Virtual Host problem

Support for webhosts that use CentOS
Post Reply
nightmare1024
Posts: 5
Joined: 2011/05/06 08:56:32
Location: Poland, Gorzow Wlkp.

Virtual Host problem

Post by nightmare1024 » 2011/05/06 09:20:54

Hello,

I am using VMWare + CentOS 5 32bit + Apache 2.2 and I have a problem with virtual host configuration.
Browser (Lynx) does not load the virtual home page.
The server root page loads ok.

Important lines in apache main configuration file httpd.conf:

----------------
Listen 192.168.11.12:80
ServerName 192.168.11.12:80
NameVirtualServer 192.168.11.20:80

DocumentRoot "/usr/local/apache2/htdocs"
include "/usr/local/apache2/htdocs/phpweb20/httpd.conf
----------------

I know the file is being included as if I create any mistake in it I get an apache error when trying to restart server.

the "/usr/local/apache2/htdocs/phpweb20/httpd.conf" file contains following lines:
----------------

ServerName phpweb20
DocumentRoot "/usr/local/apache2/htdocs/phpweb20/htdocs"


AllowOverride All
Options All
Order allow,deny
Allow from all


----------------

I have created sub-interface eth1:0 for 192.168.11.20 address and it pings.
SELinux is disabled. (checked with sestatus)
I have added following line in the hosts file:
-------------
192.168.11.20 phpweb20
-------------

I just can't make it work. Any sugesstions are really appreciated.
Regards, Konrad.

User avatar
TrevorH
Forum Moderator
Posts: 27368
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Virtual Host problem

Post by TrevorH » 2011/05/06 10:42:02

First, I suspect that placing the config file inside the document root is not a good idea. It'll probably work but I'd place it in /etc/httpd/conf.d instead and then you can eliminate the 'include' line for it since the standard CentOS httpd/conf already includes conf.d/*.conf. Similarly, your virtual host's document root is inside the default server's document root so anyone who knew that would be able to get to the vhost pages by manipulating the default server URL.

I'm also pretty sure that you have a typo in your post when you say you have

[code]
NameVirtualServer 192.168.11.20:80
[/code]

as this should be NameVirtualHost.

Otherwise you do not say enough about what URL you use or what symptoms you see to say why "I just can't make it work". What lynx command do you use? What results do you see? Are there any messages logged in the apache logs?

nightmare1024
Posts: 5
Joined: 2011/05/06 08:56:32
Location: Poland, Gorzow Wlkp.

Re: Virtual Host problem

Post by nightmare1024 » 2011/05/06 11:24:00

Thank You,

for quick answer and guides.

NameVirtualServer is a typo ofcourse. It is NameVirtualHost.

The config file is not located in the document root.
"phpweb20" is a container directory and "htdocs" inside phpweb20 is the DocumentRoot.

As you sugessted that is a fact, virtual host document root should be located somewhere else then the main server document root.
I have moved the whole directory phpweb20 to apache2. Now the tree structure is like this:

/root/usr/local/apache2
├ conf
├ htdocs
├ phpweb20/htdocs
├...

As for moving configuration file to /etc/httpd/* it is rather a way of choice.
I think it is better to have it inside application folder as the file is related with the application.
When for example moving application to other server or directory you also move the configuration file and you only need to update
main apache config. Also when you passing task to someone else the other person will see that this application requires some configuration.
I know that this type of thing should be written in RFC or documentation but in my opinion it ist better to keep related things together.

I try to launch the page using cmd: "lynx 192.168.11.20" or "lynx phpweb20".
Lynx gives me "Alert!: Unable to connect to remote host."
When I use cmd: "lynx 192.168.11.12" I get simple It Works! page.

I get no messages in neigther access_log nor error_log.

User avatar
TrevorH
Forum Moderator
Posts: 27368
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Virtual Host problem

Post by TrevorH » 2011/05/06 11:49:11

[quote]
I think it is better to have it inside application folder as the file is related with the application.
[/quote]

That does mean that a remote user could probably retrieve the config file via their web browser without much effort. The point of having it in /etc/httpd/conf.d is so that all config files are in the same place and that none of them are remotely accessible. It also has the side benefit of being a standard location that's known to SELinux so all files in there will get marked with the correct selinux context and your security level will be marginally enhanced.

[quote]
Lynx gives me "Alert!: Unable to connect to remote host."
[/quote]

Right, so it would appear that Apache is not listening on that IP address or that the port is being blocked etc. If you run as root

[code]
netstat -autnp | grep "\:80" | grep LISTEN
[/code]

does this show an httpd process listening on port 80 on either 0.0.0.0 or 192.168.11.20? If it does then are you running iptables on this machine and do you have rules to allow access in place?

nightmare1024
Posts: 5
Joined: 2011/05/06 08:56:32
Location: Poland, Gorzow Wlkp.

Re: Virtual Host problem

Post by nightmare1024 » 2011/05/06 12:32:51

I am not an expert in security but I am open to new knowledge.
The httpd config location is a part for different thread but as for my configuration file, security location, Apache will not allow to read a file using a browser that is outside the public directory. Ofcourse scripts like php can have access to directories outside public directory but if a third person gets access to php than the person can also read a file from /etc/httpd directory.

netstat cmd shows me that httpd is listening on 192.168.11.12:80.

My iptables rules are cleared and allow all access. I am using VMWare for this server with all outside traffic turned off.

But I have done something else that may help to solve the problem.
When I changed the line to NameVirtualHost *:80 and ... i was getting the site from my virtual server running cmd "lynx 192.168.11.12".

So I have tried to create two vhosts:
-------------------

#default settings



...

-------------------
But the result is the same as at the beginning.

nightmare1024
Posts: 5
Joined: 2011/05/06 08:56:32
Location: Poland, Gorzow Wlkp.

Re: Virtual Host problem

Post by nightmare1024 » 2011/05/06 13:00:55

It can't get any simpler than just writing it in the main httpd.conf file:
-----------------
NameVirtualHost *:80


ServerName 192.168.11.12:80



ServerName phpweb20
DocumentRoot /usr/local/apache2/phpweb20/htdocs

-----------------
But it still does not work.

nightmare1024
Posts: 5
Joined: 2011/05/06 08:56:32
Location: Poland, Gorzow Wlkp.

Re: Virtual Host problem

Post by nightmare1024 » 2011/05/06 18:02:40

I solved the problem.

Somehow apache did not listen on all interfaces with command Listen 80 which should the case by default.
I don't know if it has something to do that one of the interface is a sub interface.
Just don't know. But the solution was to specify the interfaces to which apache should be binded.

Listen 192.168.11.12:80
Listen 192.168.11.20:80

Thanks for all your effort TrevorH.

Post Reply

Return to “CentOS 5 - Webhosting Support”