I'm trying to setup my local Apache configuration like so:
http://localhost/
should serve ~/
http://development.somedomain.co.nz/
should serve ~/sites/development.somedomain.co.nz/
https://development.assldomain.co.nz/
should serve ~/sites/development.assldomain.co.nz/
I only want to allow connections from our local network (192.168.1.* range) and myself (127.0.0.1).
I have setup my hosts file with:
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
fe80::1%lo0 localhost
127.0.0.1 development.somedomain.co.nz
127.0.0.1 development.assldomain.co.nz
127.0.0.1 development.anunuseddomain.co.nz
My Apache configuration looks like:
Listen 80
NameVirtualHost *:80
<VirtualHost development.somedomain.co.nz:80>
ServerName development.somedomain.co.nz
DocumentRoot "~/sites/development.somedomain.co.nz"
DirectoryIndex index.php
<Directory ~/sites/development.somedomain.co.nz>
Options Indexes FollowSymLinks ExecCGI Includes
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost localhost:80>
DocumentRoot "~/"
ServerName localhost
<Directory "~/">
Options Indexes FollowSymLinks ExecCGI Includes
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<IfModule mod_ssl.c>
Listen *:443
NameVirtualHost *:443
AcceptMutex flock
<VirtualHost development.assldomain.co.nz:443>
ServerName development.assldomain.co.nz
DocumentRoot "~/sites/development.assldomain.co.nz"
DirectoryIndex index.php
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /Applications/XAMPP/etc/ssl.crt/server.crt
SSLCertificateKeyFile /Applications/XAMPP/etc/ssl.key/server.key
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
<Directory ~/sites/development.assldomain.co.nz>
SSLRequireSSL
Options Indexes FollowSymLinks ExecCGI Includes
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
</IfModule>
http://development.somedomain.co.nz/
http://localhost/
and https://development.assldomain.co.nz/
work fine.
The problem is when I request http://development.anunuseddomain.co.nz/
or http://development.assldomain.co.nz/
it responds with the same as http://development.somedomain.co.nz/
I want it to deny all requests that do not match a virtual host server name and all requests to a https host that are requested with http
PS I'm running XAMPP on Mac OS X 10.5.8