Using Virtual Hosts

You can use Apache's virtual hosts capability to run different servers for different IP addresses, different host names or different ports on the same machine. If you're interested in using virtual hosts, complete information is provided in the Apache documentation on your machine or on the Web at http://www.apache.org/docs/vhosts/.

NotePlease Note
 

You can't use name-based virtual hosts with your Red Hat Linux Secure Web Server, because the SSL handshake (when the browser accepts the secure Web server's certificate) occurs before the HTTP request which identifies the appropriate name-based virtual host. If you want to use name-based virtual hosts, they will only work with your non-secure Web server.

Virtual hosts are configured within the httpd.conf file, as described in the section called Configuration Directives in httpd.conf. Please review that section before you start to change the virtual hosts configuration on your machine.

The Red Hat Linux Secure Web Server Virtual Host

The default configuration of your Red Hat Linux Secure Web Server runs a non-secure and a secure server. Both servers use the same IP address and host name, but they listen on different ports, and the secure server is a virtual host. This configuration enables you to serve both secure and non-secure documents in the most efficient manner possible. As you may know, secure HTTP transmissions take more time than non-secure, because a lot more information is being passed back and forth during secure transactions. So using your secure server for non-secure Web traffic is not a good idea.

The configuration directives for your secure server are contained within virtual host tags in the httpd.conf file. If you need to change something about the configuration of your secure server, you'll need to change the configuration directives inside virtual host tags in the httpd.conf file. If you want to enable certain features (for example, server side includes) for your secure server, they will need to be enabled within the virtual host tags that define your secure server.

The non-secure Web server is configured as the "non-virtual" host in the httpd.conf file. In other words, the non-secure Web server's configuration options are outside of the virtual host tags in httpd.conf. If you want to change something about your non-secure Web server, you'll need to change the configuration directives in httpd.conf outside of the virtual host tags.

By default, both the secure and the non-secure Web servers share the same DocumentRoot, a configuration directive specified in httpd.conf. In other words, the secure and the non-secure Web server look in the same place for the HTML files that they provide in response to requests. By default, the DocumentRoot is set to /var/www/html.

To change the DocumentRoot so that it is no longer shared by both the secure server and the non-secure server, change one of the DocumentRoot directives in httpd.conf. The DocumentRoot outside the virtual host tags defines the DocumentRoot for your non-secure Web server. The DocumentRoot within the virtual host tags that define your secure server is (obviously) for your secure server.

If for some reason you want to disable the non-secure Web server on your machine, you can. Your secure server listens on port 443, the default port for secure Web communications, while your non-secure Web server listens on port 80, the default port for non-secure Web communications. To stop the non-secure Web server from accepting connections, in httpd.conf, find the line which reads:

Port 80

Change the above line so that it reads:

Port 443

Then comment out the Listen 80 line, so that instead of:

Listen 80

Change the above line so that it reads:

#Listen 80

After these two steps, your Red Hat Linux Secure Web Server will be accepting connections on port 443, the default port for secure Web communications. However, your server will not accept connections on port 80, the default port for non-secure communications, so the non-secure Web server will be effectively disabled.

Setting Up Virtual Hosts

Most people will probably use their Red Hat Linux Secure Web Server as it is configured. Therefore, they'll be using the built-in virtual hosts capability, but they won't have to do any manipulation of the virtual hosts directives in httpd.conf. However, if you would like to use the virtual hosts capability for some other reason, you can.

To create a virtual host, you'll need to alter the virtual host lines, provided as an example, in httpd.conf, or create your own virtual host section. (Remember that name-based virtual hosts won't work with your secure server — you'll need to use IP address-based virtual hosts if you need SSL-enabled virtual hosts. Your non-secure server, however, will support both IP address and name-based virtual hosts.)

The virtual host example lines read as follows:

#<VirtualHost ip.address.of.host.some_domain.com>
#    ServerAdmin webmaster@host.some_domain.com
#    DocumentRoot /www/docs/host.some_domain.com
#    ServerName host.some_domain.com
#    ErrorLog logs/host.some_domain.com-error_log
#    CustomLog logs/host.some_domain.com-access_log common
#</VirtualHost>

Uncomment all of the lines (remove the # from the beginning of each line). Then add the correct information for your machine and/or your virtual host to each line.

In the first line, change ip.address.of.host.some_domain.com to your server's IP address. Change the ServerName to a valid DNS name to use for the virtual host. (In other words, don't just make something up. Ask your system administrator if you don't know how to get a valid domain name.)

You'll also need to uncomment one of the NameVirtualHost lines in httpd.conf:

#NameVirtualHost 12.34.56.78:80
#NameVirtualHost 12.34.56.78

Uncomment one of the lines and change the IP address to the IP address (and port if necessary) for that virtual host.

Many other configuration directives can be placed between the virtual host tags, depending upon why you're setting up a virtual host.

If you set up a virtual host and want it to listen on a non-default port (80 is the default port for non-secure Web communications; 443 is the default port for secure Web communications), you'll need to set up a virtual host for that port and add a Listen directive to httpd.conf, corresponding to that port.

To have a virtual host work specifically for that port, add the port number to the first line of the virtual host configuration. The first line should look something like the following:

<VirtualHost ip_address_of_your_server:12331>

This line would create a virtual host that listens on port 12331. Substitute the port number you want to use for 12331 in the previous example.

Underneath the Listen lines in httpd.conf, add a line like the following, which will instruct your Web server to listen on port 12331:

Listen 12331

You must restart your server to start a new virtual host.

Much more complete information about creating and configuring both name-based and IP address-based virtual hosts is provided on the Web at http://www.apache.org/docs/vhosts/index.html. Please check the Apache Group's virtual host documentation for more details on using virtual hosts.