Virtual Host Conf Files in Apache on a CentOS 8 server. Imagine having a special server that can host multiple websites like separate rooms or doors, each with its unique features and appearance. That’s precisely what Virtual Hosts do!
Virtual host
Table of Contents
What are Virtual Hosts?
In the world of web hosting, Virtual Hosts allow a single server to host multiple websites independently. It’s like having different rooms or doors on the same server, each leading to a different website. And in this blog I’ll try to explain you some important options for httpd conf file in apache.
IP-Based and Domain-Based
There are two types of Virtual Hosts: IP-based and Domain-based. Let’s understand them without any complicated terms.
IP-Based
Imagine a hotel with rooms, each having a unique room number (IP address). Similarly, IP-based Virtual Hosts use different IP addresses to host various websites. To access each website, you need to know its specific IP address.
Domain-Based
Now think of magical doors, each with a unique name (domain name). Domain-based Virtual Hosts use domain names to lead you to different websites. To access a website, just type its domain name in your browser!
Creating Virtual Host Conf Files
Now, let’s create some magic with Virtual Host Conf Files! Follow these steps to host multiple websites on your CentOS 8 server:
Step 1: Create a New Conf File
Create a new file with the “.conf” extension in the “/etc/httpd/conf.d/” directory. For example, “websiteA.conf” for the IP-based and “websiteB.conf” for the Domain-based .
Step 2: The Magic Code
Here’s an example of a basic Conf File for “Website A” (IP-based) and “Website B” (Domain-based). You can copy and paste this code into your own configuration files:
# Website A - IP-Based Virtual-Host
<VirtualHost your_server_ip:80>
ServerAdmin webmaster@websiteA.com
DocumentRoot /var/www/websiteA
ServerName websiteA.com
ErrorLog /var/log/httpd/websiteA_error.log
CustomLog /var/log/httpd/websiteA_access.log common
</VirtualHost>
# Website B - Domain-Based Virtual-Host
<VirtualHost *:80>
ServerAdmin webmaster@your_domain_name
DocumentRoot /var/www/websiteB
ServerName your_domain_name
ErrorLog /var/log/httpd/websiteB_error.log
CustomLog /var/log/httpd/websiteB_access.log common
</VirtualHost>SSL Virtual Host Conf Files
For a secure connection, obtain a magical SSL certificate and add the following lines to each Virtual Host Conf File:
Below file is explain in this video
<VirtualHost your_server_ip:443>
ServerAdmin webmaster@websiteA.com
DocumentRoot /var/www/websiteA
ServerName websiteA.com
ErrorLog /var/log/httpd/websiteA_error.log
CustomLog /var/log/httpd/websiteA_access.log common
SSLEngine on
SSLCertificateFile /path/to/magical_certificate.crt
SSLCertificateKeyFile /path/to/magical_private_key.key
SSLCertificateChainFile /path/to/magical_certificate_chain.crt
</VirtualHost>
<VirtualHost *:443>
ServerAdmin webmaster@your_domain_name
DocumentRoot /var/www/websiteB
ServerName your_domain_name
ErrorLog /var/log/httpd/websiteB_error.log
CustomLog /var/log/httpd/websiteB_access.log common
SSLEngine on
SSLCertificateFile /path/to/magical_certificate.crt
SSLCertificateKeyFile /path/to/magical_private_key.key
SSLCertificateChainFile /path/to/magical_certificate_chain.crt
</VirtualHost>Complete File with SSL and Basic Security Options.
These setting will protect you from different cyber attacks like html code injections, brute force, xss
Listen: 443
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
# SSL Configuration
SSLEngine on
SSLCertificateFile /path/to/ssl_certificate.crt
SSLCertificateKeyFile /path/to/ssl_certificate.key
SSLCertificateChainFile /path/to/ssl_certificate_chain.crt [ if you have or provided by Provider]
#environment Vairable
SetEnv VARIABLE_NAME variable_value
SetEnv API_KEY api_value
# getenv('VARIABLE_NAME') in php
# Security Options
ServerTokens Prod
ServerSignature Off
TraceEnable Off
DocumentRoot /var/www/html/xyzfolder
# Set global header options
Header set X-Content-Type-Options "nosniff"
Header set X-XSS-Protection "1; mode=block"
Header set X-Frame-Options "SAMEORIGIN"
Header set Content-Security-Policy "default-src 'self'"
<Directory "/var/www/html/xyzfolder">
AllowOverride All
#Require all granted
Options -FollowSymLinks -Indexes -Includes -ExecCGI
# Deny all by default 2.4 and above authorization control if web server is behind the proxy server
Require all denied
# Allow access only from the specified IP address if web server is behind the proxy server
Require ip 192.168.10.101
</Directory>
# Custom Log Format
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" custom_log_format
CustomLog /var/log/httpd/example_access.log custom_log_format
# Error Log
ErrorLog /var/log/httpd/example_error.log
# Other Apache directives specific to your website can be added here
# Allow only from 192.168.1.10 and deny from all for the whole server - Not required as we already configure in Directory column
<Location />
Require all denied
Require ip 192.168.10.101
</Location>
</VirtualHost>
