out of my hosts file, or try any other box on my lan or from the web I can't access it. My ports are forwarded correctly on my router. If you do a nmap os probe you get that I'd running gentoo. I'm stuck. Below are my conf files and my 

httpd.conf

```
# This is a modification of the default Apache 2.2 configuration file

# for Gentoo Linux.

#

# Support:

#   http://www.gentoo.org/main/en/lists.xml   [mailing lists]

#   http://forums.gentoo.org/                 [web forums]

#   irc://irc.freenode.net#gentoo-apache      [irc chat]

#

# Bug Reports:

#   http://bugs.gentoo.org                    [gentoo related bugs]

#   http://httpd.apache.org/bug_report.html   [apache httpd related bugs]

#

#

# This is the main Apache HTTP server configuration file.  It contains the

# configuration directives that give the server its instructions.

# See <URL:http://httpd.apache.org/docs/2.2> for detailed information.

# In particular, see

# <URL:http://httpd.apache.org/docs/2.2/mod/directives.html>

# for a discussion of each configuration directive.

#

# Do NOT simply read the instructions in here without understanding

# what they do.  They're here only as hints or reminders.  If you are unsure

# consult the online docs. You have been warned.

#

# Configuration and logfile names: If the filenames you specify for many

# of the server's control files begin with "/" (or "drive:/" for Win32), the

# server will use that explicit path.  If the filenames do *not* begin

# with "/", the value of ServerRoot is prepended -- so "var/log/apache2/foo_log"

# with ServerRoot set to "/usr" will be interpreted by the

# server as "/usr/var/log/apache2/foo.log".

# ServerRoot: The top of the directory tree under which the server's

# configuration, error, and log files are kept.

#

# Do not add a slash at the end of the directory path.  If you point

# ServerRoot at a non-local disk, be sure to point the LockFile directive

# at a local disk.  If you wish to share the same ServerRoot for multiple

# httpd daemons, you will need to change at least LockFile and PidFile.

ServerRoot "/usr/lib64/apache2"

# Dynamic Shared Object (DSO) Support

#

# To be able to use the functionality of a module which was built as a DSO you

# have to place corresponding `LoadModule' lines at this location so the

# directives contained in it are actually available _before_ they are used.

# Statically compiled modules (those listed by `httpd -l') do not need

# to be loaded here.

#

# Example:

# LoadModule foo_module modules/mod_foo.so

#

# GENTOO: Automatically defined based on APACHE2_MODULES USE_EXPAND variable.

#         Do not change manually, it will be overwritten on upgrade.

#

# The following modules are considered as the default configuration.

# If you wish to disable one of them, you may have to alter other

# configuration directives.

#

# Change these at your own risk!

LoadModule actions_module modules/mod_actions.so

LoadModule alias_module modules/mod_alias.so

LoadModule auth_basic_module modules/mod_auth_basic.so

LoadModule authn_alias_module modules/mod_authn_alias.so

LoadModule authn_anon_module modules/mod_authn_anon.so

LoadModule authn_dbm_module modules/mod_authn_dbm.so

LoadModule authn_default_module modules/mod_authn_default.so

LoadModule authn_file_module modules/mod_authn_file.so

LoadModule authz_dbm_module modules/mod_authz_dbm.so

LoadModule authz_default_module modules/mod_authz_default.so

LoadModule authz_groupfile_module modules/mod_authz_groupfile.so

LoadModule authz_host_module modules/mod_authz_host.so

LoadModule authz_owner_module modules/mod_authz_owner.so

LoadModule authz_user_module modules/mod_authz_user.so

LoadModule autoindex_module modules/mod_autoindex.so

<IfDefine CACHE>

LoadModule cache_module modules/mod_cache.so

</IfDefine>

LoadModule cgi_module modules/mod_cgi.so

LoadModule cgid_module modules/mod_cgid.so

<IfDefine DAV>

LoadModule dav_module modules/mod_dav.so

</IfDefine>

<IfDefine DAV>

LoadModule dav_fs_module modules/mod_dav_fs.so

</IfDefine>

<IfDefine DAV>

LoadModule dav_lock_module modules/mod_dav_lock.so

</IfDefine>

LoadModule deflate_module modules/mod_deflate.so

LoadModule dir_module modules/mod_dir.so

<IfDefine CACHE>

LoadModule disk_cache_module modules/mod_disk_cache.so

</IfDefine>

LoadModule env_module modules/mod_env.so

LoadModule expires_module modules/mod_expires.so

LoadModule ext_filter_module modules/mod_ext_filter.so

<IfDefine CACHE>

LoadModule file_cache_module modules/mod_file_cache.so

</IfDefine>

LoadModule filter_module modules/mod_filter.so

LoadModule headers_module modules/mod_headers.so

LoadModule include_module modules/mod_include.so

<IfDefine INFO>

LoadModule info_module modules/mod_info.so

</IfDefine>

LoadModule log_config_module modules/mod_log_config.so

LoadModule logio_module modules/mod_logio.so

<IfDefine CACHE>

LoadModule mem_cache_module modules/mod_mem_cache.so

</IfDefine>

LoadModule mime_module modules/mod_mime.so

LoadModule mime_magic_module modules/mod_mime_magic.so

LoadModule negotiation_module modules/mod_negotiation.so

LoadModule rewrite_module modules/mod_rewrite.so

LoadModule setenvif_module modules/mod_setenvif.so

LoadModule speling_module modules/mod_speling.so

<IfDefine SSL>

LoadModule ssl_module modules/mod_ssl.so

</IfDefine>

<IfDefine STATUS>

LoadModule status_module modules/mod_status.so

</IfDefine>

LoadModule unique_id_module modules/mod_unique_id.so

<IfDefine USERDIR>

LoadModule userdir_module modules/mod_userdir.so

</IfDefine>

LoadModule usertrack_module modules/mod_usertrack.so

LoadModule vhost_alias_module modules/mod_vhost_alias.so

# If you wish httpd to run as a different user or group, you must run

# httpd as root initially and it will switch.

#

# User/Group: The name (or #number) of the user/group to run httpd as.

# It is usually good practice to create a dedicated user and group for

# running httpd, as with most system services.

User apache

Group apache

# Supplemental configuration

#

# Most of the configuration files in the /etc/apache2/modules.d/ directory can

# be turned on using APACHE2_OPTS in /etc/conf.d/apache2 to add extra features

# or to modify the default configuration of the server.

#

# To know which flag to add to APACHE2_OPTS, look at the first line of the

# the file, which will usually be an <IfDefine OPTION> where OPTION is the

# flag to use.

Include /etc/apache2/modules.d/*.conf

# Virtual-host support

#

# Gentoo has made using virtual-hosts easy. In /etc/apache2/vhosts.d/ we

# include a default vhost (enabled by adding -D DEFAULT_VHOST to

# APACHE2_OPTS in /etc/conf.d/apache2).

Include /etc/apache2/vhosts.d/*.conf

# vim: ts=4 filetype=apache

AddDefaultCharset UTF-8

php_value arg_separator.output &amp;

php_value magic_quotes_gpc On

php_value magic_quotes_runtime Off

php_value magic_quotes_sybase Off

php_value variables_order "EGPCS"

php_value request_order "GPC"

```

00_default_vhost.conf

```
# Virtual Hosts

#

# If you want to maintain multiple domains/hostnames on your

# machine you can setup VirtualHost containers for them. Most configurations

# use only name-based virtual hosts so the server doesn't need to worry about

# IP addresses. This is indicated by the asterisks in the directives below.

#

# Please see the documentation at

# <URL:http://httpd.apache.org/docs/2.2/vhosts/>

# for further details before you try to setup virtual hosts.

#

# You may use the command line option '-S' to verify your virtual host

# configuration.

<IfDefine DEFAULT_VHOST>

# see bug #178966 why this is in here

# Listen: Allows you to bind Apache to specific IP addresses and/or

# ports, instead of the default. See also the <VirtualHost>

# directive.

#

# Change this to Listen on specific IP addresses as shown below to

# prevent Apache from glomming onto all bound IP addresses.

#

#Listen 12.34.56.78:80

Listen 80

# Use name-based virtual hosting.

NameVirtualHost *:80 

    <VirtualHost *:80>

       ServerName a.org

       ServerAlias a.org

       ServerAdmin no-reply@gmail.com

       DocumentRoot "/var/www/localhost/htdocs"

       <Directory "/var/www/localhost/htdocs">

               Options Indexes FollowSymLinks

               AllowOverride All

               Order allow,deny

               Allow from all

       </Directory>

    </VirtualHost>

    <VirtualHost *:80>

       ServerName b,org

       ServerAlias b.org

       ServerAdmin no-reply@gmail.com

       DocumentRoot "/var/www/b.org/htdocs"

 

       <Directory "/var/www/b.org/htdocs">

               Options Indexes FollowSymLinks

               AllowOverride All

               Order allow,deny

               Allow from all

       </Directory>

    </VirtualHost>

 

 </IfDefine>

```

Apache Use Flags

```
[ebuild   R   ] www-servers/apache-2.2.17  USE="ssl threads -debug -doc -ldap (-selinux) -static -suexec" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias -asis -auth_digest -authn_dbd -cern_meta -charset_lite -dbd -dumpio -ident -imagemap -log_forensic -proxy -proxy_ajp -proxy_balancer -proxy_connect -proxy_ftp -proxy_http -proxy_scgi -reqtimeout -substitute -version" APACHE2_MPMS="-event -itk -peruser -prefork -worker" 0 kB

```

emerge --info

```
Portage 2.2.2 (default/linux/amd64/2008.0, gcc-4.4.5, libc-0-r0, 2.6.36-gentoo-r1 x86_64)

=================================================================

System uname: Linux-2.6.36-gentoo-r1-x86_64-Intel-R-_Core-TM-2_CPU_6300_@_1.86GHz-with-gentoo-2.1.8

Portage Tree: /usr/portage

Portage HEAD: 7eb7d54d56ea9366b4d280f9e6fd819764794529 /usr/portage/.git/refs/heads/funtoo.org

distcc 3.1 x86_64-pc-linux-gnu [disabled]

app-shells/bash:     4.1_p10

dev-java/java-config: 2.1.11-r3

dev-lang/python:     2.6.6-r1

dev-util/cmake:      2.8.4-r1

sys-apps/baselayout: 2.1.8-r2::funtoo

sys-apps/openrc:     0.7.0

sys-apps/sandbox:    2.5

sys-devel/autoconf:  2.13::funtoo, 2.68::funtoo

sys-devel/automake:  1.9.6-r3::funtoo, 1.10.3::funtoo, 1.11.1-r1

sys-devel/binutils:  2.20.1::funtoo

sys-devel/gcc:       4.4.5::funtoo

sys-devel/gcc-config: 1.4.1::funtoo

sys-devel/libtool:   2.4-r1::funtoo

sys-devel/make:      3.81-r2::funtoo

sys-kernel/linux-headers: 2.6.32::funtoo

sys-libs/glibc:      2.11.2-r2::funtoo

virtual/os-headers:  0

Repositories: gentoo gnome my_local_overlay

ACCEPT_KEYWORDS="amd64 ~amd64"

ACCEPT_LICENSE="* -@EULA AdobeFlash-10.1"

CBUILD="x86_64-pc-linux-gnu"

CFLAGS="-march=core2 -O2 -mtune=generic -pipe"

CHOST="x86_64-pc-linux-gnu"

CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt /var/lib/hsqldb"

CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.2/ext-active/ /etc/php/apache2-php5.3/ext-active/ /etc/php/cgi-php5.2/ext-active/ /etc/php/cgi-php5.3/ext-active/ /etc/php/cli-php5.2/ext-active/ /etc/php/cli-php5.3/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c /etc/udev/rules.d"

CXXFLAGS="-O2 -pipe"

DISTDIR="/usr/portage/distfiles"

FEATURES="assume-digests binpkg-logs distlocks fixlafiles fixpackages mini-manifest news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch"

FFLAGS=""

GENTOO_MIRRORS="http://distfiles.gentoo.org"

LANG="en_US.UTF-8"

LDFLAGS="-Wl,-O1 -Wl,--sort-common -Wl,--as-needed"

LINGUAS="en en_US"

MAKEOPTS="-j3"

PKGDIR="/usr/portage/packages"

PORTAGE_CONFIGROOT="/"

PORTAGE_TMPDIR="/var/tmp"

PORTDIR="/usr/portage"

PORTDIR_OVERLAY="/var/lib/layman/gnome /usr/local/portage"

SYNC="git://github.com/funtoo/portage-mini-2010.git"

SYNC_USER="root"

USE="X a52 aacaalib acl acpi alac alsa amd64 apache2 apm atmo avahi bash-completion bazaar berkdb bindist bzip2 cairo cd cddb cdr cgi cjk cli consolekit cpudetection cracklib crypt cuda cups curl cvs cxx darcs dbus dc1394 device-mapper dirac disk-partition dri dts dvb dvd dvdr dvdread encode evdev extras faac fbcon ffmpeg firefox flac flash fortran fpm fuse gd gda gdbm gdu ggi gif gimp git gnome gnome-keyring gnutls gpm gstreamer gtk gtk3 hddtemp httpd iconv id3tag introspection ipv6 java jpeg jpeg2k ladspa lame libnotify libsamplerate libv4l2 lirc lm_sensors lua lzma mad mercurial midi mmx modplug modules moonlight mozilla mozilla-firefox mp3 mpeg mudflap multilib musepack mysql nautilus ncurses nls nptl nptlonly nsplugin nvidia ogg openal opencl opengl openmp openoffice pam pcre pdf perl php png policykit pppd print pulseaudio python quicktime readline samba scanner session skins soundtouch speex spell sse sse2 sse3 ssl ssse3 subversion sysfs taglib tcpd theora threads tiff truetype twolame udev unicode upnp usb vaapi vamp vcdx vdpau vlc vlm vorbis wavpack weather wine wma-fixed x264 xcomposite xml xorg xosd xv xvid zip zlib zsh-completion zvbi" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="braindump flow karbon kexi kpresenter krita tables words" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en en_US" PHP_TARGETS="php5-3" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="nvidia v4l v4l2" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" 

Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, SYNC_UMASK
```

----------

## cach0rr0

 *Shellnut2 wrote:*   

> 
> 
> So I put both configs in my 00_default_vhost.conf file. Now apache is working and I can access both servers but only from this local box.
> 
> 

 

stop right here. This means that Apache is set up as it needs to be. Do whatever changes you need to do to get to this point, then hold off on any further apache changes. 

the 00_default_vhost.conf that you posted is fine, and correct, and should be all that's required there

your -D BLAH -D FOO should go in /etc/conf.d/apache2

for a working example:

```

APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D SSL -D SSL_DEFAULT_VHOST -D LANGUAGE -D PHP5 -D AUTH_IMAP"

```

with those two files set up, your apache conf should be sorted. The only other thing you may end up needing to do, is set up a ServerName directive in /etc/apache2/modules.d/00_default_settings.conf (set it to something like inanutshell2.no-ip.org, or really anything - the whole point in setting a ServerName directive is so that apache doesnt try to look up its own hostname at startup)

Once you have things set up to where you can access both domains from that box, even if you have entries in /etc/hosts, stop right there, and dont touch apache

Now, when I nmap you from the outside, I see this:

```

# nmap -sT -p80 -P0 inanutshell2.no-ip.org

Starting Nmap 5.51 ( http://nmap.org ) at 2011-06-12 10:56 CDT

Nmap scan report for inanutshell2.no-ip.org (24.250.151.29)

Host is up.

rDNS record for 24.250.151.29: ip24-250-151-29.ga.at.cox.net

PORT   STATE    SERVICE

80/tcp filtered http

Nmap done: 1 IP address (1 host up) scanned in 2.21 seconds

```

which tells me one of a few things:

-that IP address is not correct, so your no-ip DNS updater needs to be run again

-port forwarding is NOT working correctly

-iptables on that box is dropping packets

If apache simply weren't listening, but the firewall was open, I would get "closed", and not "filtered" - for example:

```

# nmap -sT -P0 -p12345 localhost

Starting Nmap 5.51 ( http://nmap.org ) at 2011-06-12 11:00 CDT

Nmap scan report for localhost (127.0.0.1)

Host is up (0.00012s latency).

rDNS record for 127.0.0.1: houacer01.whitehathouston.com

PORT      STATE  SERVICE

12345/tcp closed netbus

```

SO...get your apache set to where it works with an entry in /etc/hosts, and do the following:

-try to nmap port 80 from another host on your network

-try to nmap port 80 from outside your network

post back with the results.

----------

## Shelnutt2

Okay come to find out my ISP (cox) blocks port 80. I just got this ISP a month ago so I didn't realize that. I googled and most people just changed to port 8000. However nmap still says that is "filtered". I did a scan of all ports and there are only 3 open. 22, 23 and 53. Cox only says they block a few ports, however a few people seem to have this issue where at the modem level everything inbound is being blocked.

I tried to put apache on port 53 because I don't have a service and I just wanted to see if it would work. However firefox won't even let a person connect because its for DNS protocol. I guess I'm just SOL. I think I'm gonna contact tech support tomorrow and see if I can get any ports unblocked. Its not right to block all ports, even 5900. What if I need to remote desktop in? I mean I always use ssh but if I needed an inbound connection such as the ultravnc one-click then it wouldn't work. Very frustrating indeed, but that you for all your help! Its good to know that at least my apache is setup correctly.

----------

## cach0rr0

that was, unfortunately, one of my suspicions 

it's just a weak BS excuse for them to upcharge you on a premium or business connection. 

I'm on Comcast Business, and don't have to deal with that. Supposedly residential Comcast in certain areas they do port blocking, but I'm in what used to be RoadRunner land, and I've never had an issue - they don't even block 25 here. 

I *am* a touch surprised they block 8000. I would think 8000 or 8080 would be open, that's draconian even by ISP's standards. 

The port 53 issue doesn't surprise me, since 0-1024 are reserved ports. It *does* surprise me they leave 53 open, I mean what, they'll let people run name servers at home on their dynamic IP's? Right, because this is so common and useful. Bastards!

Anyway, best of luck.

----------

