Default Apache config is not matching unmatched requests

1

Environment

Ubuntu 16.04 / Apache 2.4.18

Problem

One of my Apache configs is matching every request, regardless of whether the ServerName matches. Even different domains are matching, not just subdomains. How do I determine a fix for why this one config is matching everything?

Details

I have two active configurations, 000-default and a config for one of my domains.

Problem is, if I enable the config for that one domain, that config handles all requests, no matter if I'm using a fake subdomain, or even a completely different domain that is set up to point to that server's IP.

To be clear, I don't yet have a config for that other domain, so it shouldn't be matching anything.

Configs appear to be loaded in the proper order, so the 000-default should be the default config for nonmatching requests.

Configuration

# 000-default.conf
NameVirtualHost *
<VirtualHost *>
  ServerName default
  ServerSignature Off
  Redirect 404 /
</VirtualHost>

.

# example-com.conf
<VirtualHost *:80>
  ServerName example.com
  ServerAlias example.com
  ServerSignature Off

  RewriteEngine on
  RewriteCond %{HTTP_HOST} ^example\.com [NC]
  RewriteCond %{HTTPS} !=on
  RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [NE,R,L]
</VirtualHost>

Since my other domain doesn't match that first RewriteCond, it just returns a blank 200. So probably no need to pay attention to the fact that nothing is serving that HTTPS route:

# curl -I http://example.com
HTTP/1.1 302 Found <== This is good, that redirects as expected
$ curl -I http://fake.example.com
HTTP/1.1 200 OK <== That's bad, it hit the example.com config, failed the RewriteCond, and just returned a blank 200
$ curl -I http://other-domain.com
HTTP/1.1 200 OK <== Also bad, same reason as above

Apache seems to be loading stuff in the right order:

# apache2ctl -S
AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled/000-default.conf:1
VirtualHost configuration:
*:*                    default (/etc/apache2/sites-enabled/000-default.conf:3)
*:80                   example.com (/etc/apache2/sites-enabled/example-com.conf:1)

With this load order, 000-default should be handling nonmatching sites, but it's not. Can anyone see the deal with my config that's causing this?

cedmans

Posted 2017-08-06T03:42:06.763

Reputation: 13

Don't know if this will fix anything but three suggestions about 000-default... First, the 2.4.x line of Apache does not require the NameVirtualHost directive (and it is in fact deprecated). Second, I would replace <VirtualHost *> with <VirtualHost *:80>. Most configurations I see have this syntax even for 000-default. Third, you may want to disable (a2dissite) and re-enable (a2ensite) 000-default regardless to make sure it's is actually enabled (don't forget to restart Apache obviously). – Anaksunaman – 2017-08-06T12:15:43.890

Well, what you said is exactly what fixed it. Probably specifying that port. I admit my Apache-fu is weak, so I thank you greatly for your assistance. – cedmans – 2017-08-07T03:23:28.107

Yeah my suspicion is the port as well. In any case, you're welcome. Glad it's fixed. :-) – Anaksunaman – 2017-08-07T03:52:46.227

Answers

0

I would suggest looking at three things in regards to the 000-default configuration file:

  • The 2.4.x line of Apache does not require the NameVirtualHost directive (and it is in fact deprecated), so I would remove this.

  • I would replace <VirtualHost *> with <VirtualHost *:80>. Most configurations I see have this syntax even for 000-default. Not having this format could interfere with the host being used for requests.

  • You should disable (a2dissite) and re-enable (a2ensite) the 000-default configuration file to make sure it's is actually enabled (don't forget to restart Apache as well).

Anaksunaman

Posted 2017-08-06T03:42:06.763

Reputation: 9 278

Asked: 2017-08-06T03:42:06.763

Viewed: 640 times

Active: 2017-08-07T03:54:16.657