View Single Post
  #7  
Old 15th December 2011, 18:53
cbj4074 cbj4074 is offline
Senior Member
 
Join Date: Nov 2010
Posts: 392
Thanks: 29
Thanked 58 Times in 50 Posts
Default

I will add that for servers configured with multiple IP addresses, and with "IPv4-Address" (and/or "IPv6-Address") set to specific IP addresses in the drop-down menu (in Sites -> example.com -> Domain [tab]), the following will appear in the Apache error log:

Code:
# service apache2 restart
 * Restarting web server apache2
[Thu Dec 15 09:25:17 2011] [warn] NameVirtualHost *:80 has no VirtualHosts
[Thu Dec 15 09:25:17 2011] [warn] NameVirtualHost *:443 has no VirtualHosts
This is because when a specific IP address is selected, ISPConfig includes the IP address in the VirtualHost definition (rightfully so), e.g.:

Code:
<VirtualHost 123.456.789.012:443>
</VirtualHost>
Selecting the "*" option for each of these domains should work, too, but it increases the number of warnings in the log on Apache (re)start, e.g.:

Code:
# service apache2 restart
 * Restarting web server apache2
[Thu Dec 15 09:43:21 2011] [warn] NameVirtualHost 0.0.0.1:80 has no VirtualHosts
[Thu Dec 15 09:43:21 2011] [warn] NameVirtualHost 0.0.0.1:443 has no VirtualHosts
[Thu Dec 15 09:43:21 2011] [warn] NameVirtualHost 0.0.0.2:80 has no VirtualHosts
[Thu Dec 15 09:43:21 2011] [warn] NameVirtualHost 0.0.0.2:443 has no VirtualHosts
As a final point of note, don't ignore this statement in the Apache SNI documentation:

Quote:
Since the first (default) vhost will be used for any request where the provided server name doesn't match another vhost, it is important that the first vhost have the most restrictive access control, otherwise clients can access restricted resources by sending a request for any unknown hostname. (This isn't actually any different from using virtual hosts without SSL.)
Reply With Quote