However, as we are planning on hosting two web sites we ought to be thinking about two locations, one for each value of the Host: header. We should also think about what to do with requests that have neither www.dept.cam.ac.uk nor prg.dept.cam.ac.uk as the Host: header's value.
| Use valid DNS names |
The names used for the virtual hosts cannot just be made up. They must be registered in the DNS for the IP address of the server being used. Typically there will be a "real" name for the server (given by the DNS A record) and a number of aliases for the web sites (given by DNS CNAME records). |
We shall create two subdirectories, WWW and PRG, of /srv/www for the two websites. We will also create two groups, www-admin and prg-admin, which will contain the people entitled to update the sites.
Setting up and using the WWW and PRG directories.
Creating the groups
# groupadd -r www-admin # groupadd -r prg-admin
The -r option on
groupadd sets up a
system group. These are no different
from user groups in reality, but SLES assigns them from a
different range of numeric IDs to keep them apart.
Setting up the directories
Next we have to create /srv/www/WWW and /srv/www/PRG and set them up so that these newly created groups have sway over them. After creating the directories we need to do a number of things.
We must change the group of the directories. It starts out controlled by the root group.
We must change the permissions so that this group can add things.
We must set the permissions so that anything created in the directory also is controlled by the webadmin group.
The change of group is done with the chgrp command and the two changes of permissions can be done with a single use of the chmod command.
# mkdir /srv/www/WWW # chgrp www-admin /srv/www/WWW # chmod g+ws /srv/www/WWW # mkdir /srv/www/PRG # chgrp prg-admin /srv/www/PRG # chmod g+ws /srv/www/PRG
Adding users to the groups
We will add the users alice and bob to the www-admin group and alice only to the prg-admin group.
You can directly edit the file /etc/group to add users to the group line. They should be comma-separated with no spaces and no trailing comma.
www-admin:!:106:alice,bob prg-admin:!:107:alice
Alternatively, we can use the
usermod command to change the groups that
the users are in. The -G option sets a
user's groups.
| Warning |
usermod's |
Suppose alice is in group alpha already. Then to add her to www-admin and prg-admin we must state that she is in all the groups.
# usermod -G alpha,www-admin,prg-admin alice
If bob is in no other group, then the command used is easier.
# usermod -G www-admin bob
Note: The users will have to log in again to pick up the groups they have been added to.
To let us know we have reached the right directory we will put a file, index.html in each directory identifying it.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>
<title>The DEPT web site</title>
</head><body>
<h1>Welcome to DEPT</h1>
<p>This is the DEPT web site.</p>
</body>
</html>
Now we must tell the web server to use these two directories appropriately. For this we use the NameVirtualHost and VirtualHost commands.
NameVirtualHost * <VirtualHost *> ServerName www.dept.cam.ac.uk DocumentRoot /srv/www/WWW </VirtualHost> <VirtualHost *> ServerName prg.dept.cam.ac.uk DocumentRoot /srv/www/PRG </VirtualHost>
To set up a named-based virtual host we add a section like the one shown in the figure above to the configuration file. Two such sections should be added, one for www and one for prg. So what does it mean?
Syntax summary: Virtual hosts
This instructs the web server to run name-based
virtual hosts on interface. If
the specified interface is * then all
available interfaces are used.
The VirtualHost section describes a single virtual host. Everything from the <VirtualHost interface> to </VirtualHost> sets parameters for a single virtual host. Parameters set outside the VirtualHost section normally provide default values for all virtual hosts. The interface specified must match one previously set up for named-based virtual hosting by a NameVirtualHost command.
This sets the name of the server for the virtual host. If a query's Host: header matchs this then the virtual host block will be applied.
This command specifies where the server should look for its documents for the particular virtual host. This is where we get to split up our various hosts into different directories.
What happens if a query's Host: header doesn't match the server name of any VirtualHost block? Apache treats the first VirtualHost block in the configuration file as the default VirtualHost and will use this if nothing else matches. It can be a good idea to set Apache up with a 'dummy' first virtual host block that does nothing except display an error message saying that it's been impossible to work out which site a request was intended for.