Environment
Ubuntu 16.04 / Apache 2.4.18
Problem
One of my Apache configs is matching every request, regardless of whether the ServerName matches. Even different domains are matching, not just subdomains. How do I determine a fix for why this one config is matching everything?
Details
I have two active configurations, 000-default
and a config for one of my domains.
Problem is, if I enable the config for that one domain, that config handles all requests, no matter if I'm using a fake subdomain, or even a completely different domain that is set up to point to that server's IP.
To be clear, I don't yet have a config for that other domain, so it shouldn't be matching anything.
Configs appear to be loaded in the proper order, so the 000-default should be the default config for nonmatching requests.
Configuration
# 000-default.conf
NameVirtualHost *
<VirtualHost *>
ServerName default
ServerSignature Off
Redirect 404 /
</VirtualHost>
.
# example-com.conf
<VirtualHost *:80>
ServerName example.com
ServerAlias example.com
ServerSignature Off
RewriteEngine on
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [NE,R,L]
</VirtualHost>
Since my other domain doesn't match that first RewriteCond
, it just returns a blank 200. So probably no need to pay attention to the fact that nothing is serving that HTTPS route:
# curl -I http://example.com
HTTP/1.1 302 Found <== This is good, that redirects as expected
$ curl -I http://fake.example.com
HTTP/1.1 200 OK <== That's bad, it hit the example.com config, failed the RewriteCond, and just returned a blank 200
$ curl -I http://other-domain.com
HTTP/1.1 200 OK <== Also bad, same reason as above
Apache seems to be loading stuff in the right order:
# apache2ctl -S
AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled/000-default.conf:1
VirtualHost configuration:
*:* default (/etc/apache2/sites-enabled/000-default.conf:3)
*:80 example.com (/etc/apache2/sites-enabled/example-com.conf:1)
With this load order, 000-default
should be handling nonmatching sites, but it's not. Can anyone see the deal with my config that's causing this?