Name-based Virtual Host Support
The Apache web server Can easily be configured to serve up different content based on the name it was called as.
This allows fun stuff like giving your machine multiple names via DNS and making it look like a whole server farm.
This also makes life easier if you're using it to proxy for other machines internal to your network.
In these notes, we'll be setting up 4 names for the server. foo.bar & www.foo.bar which will be the default web site. Wiki.foo.bar which will be served up by the same install of Apache, but still independant of the default web site. Proxy.foo.bar which is on another machine completely & wouldn't otherwise be reachable.
You will need to set up external DNS for Wiki.foo.bar & Proxy.foo.bar (which are NOT the same as your normal webserver name as far as the outside world is concerned)
NOTE: It is probably smartest to put the VirtualHost sections in separate files in the /etc/apache2/sites-available/ folder, then make symbolic links to them in /etc/apache2/sites-enabled This will simplify maintenance down the road...
(But, if you really want to, they can simply be added to /etc/apache2/apache2.conf)
A sample set of files for /etc/apache2/sites-available:
Note the SSLCertificateFile & SSLCertificateKeyFile lines... In these examples, they are based on the self-signed certs built into Apache. If you have proper certs, these will reflect that.
www.foo.bar.conf
##########################
# WWW.foo.bar #
# our default web server #
##########################
<VirtualHost *:80>
ServerName foo.bar
Redirect permanent / https://www.foo.bar/
</VirtualHost>
<VirtualHost *:80>
ServerName www.foo.bar
Redirect permanent / https://www.foo.bar/
</VirtualHost>
<VirtualHost _default_:443>
ServerName www.foo.bar
DocumentRoot "/var/www/html"
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
</VirtualHost>
wiki.foo.bar.conf
#########################
# Wiki.foo.bar #
# our Wiki server #
#########################
<VirtualHost *:80>
ServerName wiki.foo.bar
Redirect permanent / https://wiki.foo.bar/
</VirtualHost>
<VirtualHost _default_:443>
ServerName wiki.foo.bar
DocumentRoot "/var/www/wiki"
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
</VirtualHost>
proxy.foo.bar.conf
################################################
# Proxy for proxy.foo.bar #
# an ESXi-based server on our internal network #
################################################
<VirtualHost *:80>
ServerName proxy.foo.bar
Redirect permanent / https://proxy.foo.bar/
</VirtualHost>
<VirtualHost _default_:443>
ServerName proxy.foo.bar
ProxyRequests on
SSLEngine On
SSLProxyEngine On
ProxyPreserveHost On
# Redirect WSS traffic (Needed if this is a proxy for ESXi)
ProxyPass /ticket/ wss://proxy.foo.bar/ticket/
ProxyPassReverse /ticket/ wss://proxy.foo.bar/ticket/
# Redirect HTTPS traffic
ProxyPass / https://proxy.foo.bar/
ProxyPassReverse / https://proxy.foo.bar/
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
<Proxy "*">
Order allow,deny
Allow from all
</Proxy>
ErrorLog /var/log/apache2/Proxy/proxy_log
CustomLog /var/log/apache2/Proxy/proxy-access_log combined
</VirtualHost>
Enabling the Virtual Hosts
NOTE: Whichever VirtualHost gets configured FIRST becomes the default host. Any name that successfully resolves to the server but is not among the names explicitly handled will be served this VirtualHost. (It may help to start the filename with a '0'. eg: 0-www.foo.bar.conf)
create the links
cd /etc/apache2/sites-enabledsudo ln -s ../sites-available/www.foo.bar.conf .sudo ln -s ../sites-available/wiki.foo.bar.conf .sudo ln -s ../sites-available/proxy.foo.bar.conf .
and restart Apache:
sudo systemctl restart apache2