1

Environment

Ubuntu 16.04 / Apache 2.4.18

Problem

One of my Apache configs is matching every request, regardless of whether the ServerName matches. Even different domains are matching, not just subdomains. How do I determine a fix for why this one config is matching everything?

Details

I have two active configurations, 000-default and a config for one of my domains.

Problem is, if I enable the config for that one domain, that config handles all requests, no matter if I'm using a fake subdomain, or even a completely different domain that is set up to point to that server's IP.

To be clear, I don't yet have a config for that other domain, so it shouldn't be matching anything.

Configs appear to be loaded in the proper order, so the 000-default should be the default config for nonmatching requests.

Configuration

# 000-default.conf
NameVirtualHost *
<VirtualHost *>
  ServerName default
  ServerSignature Off
  Redirect 404 /
</VirtualHost>

.

# example-com.conf
<VirtualHost *:80>
  ServerName example.com
  ServerAlias example.com
  ServerSignature Off

  RewriteEngine on
  RewriteCond %{HTTP_HOST} ^example\.com [NC]
  RewriteCond %{HTTPS} !=on
  RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [NE,R,L]
</VirtualHost>

Since my other domain doesn't match that first RewriteCond, it just returns a blank 200. So probably no need to pay attention to the fact that nothing is serving that HTTPS route:

# curl -I http://example.com
HTTP/1.1 302 Found <== This is good, that redirects as expected
$ curl -I http://fake.example.com
HTTP/1.1 200 OK <== That's bad, it hit the example.com config, failed the RewriteCond, and just returned a blank 200
$ curl -I http://other-domain.com
HTTP/1.1 200 OK <== Also bad, same reason as above

Apache seems to be loading stuff in the right order:

# apache2ctl -S
AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled/000-default.conf:1
VirtualHost configuration:
*:*                    default (/etc/apache2/sites-enabled/000-default.conf:3)
*:80                   example.com (/etc/apache2/sites-enabled/example-com.conf:1)

With this load order, 000-default should be handling nonmatching sites, but it's not. Can anyone see the deal with my config that's causing this?

Improve this question
3
  • Don't know if this will fix anything but three suggestions about 000-default... First, the 2.4.x line of Apache does not require the NameVirtualHost directive (and it is in fact deprecated). Second, I would replace <VirtualHost *> with <VirtualHost *:80>. Most configurations I see have this syntax even for 000-default. Third, you may want to disable (a2dissite) and re-enable (a2ensite) 000-default regardless to make sure it's is actually enabled (don't forget to restart Apache obviously).
    – Anaksunaman
    Commented Aug 6, 2017 at 12:15
  • Well, what you said is exactly what fixed it. Probably specifying that port. I admit my Apache-fu is weak, so I thank you greatly for your assistance.
    – cedmans
    Commented Aug 7, 2017 at 3:23
  • Yeah my suspicion is the port as well. In any case, you're welcome. Glad it's fixed. :-)
    – Anaksunaman
    Commented Aug 7, 2017 at 3:52

1 Answer 1

Reset to default
1

I would suggest looking at three things in regards to the 000-default configuration file:

  • The 2.4.x line of Apache does not require the NameVirtualHost directive (and it is in fact deprecated), so I would remove this.

  • I would replace <VirtualHost *> with <VirtualHost *:80>. Most configurations I see have this syntax even for 000-default. Not having this format could interfere with the host being used for requests.

  • You should disable (a2dissite) and re-enable (a2ensite) the 000-default configuration file to make sure it's is actually enabled (don't forget to restart Apache as well).

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .