在本地networking上使用虚拟主机和SSL进行Apacheconfiguration

我试图设置我的本地Apacheconfiguration,如下所示:

http://localhost/应该服务~/

http://development.somedomain.co.nz/应该服务~/sites/development.somedomain.co.nz/

https://development.assldomain.co.nz/应该服务~/sites/development.assldomain.co.nz/

我只想要允许来自本地networking(192.168.1。*范围)和我自己(127.0.0.1)的连接。

我已经设置我的主机文件:

 127.0.0.1 localhost 255.255.255.255 broadcasthost ::1 localhost fe80::1%lo0 localhost 127.0.0.1 development.somedomain.co.nz 127.0.0.1 development.assldomain.co.nz 127.0.0.1 development.anunuseddomain.co.nz 

我的Apacheconfiguration如下所示:

 Listen 80 NameVirtualHost *:80 <VirtualHost development.somedomain.co.nz:80> ServerName development.somedomain.co.nz DocumentRoot "~/sites/development.somedomain.co.nz" DirectoryIndex index.php <Directory ~/sites/development.somedomain.co.nz> Options Indexes FollowSymLinks ExecCGI Includes AllowOverride All Order allow,deny Allow from all </Directory> </VirtualHost> <VirtualHost localhost:80> DocumentRoot "~/" ServerName localhost <Directory "~/"> Options Indexes FollowSymLinks ExecCGI Includes AllowOverride All Order allow,deny Allow from all </Directory> </VirtualHost> <IfModule mod_ssl.c> Listen *:443 NameVirtualHost *:443 AcceptMutex flock <VirtualHost development.assldomain.co.nz:443> ServerName development.assldomain.co.nz DocumentRoot "~/sites/development.assldomain.co.nz" DirectoryIndex index.php SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile /Applications/XAMPP/etc/ssl.crt/server.crt SSLCertificateKeyFile /Applications/XAMPP/etc/ssl.key/server.key BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 <Directory ~/sites/development.assldomain.co.nz> SSLRequireSSL Options Indexes FollowSymLinks ExecCGI Includes AllowOverride All Order allow,deny Allow from all </Directory> </VirtualHost> </IfModule> 

http://development.somedomain.co.nz/ http://localhost/https://development.assldomain.co.nz/正常工作。

问题是当我请求http://development.anunuseddomain.co.nz/http://development.assldomain.co.nz/它响应与http://development.somedomain.co.nz/相同

我希望它拒绝所有与虚拟主机服务器名称不匹配的请求,以及所有请求使用http请求的https主机的请求

PS我在Mac OS X 10.5.8上运行XAMPP

当apache不能修改虚拟主机时,它会打开默认的主机。 总是有一个默认的,如果没有明确的定义,它是你的configuration文件中的第一个虚拟主机定义。

你可以使用httpd -S来检查你的默认虚拟主机

你可以定义默认和禁止访问它,如果你喜欢defraagh指出

基于SSL的虚拟主机不支持命名的虚拟主机。

该问题源于ServerName在SSL请求中也被encryption的事实。 因此,当服务器接收到“somedomainname”或其他的请求时,它会默认为一个不在 443上的VHost。

解:

  • 把你的Lise放在VHost定义之外
  • 将443更改为IP地址。 服务器自动执行反向DNS查找。

更正:

 # Listen :80 Listen *:80 # Listen on IP Address for :443 Listen 127.0.0.1:443 <VirtualHost development.somedomain.co.nz:80> ServerName development.somedomain.co.nz DocumentRoot "~/sites/development.somedomain.co.nz" DirectoryIndex index.php # Stay consistent with your syntax definitions. This and the 443 Vhost Directory # were not Quoted. That's not to say it makes a difference guaranteed, # but it's always a good habit. <Directory "~/sites/development.somedomain.co.nz"> Options Indexes FollowSymLinks ExecCGI Includes AllowOverride All Order allow,deny Allow from all </Directory> </VirtualHost> <VirtualHost localhost:80> ServerName localhost DocumentRoot "~/" <Directory "~/"> Options Indexes FollowSymLinks ExecCGI Includes AllowOverride All Order allow,deny Allow from all </Directory> </VirtualHost> <IfModule mod_ssl.c> # Does this need to exist outside of the VHost Definition ?? AcceptMutex flock <VirtualHost 127.0.0.1:443> ServerName development.assldomain.co.nz DocumentRoot "~/sites/development.assldomain.co.nz" DirectoryIndex index.php SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile /Applications/XAMPP/etc/ssl.crt/server.crt SSLCertificateKeyFile /Applications/XAMPP/etc/ssl.key/server.key BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 <Directory "~/sites/development.assldomain.co.nz"> SSLRequireSSL Options Indexes FollowSymLinks ExecCGI Includes AllowOverride All Order allow,deny Allow from all </Directory> </VirtualHost> </IfModule> 

在文件末尾添加一个默认的VirtualHost来捕获指向你没有明确指定的主机的请求:

  <VirtualHost _default_:*> DocumentRoot /~/void ... </VirtualHost> 

在你的虚拟主机指令中:

 <VirtualHost localhost:80> 

尝试使用IP来代替。

 <VirtualHost 127.0.0.1:80>