This is written primarily for the Debian OS, but nearly everything below will apply to Ubuntu as well.
Installation
Presuming you have a base install of Debian, running the following command should install a basic LAMP server:
apt-get install apache2 libapache2-mod-php5 mysql-server mysql-client php5-mysql php5-cli php5-gd php5-curl
Presumptions
The following is going to presume that you want to install the following:
- Virtual hosting with multiple sites hanging off one IP. (192.0.2.1/2001:DB8::1)
- One SSL enabled site on a Dedicated ip. (192.0.2.2/2001:DB8::2)
- An ip that will serve the same site no matter what domain is pointed at it. This is useful for parking/monetisation pages. (192.0.2.3/2001:DB8::3)
- The IP addresses referenced throughout are examples only - you should check your server (or virtual server) configuration for your real IP address(es). Using the example IP addresses will NOT work. They must be replaced
The following domains will be setup:
- example1.com pointing at 192.0.2.1 and 2001:DB8::1 with it's files in /var/www/vhosts/example1.com/
- example2.com pointing at 192.0.2.1 and 2001:DB8::1 with it's files in /var/www/vhosts/example2.com/
- ssl.example.com pointing at 192.0.2.2 and 2001:DB8::2 with it's files in /var/www/vhosts/ssl.example.com/
- park1.com and park2.com pointing at 192.0.2.3 and 2001:DB8::3 with their files in /var/www/vhosts/park.example.com/
The virtual host configurations below are extremely simple and just contain enough in them to demonstrate the concepts.
Making The Config Live
In most of the examples below, the need to run '''/etc/init.d/apache2 reload''' is left out. This is mainly as the a2en and a2dis commands will tell you when a reload is required. However, before running reload, it's usually a good idea to run '''apache2ctl configtest'''. This will let you know if there's any config syntax issues. '''apache2ctl -S''' will give a listing of what vhosts are configured, however this listing is based on the config files as they exist on the disk, and '''*NOT*''' on what's currently loaded in Apache.
File And Directories
/etc/apache2/ports.conf
This is the file which specifies what ips and ports you want apache to listen to. By default it will have something like the following:
NameVirtualHost *.80
Listen *:80
<IfModule mod_ssl.c>
Listen 443
</IfModule>
What this means is that it will listen to every ip address on the system on port 80 and port 443, and it presumes that you'll want to do Virtual Hosting on each ip address. While this is a sane enough default, it will cause warnings when stopping and starting Apache. A better option is to specify exactly what ips and ports you want Apache to listen to. This can be done by replacing the above with the following:
# Virtual Hosting IP
Listen 192.0.2.1:80
Listen [2001:DB8::1]:80
# ssl.example.com
Listen 192.0.2.2:80
Listen [2001:DB8::2]:80
# Parking Page
Listen 192.0.2.3:80
Listen [2001:DB8::1]:80
# Set the virtual hosting ip to act on the Host: header
# This should only be done on ips where you plan on having
# multiple different sites.
NameVirtualHost 192.0.2.1:80
NameVirtualHost [2001:DB8::1]:80
<IfModule mod_ssl.c>
# If the mod_ssl library is loaded, get apache to listen on port 443 for the SSL site.
Listen 192.0.2.2:443
Listen [2001:DB8::2]:443
</IfModule>
/etc/apache2/sites-available/ And /etc/apache2/sites-enabled/
''/etc/apache2/site-available/'' can be considered the staging area when adding new sites to Apache. It allows you to create the config for a new site without worrying that a reload will read in the half completed config. Once you're happy with the config, you can then use ''a2ensite'' create a symlink from sites-enabled back to sites-available. On reload, Apache will then add the site to the running config correctly.
/etc/apache2/sites-available/default
This is the default virtual host setup by Debian. As with the ports.conf, it is setup to listen to *:80 by default. In order to prevent errors further down the line, replace:
<VirtualHost *:80>
with:
<VirtualHost 192.0.2.1:80 [2001:DB8::1]:80>
Document Roots
The following directories need to be created:
- /var/www/vhosts/example1.com/
- /var/www/vhosts/example2.com/
- /var/www/vhosts/ssl.example.com/
- /var/www/vhosts/park.example.com/
In each directory put an index file which will let you know which one it is. For example in ''/var/www/vhosts/example1.com/'' create a file called index.html with something like the following:
<html>
<head>
<title>Example 1</title>
</head>
<body>
<h1>Example 1</h1>
Document Root: /var/www/vhosts/example1.com/
<hr />
</body>
Virtual Hosting With Multiple Sites
Create a file called ''/etc/apache2/sites-available/www.example1.com'' and put the following into it:
# This is going to a virtual host on 192.0.2.1:80 and [2001:DB8::1]:80
<VirtualHost 192.0.2.1:80 [2001:DB8::1]:80>
# The "canonical" name for the site
ServerName www.example1.com
# Other name which the site can be accessed by.
ServerAlias example1.com
# The directory where the files are going to be served from on the server
DocumentRoot /var/www/vhosts/example1.com/
# Where the logs are going to be written to.
ErrorLog /var/log/apache2/example1.com.error.log
CustomLog /var/log/apache2/example1.com.access.log combined
</VirtualHost>
Once this is done. Then run '''a2ensite www.example1.com'''. This will create a symlink from ''/etc/apache2/sites-enabled/www.example1.com'' to ''/etc/apache2/sites-available/www.example1.com'' and then request that you restart Apache.
Create another files called ''/etc/apache2/sites-available/www.example2.com'' with the exact contents as above, except with example1 replaced with example2. As with example1, load it using '''a2ensite'''.
If you now run '''apache2ctl -S''' you should get output like:
VirtualHost configuration:
[2001:db8::1]:80 is a NameVirtualHost
default server bogus_host_without_reverse_dns (/etc/apache2/sites-enabled/000-default:1)
port 80 namevhost bogus_host_without_reverse_dns (/etc/apache2/sites-enabled/000-default:1)
port 80 namevhost www.example1.com (/etc/apache2/sites-enabled/www.example1.com:2)
port 80 namevhost www.example2.com (/etc/apache2/sites-enabled/www.example2.com:2)
192.0.2.1:80 is a NameVirtualHost
default server bogus_host_without_reverse_dns (/etc/apache2/sites-enabled/000-default:1)
port 80 namevhost bogus_host_without_reverse_dns (/etc/apache2/sites-enabled/000-default:1)
port 80 namevhost www.example1.com (/etc/apache2/sites-enabled/www.example1.com:2)
port 80 namevhost www.example2.com (/etc/apache2/sites-enabled/www.example2.com:2)
Syntax OK
Note: ''bogus_host_without_reverse_dns'' is there as the example uses [[Documentation_Address_Blocks|documention addresses]] which don't have valid reverse dns.
If you now point www.example1.com's record A record at 192.0.2.1 and it's AAAA record at 2001:db8::1 and go to it in your browser. You should see the index file from /var/www/vhosts/example1.com/
However, if you now go to the ip of the vhost, in this case 192.0.2.1, you're going to get the contents of /var/www. This is in the default site setup by the apache2 package. If you want one of the other vhosts to be default, first run '''a2dissite default'''. This will remove the default vhost and now it will be chosen alphabetically based on the file name in ''/etc/apache2/sites-available''. In this case, example1.com will end up as the default host, so if you go directly to 192.0.2.1, you will get whatever is in ''/var/www/vhost/example1.com/''.
If you would prefer another host, say example2.com, to be default, change directory into ''/etc/apache2/sites-available''. Then run '''mv www.example2.com 000-www.example2.com'''. Now this will be read first as Apache starts up and made the default page for anything that points at that ip and isn't specifically setup as a vhost.
SSL Site On Exclusive IP
Due to the way SSL Certs work, it's currently only possible to have one SSL enabled site per IP. There are technologies such as [http://en.wikipedia.org/wiki/Server_Name_Indication Server Name Identifiaction] which get around the restriction, but they are not widely supported yet.
First of all, the ssl module has to be loaded, so run '''a2enmod ssl'''.
This is going to presume that you have the key file and cert for the domain. Create a directory called ''/etc/apache2/ssl'' and put the key and cert file in there. Name the key file ''ssl.example.com.key'' and the cert file ''ssl.example.com.crt''
Now create a file called ''/etc/apache2/sites-available/ssl.example.com'' and put the following in it:
<VirtualHost 192.0.2.2:80 [2001:DB8::2]:80>
# The "canonical" name for the site
ServerName ssl.example.com
# Other name which the site can be accessed by.
ServerAlias www.ssl.example.com
# The directory where the files are going to be served from on the server
DocumentRoot /var/www/vhosts/ssl.example.com/
# Where the logs are going to be written to.
ErrorLog /var/log/apache2/ssl.example.com.error.log
CustomLog /var/log/apache2/ssl.example.com.access.log combined
</VirtualHost>
<VirtualHost 192.0.2.2:443 [2001:DB8::2]:443>
# The "canonical" name for the site
ServerName ssl.example.com
# Other name which the site can be accessed by.
ServerAlias www.ssl.example.com
# The directory where the files are going to be served from on the server
DocumentRoot /var/www/vhosts/ssl.example.com/
# Add the SSL cert info:
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/ssl.example.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/ssl.example.com.key
# Where the logs are going to be written to.
ErrorLog /var/log/apache2/ssl.example.com.error.log
CustomLog /var/log/apache2/ssl.example.com.access.log combined
</VirtualHost>
Run '''a2ensite ssl.example.com''' to enable the site and then make sure that ssl.example.com is pointing at 192.0.2.2 and 2001:DB8::2.
If you now go to http://ssl.example.com in your browser, you should see the contents of /var/www/vhosts/ssl.example.com/ and the cert for ssl.example.com.
Parking IP
It's often very handy to have an IP Address you can point any domain at to either park the domain or have a default maintenance notice. This is actually really easy to do.
Create a file called ''/etc/apache2/sites-available/park.example.com'' with the following contents:
<VirtualHost 192.0.2.3:80 [2001:DB8::3]:80>
ServerName park.example.com
# The directory where the files are going to be served from on the server
DocumentRoot /var/www/vhosts/park.example.com/
# Where the logs are going to be written to.
ErrorLog /var/log/apache2/park.example.com.error.log
CustomLog /var/log/apache2/park.example.com.access.log combined
</VirtualHost>
Then run '''a2ensite park.example.com'''. Now either go directly to the IP Address, or point any domain at it and you will always get the contents of /var/www/vhosts/park.example.com/
This can actually be done with the named virtual hosting as explained earlier as well, by just not setting up a virtual host to handle the domain name, and letting it go to the default vhost.
IPv6
If you do not have IPv6 enabled on your server then remove any reference to IPv6 in your configuration
Comments
0 comments
Article is closed for comments.