| <?xml version='1.0' encoding='UTF-8' ?> |
| <!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd"> |
| <?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?> |
| <!-- $LastChangedRevision$ --> |
| |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one or more |
| contributor license agreements. See the NOTICE file distributed with |
| this work for additional information regarding copyright ownership. |
| The ASF licenses this file to You under the Apache License, Version 2.0 |
| (the "License"); you may not use this file except in compliance with |
| the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| |
| <manualpage metafile="ip-based.xml.meta"> |
| <parentdocument href="./">Virtual Hosts</parentdocument> |
| <title>Apache IP-based Virtual Host Support</title> |
| |
| <seealso> |
| <a href="name-based.html">Name-based Virtual Hosts Support</a> |
| </seealso> |
| |
| <section id="explanation"><title>What is IP-based virtual hosting</title> |
| <p>IP-based virtual hosting is a method to apply different directives |
| based on the IP address and port a request is received on. Most commonly, |
| this is used to serve different websites on different ports or interfaces.</p> |
| |
| <p>In many cases, <a href="name-based.html">name-based |
| virtual hosts</a> are more convenient, because they allow |
| many virtual hosts to share a single address/port. |
| See <a href="name-based.html#namevip">Name-based vs. IP-based |
| Virtual Hosts</a> to help you decide. </p> |
| </section> |
| |
| <section id="requirements"><title>System requirements</title> |
| |
| <p>As the term <cite>IP-based</cite> indicates, the server |
| <strong>must have a different IP address/port combination for each IP-based |
| virtual host</strong>. This can be achieved by the machine |
| having several physical network connections, or by use of |
| virtual interfaces which are supported by most modern operating |
| systems (see system documentation for details, these are |
| frequently called "ip aliases", and the "ifconfig" command is |
| most commonly used to set them up), and/or using multiple |
| port numbers.</p> |
| |
| <p> In the terminology of Apache HTTP Server, using a single IP address |
| but multiple TCP ports, is also IP-based virtual hosting.</p> |
| |
| </section> |
| |
| <section id="howto"><title>How to set up Apache</title> |
| |
| <p>There are two ways of configuring apache to support multiple |
| hosts. Either by running a separate <program>httpd</program> daemon for |
| each hostname, or by running a single daemon which supports all the |
| virtual hosts.</p> |
| |
| <p>Use multiple daemons when:</p> |
| |
| <ul> |
| <li>There are security partitioning issues, such as company1 |
| does not want anyone at company2 to be able to read their |
| data except via the web. In this case you would need two |
| daemons, each running with different <directive |
| module="mod_unixd">User</directive>, <directive |
| module="mod_unixd">Group</directive>, <directive |
| module="mpm_common">Listen</directive>, and <directive |
| module="core">ServerRoot</directive> settings.</li> |
| |
| <li>You can afford the memory and file descriptor |
| requirements of listening to every IP alias on the |
| machine. It's only possible to <directive |
| module="mpm_common">Listen</directive> to the "wildcard" |
| address, or to specific addresses. So if you have a need to |
| listen to a specific address for whatever reason, then you |
| will need to listen to all specific addresses. (Although one |
| <program>httpd</program> could listen to N-1 of the addresses, and another could |
| listen to the remaining address.)</li> |
| </ul> |
| |
| <p>Use a single daemon when:</p> |
| |
| <ul> |
| <li>Sharing of the httpd configuration between virtual hosts |
| is acceptable.</li> |
| |
| <li>The machine services a large number of requests, and so |
| the performance loss in running separate daemons may be |
| significant.</li> |
| </ul> |
| |
| </section> |
| |
| <section id="multiple"><title>Setting up multiple daemons</title> |
| |
| <p>Create a separate <program>httpd</program> installation for each |
| virtual host. For each installation, use the <directive |
| module="mpm_common">Listen</directive> directive in the |
| configuration file to select which IP address (or virtual host) |
| that daemon services. e.g.</p> |
| |
| <highlight language="config"> |
| Listen 192.0.2.100:80 |
| </highlight> |
| |
| <p>It is recommended that you use an IP address instead of a |
| hostname (see <a href="../dns-caveats.html">DNS caveats</a>).</p> |
| |
| </section> |
| |
| <section id="single"><title>Setting up a single daemon |
| with virtual hosts</title> |
| |
| <p>For this case, a single <program>httpd</program> will service |
| requests for the main server and all the virtual hosts. The <directive |
| module="core">VirtualHost</directive> directive |
| in the configuration file is used to set the values of <directive |
| module="core">ServerAdmin</directive>, <directive |
| module="core">ServerName</directive>, <directive |
| module="core">DocumentRoot</directive>, <directive |
| module="core">ErrorLog</directive> and <directive |
| module="mod_log_config">TransferLog</directive> |
| or <directive module="mod_log_config">CustomLog</directive> |
| configuration directives to different values for each virtual |
| host. e.g.</p> |
| |
| <highlight language="config"> |
| <VirtualHost 172.20.30.40:80> |
| ServerAdmin webmaster@www1.example.com |
| DocumentRoot "/www/vhosts/www1" |
| ServerName www1.example.com |
| ErrorLog "/www/logs/www1/error_log" |
| CustomLog "/www/logs/www1/access_log" combined |
| </VirtualHost> |
| |
| <VirtualHost 172.20.30.50:80> |
| ServerAdmin webmaster@www2.example.org |
| DocumentRoot "/www/vhosts/www2" |
| ServerName www2.example.org |
| ErrorLog "/www/logs/www2/error_log" |
| CustomLog "/www/logs/www2/access_log" combined |
| </VirtualHost> |
| </highlight> |
| |
| <p>It is recommended that you use an IP address instead of a |
| hostname in the <VirtualHost> directive |
| (see <a href="../dns-caveats.html">DNS caveats</a>).</p> |
| |
| <p> Specific IP addresses or ports have precedence over their wildcard |
| equivalents, and any virtual host that matches has precedence over |
| the servers base configuration.</p> |
| |
| <p>Almost <strong>any</strong> configuration directive can be |
| put in the VirtualHost directive, with the exception of |
| directives that control process creation and a few other |
| directives. To find out if a directive can be used in the |
| VirtualHost directive, check the <a |
| href="../mod/directive-dict.html#Context">Context</a> using the |
| <a href="../mod/quickreference.html">directive index</a>.</p> |
| |
| <p><directive module="mod_suexec">SuexecUserGroup</directive> |
| may be used inside a |
| VirtualHost directive if the <a href="../suexec.html">suEXEC |
| wrapper</a> is used.</p> |
| |
| <p><em>SECURITY:</em> When specifying where to write log files, |
| be aware of some security risks which are present if anyone |
| other than the user that starts Apache has write access to the |
| directory where they are written. See the <a |
| href="../misc/security_tips.html">security tips</a> document |
| for details.</p> |
| |
| </section> |
| </manualpage> |