Every webhost needs a name. Standard we use www for websites. Do you have more websites on the same domain you need to give them a different name.
The use of only the domainname is not a good one. The reason is comport fo the visitor when typing the URL to your site.
Give the main website the name www.example.com and create a redirect from the example.com vhost. This mean you make two virtual hosts. When visiters enter example.com they are redirected to www.example.com. Search engines and other sites will use a direct link to www.example.com.
Don't use rewrite because it's difficult and messy.
| Subdomain | Use |
|---|---|
| Not recommended | |
| www | For primary website |
| blog | Weblog if not primary website else use www |
| webmail | Webmail server |
| cloud | Cloudserver for your domain |
| forum | Forum |
| mta-sts | Special use for MTA TLS traffic. |
Save the template as vhost.con in de vhosts.d dir so it won't start.
# cd /etc/http/conf/ # mkdir vhosts.d # cd vhosts.d # vi vhost.con
Add the code below:
<VirtualHost *:80>
ServerName example.com
redirect 301 / http://www.example.com
</virtual>
<VirtualHost *:80>
ServerAdmin webmaster@example.com
ServerName www.example.com
CustomLog /var/log/httpd/www.example.com-access_log combined
ErrorLog /var/log/httpd/www.example.com-error_log
HostnameLookups Off
UseCanonicalName Off
ServerSignature On
DocumentRoot /srv/www/vhosts/www.example.com/httpdocs
<Directory "/srv/www/vhosts/www.example.com/httpdocs">
Options +Indexes
AllowOverride All
Require all granted
</Directory>
</virtual>
When you need CGI scripting remove last </virtual> and add:
ScriptAlias /cgi-bin/ "/srv/www/vhosts/www.example.com/cgi-bin/"
<Directory "/srv/www/vhosts/www.example.com/cgi-bin">
Options +ExecCGI -Includes
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
Now for using it for <url>:
# cd /etc/httpd/conf/vhosts # cp vhost.con <url>.conf
Change www.example.com to the <url> inside the config file.
Ad 1. This is not a safe option. Consider to use lets-encrypt. Search engines don't like HTTP sites. IF you host a public NTP server you can use it to redirect traffic.
Ad 2. The website that get lets-encrypt needs to be http only. After the certificates are created and added the config file will we adjusted for correct workings. We than need a redirect to https. See also below on correct redirecting.
Ad 3. This use only the second virtualhost. Remove the first.
In case of redirecting, a domain should firstly upgrade itself by redirecting to its HTTPS version before it may redirect to another domain. This also ensures that the HSTS policy will be accepted by the web browser. Examples of correct redirect order:
Both will we created in the template.
Lets make a template for HTTPS use:
# cd /etc/http/conf/vhosts.d # vi vhosts.con
Add the code below:
<VirtualHost *:80>
ServerName example.com
Redirect 301 / https://example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
SSLEngine on
SSLCertificateKeyFile /etc/pki/tls/private/example.com.key
SSLCertificateFile /etc/pki/tls/certs/example.com.crt
SSLCertificateChainFile /etc/pki/tls/certs/example.com_ca-bundle.pem
Include /etc/httpd/conf/vhssl.conf
Redirect 301 / https://www.example.com
</VirtualHost>
<VirtualHost *:80>
ServerName www.example.com
Redirect 301 / https://www.example.com/
</VirtualHost>
<VirtualHost *:443>
ServerAdmin webmaster@example.com
ServerName www.example.com
CustomLog /var/log/httpd/www.example.com-access_log combined
ErrorLog /var/log/httpd/www.example.com-error_log
DirectoryIndex index.html index.html.var index.htm index.shtml index.php
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/example.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/example.com.key
SSLCertificateChainFile /etc/pki/tls/certs/example.com_ca-bundle.pem
Include /etc/httpd/conf/vhssl.conf
DocumentRoot /srv/www/vhosts/www.example.com/httpsdocs
<Directory "/srv/www/vhosts/www.example.com/httpsdocs">
Options +Indexes +FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ScriptAlias /cgi-bin/ "/srv/www/vhosts/www.example.com/cgi-bin/"
<Directory "/srv/www/vhosts/www.example.com/cgi-bin">
Options +ExecCGI -Includes
SSLOptions +StdEnvVars
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
Now for <url>:
If your website don't need cgi-bin then remove the ScriptAlias /cgi-bin/ part in the setup of the vhost.
# cd /etc/httpd/conf/vhosts.d # cp vhosts.con <url>.conf
Change www.example.com to the <url> inside the config file.
The first two virtual host are only needed when you setup the primairy website that gets the www subdomain. Use example.com only as a redirect to www.example.com for easy entry on the URL line in the browser.
Between steps you can use ll to see if it went OK.
To check the con (selinux) type ll -Z.
When you don't need cgi-bin skip it. you can always add it later when needed.
Only the first time:
# cd /srv/www # mkdir vhosts # chcon -t httpd_sys_content_t vhosts
For every new vhost:
# cd /srv/www/vhosts/ # mkdir www.example.com # cd www.example.com # mkdir httpsdocs # mkdir cgi-bin # chown root:users httpsdocs cgi-bin # chcon -t httpd_sys_script_exec_t cgi-bin
When you make a directory for a CMS site:
# chown apache:apache -R httpsdocs/ # chcon -R -t httpd_sys_rw_content_t *