1
Environment
Ubuntu 16.04 / Apache 2.4.18
Problem
One of my Apache configs is matching every request, regardless of whether the ServerName matches. Even different domains are matching, not just subdomains. How do I determine a fix for why this one config is matching everything?
Details
I have two active configurations, 000-default
and a config for one of my domains.
Problem is, if I enable the config for that one domain, that config handles all requests, no matter if I'm using a fake subdomain, or even a completely different domain that is set up to point to that server's IP.
To be clear, I don't yet have a config for that other domain, so it shouldn't be matching anything.
Configs appear to be loaded in the proper order, so the 000-default should be the default config for nonmatching requests.
Configuration
# 000-default.conf
NameVirtualHost *
<VirtualHost *>
ServerName default
ServerSignature Off
Redirect 404 /
</VirtualHost>
.
# example-com.conf
<VirtualHost *:80>
ServerName example.com
ServerAlias example.com
ServerSignature Off
RewriteEngine on
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [NE,R,L]
</VirtualHost>
Since my other domain doesn't match that first RewriteCond
, it just returns a blank 200. So probably no need to pay attention to the fact that nothing is serving that HTTPS route:
# curl -I http://example.com
HTTP/1.1 302 Found <== This is good, that redirects as expected
$ curl -I http://fake.example.com
HTTP/1.1 200 OK <== That's bad, it hit the example.com config, failed the RewriteCond, and just returned a blank 200
$ curl -I http://other-domain.com
HTTP/1.1 200 OK <== Also bad, same reason as above
Apache seems to be loading stuff in the right order:
# apache2ctl -S
AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled/000-default.conf:1
VirtualHost configuration:
*:* default (/etc/apache2/sites-enabled/000-default.conf:3)
*:80 example.com (/etc/apache2/sites-enabled/example-com.conf:1)
With this load order, 000-default
should be handling nonmatching sites, but it's not. Can anyone see the deal with my config that's causing this?
Don't know if this will fix anything but three suggestions about 000-default... First, the 2.4.x line of Apache does not require the NameVirtualHost directive (and it is in fact deprecated). Second, I would replace <VirtualHost *> with <VirtualHost *:80>. Most configurations I see have this syntax even for 000-default. Third, you may want to disable (a2dissite) and re-enable (a2ensite) 000-default regardless to make sure it's is actually enabled (don't forget to restart Apache obviously). – Anaksunaman – 2017-08-06T12:15:43.890
Well, what you said is exactly what fixed it. Probably specifying that port. I admit my Apache-fu is weak, so I thank you greatly for your assistance. – cedmans – 2017-08-07T03:23:28.107
Yeah my suspicion is the port as well. In any case, you're welcome. Glad it's fixed. :-) – Anaksunaman – 2017-08-07T03:52:46.227