ISP Help....Virtual Hosting/DNS entries 1

[force5]

A little background of my situation:
I work for a local ISP and we are adding a new webserver to run Apache 2.0. We are going to leave our currently hosted websites(about 100) on our ISS box, and all new sites will get set up on Apache. I have RedHat 9.0 and am using the Apache that is bundled with it. I have been "Thrown to the Wolves" and expected to get this up and running. I have read "Teach Youself Apache in 24 hours" and also 1/2 of the Apache Administrators Handbook and not to mention about 3 weeks of research online. WHEW!
I have Apache set up and understand the different modules, settings, etc....but for the life of me, I can not figure out how the IP based Virtual Hosting works. I have tried many different configurations but nothing is working. Every site, book, or other resource, does it a little different.
My manager is really pressing me to get this going... would anyone be willing to speak to me via phone instead of going back and forth through this forum? If not that's ok...I'm just in a bit of a "pinch".
Thanks

 

[ericbrunson]

This works for one or my customers:

<VirtualHost [URL unfurl="true"]www.mycustomer.com:80>[/URL]
    ServerAdmin webmaster@karaokeus.com
    ServerAlias [URL unfurl="true"]www.karaokeus.com,[/URL] karaokeus.com
    ErrorLog /home/karaokeus/[URL unfurl="true"]www/logs/error_log[/URL]
    CustomLog /home/karaokeus/[URL unfurl="true"]www/logs/access_log[/URL] combined
</VirtualHost>

The name is in DNS, but you could just as easily put the IP in, I believe.

 

[force5]

Thanks for the reply eric...so you are saying if I use the ip address in the first <VirtualHost>, I won't need to add anything to DNS or my hosts file?
Since I am using ip addressing and aliasing maultiple addresses to my only network card...I will still have to use the ifconfig command to bind my addresses to this card:
for example...ifconfig eth0:0 xxx.xxx.xxx.xxx ?
One more thing...for now, all I am trying to do is setup a "test" site and get it going. I created a legitimate ip address and binded it to the eth0 and created a directory called test(/var/

http://www/test)

and stuck a generic index.htm page in there. I should be able to open a browser and use

http://xxx.xxx.xxx.xxx/index.htm

and see that index page correct?

 

[ericbrunson]

Ah, I think you asked the wrong question...

You only need IP based virtual hosts if you need to do SSL for that host. If you want to run multiple sites on a single IP address then do this:

<VirtualHost *:80>
ServerAdmin webmaster@cust1.com
ServerAlias

http://www.cust1.com,

cust1.com
ErrorLog /home/cust1/

http://www/logs/error_log

CustomLog /home/cust1/

http://www/logs/access_log

combined
</VirtualHost>

<VirtualHost *:80>
ServerAdmin webmaster@cust2.com
ServerAlias

http://www.cust2.com,

cust2.com
ErrorLog /home/cust2/

http://www/logs/error_log

CustomLog /home/cust2/

http://www/logs/access_log

combined
</VirtualHost>

If you are running them each on their individual IP (unnecessary), then bind all the addresses to the card and put all the names in DNS and use my first example.

 

[force5]

Thanks for the quick replys...I appreciate it sincerely. I will scratch the IP aliasing and change it back to the way your example is. However, I notice you dont have a DocumentRoot?
And what about my "test" project? My manager doesn't want to put anything on at this time. I simply want to test it with a simple index.htm page before I put an actual website online. Is this possible? Could you elaborate on how?
And what about other directives like ServerName? The name of my server is nkweb. Should I simply use nkweb or the server's IP address???

 

[ericbrunson]

Oh, yeah, you'll need a document root.

As far as the test site, it will have to be in DNS for it to work with the name and not the IP.

 

[force5]

ok....So just so I'm straight...to host multiple sites on one IP address, I ONLY need to edit the httpd.conf file like your example above and nothing else is required?
And as far as the "test"...thats the other part that is confusing...it wants me to set up Master zones and reverse zones, etc...Is there a better way to test it then? If so,
eric, what would you recommend doing to test that this apache server is running and functional? Please keep in mind that the IIS box is still on the network with about 100 sites...I do not want to do anything to jeapordize that functionality.

 

[ericbrunson]

point 1: correct

The easiest way to test would be to add the new name->ip to your hosts file. On unix it's in /etc/hosts, I don't know anything about windows. Otherwise you can just add a single A record for the name to DNS, no need for reverse.

 

[force5]

Thanks a million man...the test site works! Just a heads up though, all I did was put in the following:
<VirtualHost *:80>
DocumentRoot /var/

http://www/test

ServerName (ipaddress of "test")
</VirtualHost>

Then, I just pointed my browser to the address of the actual webserver/index.htm(not the "test" site)
for example:

http://xxx.xxx.xxx.xxx/index.htm

 

[ericbrunson]

That'll work.

 

[force5]

Ok eric....setting it up the way that you showed me above, will this give privacy to our multiple customers when they ftp their content to the server? This is one complaint they currently have with our current IIS setup. When they ftp in to the server, they can see other people's directories.
Any advise with solving this using Apache.(Suexec????)

 

[ericbrunson]

That's a setting of your ftp server, it doesn't have anything to do with the apache config. I use vsftpd and it partitions (chroots) the users into their own home dirs by default.

 

[force5]

ok....great! Well....sorry for the novice questions but I sure do appreciate it. I downloaded vsftp. Should I install it to a special directory? Also do I need to run it as a service? Im not sure how to make sure when a client connects, they are connecting to the vsftpd instead of the other 2 that come installed with RedHat9?

 

[ericbrunson]

i'd install it from rpm.

look at the /etc/xinetd.d to sort out the different configs

 

[force5]

If I have Apache set for user's web directories as /var/

http://www/user1,

/var/

http://www/user2,

etc., then will my vsftpd user directories be /var/

http://www/user1,

/var/

http://www/user2,

etc.???

 

[ericbrunson]

If that is their home directory according to /etc/passwd

 

[force5]

yes..it is. But when the users log in to the ftp, they can browse the whole webserver?

 

[ericbrunson]

man vsftpd.conf and search for "chroot".

Setting chroot_local_user to YES will put everyone in jail, then chroot_list_enable can be set to a list of users that are *not* chroot'ed.

 

[force5]

Eric, in the above example you have:

<VirtualHost *:80>
ServerAdmin webmaster@cust1.com
ServerAlias

http://www.cust1.com,

cust1.com
ErrorLog /home/cust1/

http://www/logs/error_log

CustomLog /home/cust1/

http://www/logs/access_log

combined
</VirtualHost>

<VirtualHost *:80>
ServerAdmin webmaster@cust2.com
ServerAlias

http://www.cust2.com,

cust2.com
ErrorLog /home/cust2/

http://www/logs/error_log

CustomLog /home/cust2/

http://www/logs/access_log

combined
</VirtualHost>

I am going to use your example but there are 2 Questions that I have about this:
1. Do I want to use ServerName directive or ServerAlias?
ServerName

http://www.cust1.com

2. I am not sure how to set my logs up and also what directory to use for them...you used /home/cust1/logs, is this sufficient?

 

[ericbrunson]

You want serveralias, there can only be one servername and if you change it in your virthosts, it'll cause weird behavior.

The logs can be anyplace you want, I use *_log in a named directory, or you could throw them in a single directory and name them whatever-error_log.

Don't forget your DocumentRoot.