【发布时间】:2019-01-27 20:41:39
【问题描述】:
Apache 2.4.6 使用基于名称的虚拟主机托管四个域。对 http 的 80 端口的调用被重定向到端口 443。每个虚拟服务器都有两个 ServerAlias 参数,用于将调用重定向到 http://domain-example.com/ 或 http://www.domain-example.com/ 到 https://domain-example.com/。
问题是对http://example2.com/ 的调用被默认虚拟主机(按顺序排列的第一)https://example1.com/ 重定向。更让人头疼的是http://example2.com/somepath 正确地重定向到https://example2.com/somepath。
调用和结果摘要:
http://example1.com/ ==> https://example1.com/
http://www.example1.com/ ==> https://example1.com/
https://example1.com/ ==> https://example1.com/
https://www.example1.com/ ==> https://example1.com/
http://example2.com/ ==> https://example1.com/ (<== THIS ONE!)
http://www.example2.com/ ==> https://example2.com/
https://example2.com/ ==> https://example2.com/
https://www.example2.com/ ==> https://example2.com/
http://example3.us/ ==> https://example3.us/
http://www.example3.us/ ==> https://example3.us/
https://example3.us/ ==> https://example3.us/
https://www.example3.us/ ==> https://example3.us/
http://example4.com/ ==> https://example4.com/
http://www.example4.com/ ==> https://example4.com/
https://example4.com/ ==> https://example4.com/
https://www.example4.com/ ==> https://example4.com/
http://example2.com/ ==> https://example1.com/
http://example2.com/somepath ==> https://example2.com/somepath
virtualhost.conf(防火墙端口替换为 [value])
NameVirtualHost *:80
NameVirtualHost *:443
SSLStrictSNIVHostCheck off
<VirtualHost *:80>
Serverexample www.example1.com
ServerAlias example1.com *.example1.com
Redirect permanent / https://example1.com/
</VirtualHost>
<VirtualHost *:443>
Serverexample www.example1.com
ServerAlias example1.com *.example1.com
ProxyRequests off
ProxyPreserveHost on
CustomLog "/path/to/logs/example1ssl.log" "%h %l %u %t \"%r\" %>s %b"
ErrorLog "/path/to/logs/example1ssl_error.log"
SSLEngine on
SSLProxyEngine on
SSLCertificateFile /path/to/certs/example1.com.crt
SSLCertificateKeyFile /path/to/private/example1.key
SSLCertificateChainFile /path/to/certs/ca-bundle-example1.crt
ProxyPass / http://example1.com:[internal port 1]/
ProxyPassReverse / http://example1.com:[internal port 1]/
</VirtualHost>
<VirtualHost *:80>
Serverexample www.example2.com
ServerAlias example2.com *.example2.com
Redirect permanent / https://example2.com/
</VirtualHost>
<VirtualHost *:443>
Serverexample www.example2.com
ServerAlias example2.com *.example2.com
SSLEngine on
SSLProxyEngine on
CustomLog "/path/to/logs/example2_ssl.log" "%h %l %u %t \"%r\" %>s %b"
ErrorLog "/path/to/logs/example2_ssl_error.log"
SSLCertificateFile /path/to/certs/web-01.example2.com.crt
SSLCertificateKeyFile /path/to/private/example2.com.key
SSLCertificateChainFile /path/to/certs/example2.com.crt
ProxyPreserveHost On
ProxyRequests off
ProxyPass / http://example2.com:[internal port 3]/
ProxyPassReverse / http://example2.com:[internal port 3]/
</VirtualHost>
<VirtualHost *:80>
Serverexample www.example3.us
ServerAlias example3.us *.example3.us
Redirect permanent / https://example3.us/
</VirtualHost>
<VirtualHost *:443>
Serverexample www.example3.us
ServerAlias example3.us *.example3.us
ProxyRequests off
ProxyPreserveHost on
CustomLog "/path/to/logs/example3ssl.log" "%h %l %u %t \"%r\" %>s %b"
ErrorLog "/path/to/logs/example3ssl_error.log"
SSLEngine on
SSLProxyEngine on
SSLCertificateFile /path/to/certs/example3.us.crt
SSLCertificateKeyFile /path/to/private/example3.key
SSLCertificateChainFile /path/to/certs/auth_bundle-example3.crt
ProxyPass / http://example3.us:[internal port 2]/
ProxyPassReverse / http://example3.us:[internal port 2]/
</VirtualHost>
<VirtualHost *:80>
Serverexample www.example4.com
ServerAlias example4.com *.example4.com
Redirect permanent / https://example4.com/
</VirtualHost>
<VirtualHost *:443>
Serverexample www.example4.com
ServerAlias example4.com *.example4.com
ProxyRequests off
ProxyPreserveHost on
CustomLog "/path/to/logs/example4ssl.log" "%h %l %u %t \"%r\" %>s %b"
ErrorLog "/path/to/logs/example4ssl_error.log"
SSLEngine on
SSLProxyEngine on
SSLCertificateFile /path/to/certs/example4.com.crt
SSLCertificateKeyFile /path/to/private/example4.key
SSLCertificateChainFile /path/to/certs/ca-bundle-example4.crt
ProxyPass / http://example4.com:[internal port 4]/
ProxyPassReverse / http://example4.com:[internal port 4]/
</VirtualHost>
来自 apachectl -S
VirtualHost configuration:
*:80 is a NameVirtualHost
default server www.example1.com (/etc/httpd/conf.d/virtualhosts.conf:12)
port 80 namevhost www.example1.com (/etc/httpd/conf.d/virtualhosts.conf:12)
alias example1.com
wild alias *.example1.com
port 80 namevhost www.example2.com (/etc/httpd/conf.d/virtualhosts.conf:36)
alias example2.com
wild alias *.example2.com
port 80 namevhost www.example3.us (/etc/httpd/conf.d/virtualhosts.conf:84)
alias example3.us
wild alias *.example3.us
port 80 namevhost www.example4.com (/etc/httpd/conf.d/virtualhosts.conf:108)
alias example4.com
wild alias *.example4.com
*:443 is a NameVirtualHost
default server www.example1.com (/etc/httpd/conf.d/virtualhosts.conf:19)
port 443 namevhost www.example1.com (/etc/httpd/conf.d/virtualhosts.conf:19)
alias example1.com
wild alias *.example1.com
port 443 namevhost www.example2.com (/etc/httpd/conf.d/virtualhosts.conf:43)
alias example2.com
wild alias *.example2.com
port 443 namevhost www.example3.us (/etc/httpd/conf.d/virtualhosts.conf:90)
alias example3.us
wild alias *.example3.us
port 443 namevhost www.example4.com (/etc/httpd/conf.d/virtualhosts.conf:114)
alias example4.com
wild alias *.example4.com
谢谢
【问题讨论】:
-
什么是“Serverexample”而不是“ServerName”?混淆不清?除了名称/别名未在其他任何地方显示之外,默认虚拟主机神秘使用的主要原因是默认虚拟主机中省略了 ServerName 并且请求与服务器自己的底层主机名匹配。
-
好收获。无意的搜索和替换。你是对的。当然不在实际文件中。
标签: apache2 virtualhost