1

I have the following local services located in a server with IP 198.51.100.1:

127.0.0.1:5000 - special pda service
127.0.0.1:8888 - www service

I have configured the following DNS entries:

foo.com - A - 198.51.100.1
pda.foo.com - A - 198.51.100.1
www.foo.com - A - 198.51.100.1

The idea is that if user types pda.foo.com site will proxy against 127.0.0.1:5000 via SSL and that if user types www.foo.com site will proxy against 127.0.0.1:8888 via SSL.

I have the following config as the only sites-enabled config file:

NameVirtualHost *:80

<IfModule mod_ssl.c>
<VirtualHost *:80>
        ServerName pda.foo.com
        Redirect permanent / https://pda.foo.com
</VirtualHost>
<VirtualHost *:80>
        ServerName www.foo.com
        Redirect permanent / https://www.foo.com
</VirtualHost>
</IfModule>

NameVirtualHost *:443
<IfModule mod_ssl.c>
<VirtualHost *:443>

        ServerName pda.foo.com

        SSLProxyEngine On
        ProxyPass / http://127.0.0.1:5000/
        ProxyPassReverse / http://127.0.0.1:5000/

        SSLEngine On
        SSLCertificateFile  /etc/letsencrypt/live/server2.foobar.com/fullchain.pem
        SSLCertificateKeyFile       /etc/letsencrypt/live/server2.foobar.com/privkey.pem

</VirtualHost>
<VirtualHost *:443>

        ServerName www.foo.com

        SSLProxyEngine On
        ProxyPass / http://127.0.0.1:8888/
        ProxyPassReverse / http://127.0.0.1:8888/

        SSLEngine On
        SSLCertificateFile  /etc/letsencrypt/live/server2.foobar.com/fullchain.pem
        SSLCertificateKeyFile       /etc/letsencrypt/live/server2.foobar.com/privkey.pem

</VirtualHost>
</IfModule>

This is shown when you do apachectl -t -D DUMP_VHOSTS:

AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled/mysite.conf:1
VirtualHost configuration:
*:80                   is a NameVirtualHost
         default server pda.foo.com (/etc/apache2/sites-enabled/mysite.conf:4)
         port 80 namevhost pda.foo.com (/etc/apache2/sites-enabled/mysite.conf:4)
         port 80 namevhost www.foo.com (/etc/apache2/sites-enabled/mysite.conf:10)
*:443                  is a NameVirtualHost
         default server pda.foo.com (/etc/apache2/sites-enabled/mysite.conf:20)
         port 443 namevhost pda.foo.com (/etc/apache2/sites-enabled/mysite.conf:20)
         port 443 namevhost www.foo.com (/etc/apache2/sites-enabled/mysite.conf:47)

When I try to access www.foo.com I get site not found delivered by the DNS service provider.

When I try to access pda.foo.com it redirects to SSL but again I get site not found delivered by service provider.

Any tips?

M.E.
  • 124
  • 10
  • Do **NOT** use `9.9.9.9` as a "fake" IP for your documentation purposes as it is a totally normal and live IP, used for a big public DNS service. Use guidance in RFC5737 to obfuscate IPv4 addresses. – Patrick Mevzek Jun 20 '18 at 15:05
  • @patrick-mevzek duly noted and edited as per RFC5737 – M.E. Jun 20 '18 at 21:11
  • Thanks, I have retracted my downvote to salute your efforts... Next step is RFC2606 to properly obfuscate name, basically use `example.com` instead of `foo.com` or any other name. Sorry not to have bring that up previously. – Patrick Mevzek Jun 20 '18 at 21:34
  • "I get site not found delivered by the DNS service provider", can you detail exactly what happens? Is it a DNS issue, or does the request reach you apache server? – youen Jun 21 '18 at 13:22
  • I was stuck at the Apache site, but finally I realized that my IP was not properly set up in the DNS side. I was looking for a configuration mistake and while doing that I did not realize that it was a simple IP typo. thanks – M.E. Jul 02 '18 at 20:45

0 Answers0