Apache virtual host serves default vhost for port 443 despite server name match for port 80
I have two servers that are clones of each other save for a few minor configuration changes. I am getting some unexpected behaviour when trying to visit their monitoring.*.com sub domains.
Running ./apache2ctl -S on each server gives the following:
Staging Server
VirtualHost configuration:
wildcard NameVirtualHosts and _default_ servers:
*:443 is a NameVirtualHost
default server 010.staging.com (/etc/apache2/sites-enabled/010:2)
port 443 namevhost 010.staging.com (/etc/apache2/sites-enabled/010:2)
port 443 namevhost 011.staging.com (/etc/apache2/sites-enabled/011:2)
port 443 namevhost 013.staging.com (/etc/apache2/sites-enabled/013:2)
*:80 is a NameVirtualHost
default server www.production.com (/etc/apache2/sites-enabled/000-default:1)
port 80 namevhost www.production.com (/etc/apache2/sites-enabled/000-default:1)
port 80 namevhost monitoring.staging.com (/etc/apache2/sites-enabled/monitoring:1)
Syntax OK
Production Server
VirtualHost configuration:
wildcard NameVirtualHosts and _default_ servers:
*:443 is a NameVirtualHost
default server de.production.com (/etc/apache2/sites-enabled/de:2)
port 443 namevhost de.production.com (/etc/apache2/sites-enabled/de:2)
port 443 namevhost uk.production.com (/etc/apache2/sites-enabled/uk:2)
port 443 namevhost us.production.com (/etc/apache2/sites-enabled/us:2)
port 443 namevhost www.production.com (/etc/apache2/sites-enabled/production:2)
*:80 is a NameVirtualHost
default server www.production.com (/etc/apache2/sites-enabled/000-default:1)
port 80 namevhost www.production.com (/etc/apache2/sites-enabled/000-default:1)
port 80 namevhost monitoring.production.com (/etc/apache2/sites-enabled/monitoring:1)
Syntax OK
The configuration of 000-default is as follows on both servers
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName www.production.com
DocumentRoot /home/user/apache/
RewriteEngine on
RewriteLog /var/log/apache2/log
RewriteLogLevel 1
RewriteCond %{REQUEST_URI}/ !^(/server-status).*$
RewriteRule ^/(.*)$ https://%{SERVER_NAME}/$1 [R=301,L]
</VirtualHost>
The problem I am having is that when I visit http://monitoring.staging.com I am being redirected to http**s**.monitoring.staging.com and being served the app for 010.staging.com the default secure port server.
The production server is behaving as expected and serving my application monitoring tool.
As I said both these servers started out as clones of a master image with only very minor configuration changes – I can describe specific changes if needed.
Can anyone hazard any guesses why I am seeing this behaviour?
Thank you
Updates:
This is the Vhost config for monitoring:
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName monitoring.staging.com
DocumentRoot /var/www/munin
<Directory /var/www/munin>
Options FollowSymLinks
AllowOverride None
</Directory>
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel notice
CustomLog /var/log/apache2/access.log combined
ErrorLog /var/log/apache2/error.log
ServerSignature On
</VirtualHost>
And for the app that is actually being served:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName 010.staging.com
RewriteLog /var/log/apache2/ssl.log
RewriteRule ^/$ /010/home.htm [R=301,L]
RewriteRule ^/(?!010/|static/|mgt).*$ /010/home.htm [R=301,L]
SSLCertificateKeyFile /etc/apache2/ssl/010/apache.key
SSLCertificateFile /etc/apache2/ssl/010/apache.crt
SSLCACertificateFile /etc/apache2/ssl/010/apache-ca.crt
</VirtualHost>
</IfModule>
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8728145350222960&output=html&h=280&slotname=3177021931&adk=272958323&adf=4253104653&pi=t.ma~as.3177021931&w=730&fwrn=4&fwrnh=100&lmt=1673427609&rafmt=1&format=730×280&url=https%3A%2F%2Fitecnotes.com%2Fserver%2Fapache-virtual-host-serves-default-vhost-for-port-443-despite-server-name-match-for-port-80%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTQuMC4wIiwieDg2IiwiIiwiMTA4LjAuNTM1OS4xMjUiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJOb3Q_QV9CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTA4LjAuNTM1OS4xMjUiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMDguMC41MzU5LjEyNSJdXSxmYWxzZV0.&dt=1673427609433&bpp=2&bdt=331&idt=324&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd59a178a1aa801d7-2225e38334d90014%3AT%3D1673066277%3ART%3D1673066277%3AS%3DALNI_Mb3cSN-p0MDgPli0_3O6vDHPZREkA&gpic=UID%3D00000b9f1ce05e3d%3AT%3D1673066277%3ART%3D1673246658%3AS%3DALNI_Ma0lpDHYBhwYNa9TK7I9ZLHuhwt9Q&prev_fmts=0x0&nras=1&correlator=570507711579&frm=20&pv=1&ga_vid=1501950077.1673427610&ga_sid=1673427610&ga_hid=1190480190&ga_fc=0&u_tz=420&u_his=1&u_h=1080&u_w=1920&u_ah=1032&u_aw=1920&u_cd=24&u_sd=1&dmc=8&adx=397&ady=2770&biw=1903&bih=929&scr_x=0&scr_y=2037&eid=44759875%2C44759926%2C44759837%2C31071374&oid=2&pvsid=4087462812482878&tmod=282180442&uas=0&nvt=3&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1920%2C0%2C1920%2C1032%2C1920%2C929&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XBJFvo7hzP&p=https%3A//itecnotes.com&dtd=329
Best Answer
I solved this by change the 000-default config on staging to the follow:
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName staging.com
DocumentRoot /home/user/apache/
RewriteEngine on
RewriteLog /var/log/apache2/log
RewriteLogLevel 1
RewriteCond %{REQUEST_URI}/ !^(/server-status).*$
RewriteRule ^/(.*)$ https://%{SERVER_NAME}/$1 [R=301,L]
</VirtualHost>
The change being the ServerName from www.production.com to staging.com
I don’t know why this fixed the issue so I am more than happy give a correct answer tick to anyone that can explain the behaviour and what Apache is doing.
Related Solutions
Apache Named VirtualHosts with wildcards
Update: * is valid syntax but not necessary. You can find out more here.
This will work though.
<VirtualHost *:80>
ServerName example.com
</VirtualHost>
<VirtualHost *:80>
ServerName www.example.com
</VirtualHost>
The first directive will match everything that is not explicitly defined elsewhere.