Every webhost needs a name. Standard we use www for websites. Do you have more websites on the same domain you need to give them a different name.
The use of only the domainname is not a good one. The reason is comport fo the visitor when typing the URL to your site.
Give the main website the name www.example.com and create a redirect from the example.com vhost. This mean you make two virtual hosts. When visiters enter example.com they are redirected to www.example.com. Search engines and other sites will use a direct link to www.example.com.
Don't use rewrite because it's difficult and messy.
Subdomain | Use |
---|---|
Not recommended | |
www | For primary website |
blog | Weblog if not primary website else use www |
webmail | Webmail server |
cloud | Cloudserver for your domain |
forum | Forum |
mta-sts | Special use for MTA TLS traffic. |
Save the template as vhost.con in de vhosts.d dir so it won't start.
# cd /etc/http/conf/ # mkdir vhosts.d # cd vhosts.d # vi vhost.con
Add the code below:
<VirtualHost *:80> ServerName example.com redirect 301 / http://www.example.com </virtual> <VirtualHost *:80> ServerAdmin webmaster@example.com ServerName www.example.com CustomLog /var/log/httpd/www.example.com-access_log combined ErrorLog /var/log/httpd/www.example.com-error_log HostnameLookups Off UseCanonicalName Off ServerSignature On DocumentRoot /srv/www/vhosts/www.example.com/httpdocs <Directory "/srv/www/vhosts/www.example.com/httpdocs"> Options +Indexes AllowOverride All Require all granted </Directory> </virtual>
When you need CGI scripting remove last </virtual> and add:
ScriptAlias /cgi-bin/ "/srv/www/vhosts/www.example.com/cgi-bin/" <Directory "/srv/www/vhosts/www.example.com/cgi-bin"> Options +ExecCGI -Includes AllowOverride None Require all granted </Directory> </VirtualHost>
Now for using it for <url>:
# cd /etc/httpd/conf/vhosts # cp vhost.con <url>.conf
Change www.example.com to the <url> inside the config file.
Ad 1. This is not a safe option. Consider to use lets-encrypt. Search engines don't like HTTP sites. IF you host a public NTP server you can use it to redirect traffic.
Ad 2. The website that get lets-encrypt needs to be http only. After the certificates are created and added the config file will we adjusted for correct workings. We than need a redirect to https. See also below on correct redirecting.
Ad 3. This use only the second virtualhost. Remove the first.
In case of redirecting, a domain should firstly upgrade itself by redirecting to its HTTPS version before it may redirect to another domain. This also ensures that the HSTS policy will be accepted by the web browser. Examples of correct redirect order:
Both will we created in the template.
Lets make a template for HTTPS use:
# cd /etc/http/conf/vhosts.d # vi vhosts.con
Add the code below:
<VirtualHost *:80> ServerName example.com Redirect 301 / https://example.com/ </VirtualHost> <VirtualHost *:443> ServerName example.com SSLEngine on SSLCertificateKeyFile /etc/pki/tls/private/example.com.key SSLCertificateFile /etc/pki/tls/certs/example.com.crt SSLCertificateChainFile /etc/pki/tls/certs/example.com_ca-bundle.pem Include /etc/httpd/conf/vhssl.conf Redirect 301 / https://www.example.com </VirtualHost> <VirtualHost *:80> ServerName www.example.com Redirect 301 / https://www.example.com/ </VirtualHost> <VirtualHost *:443> ServerAdmin webmaster@example.com ServerName www.example.com CustomLog /var/log/httpd/www.example.com-access_log combined ErrorLog /var/log/httpd/www.example.com-error_log DirectoryIndex index.html index.html.var index.htm index.shtml index.php SSLEngine on SSLCertificateFile /etc/pki/tls/certs/example.com.crt SSLCertificateKeyFile /etc/pki/tls/private/example.com.key SSLCertificateChainFile /etc/pki/tls/certs/example.com_ca-bundle.pem Include /etc/httpd/conf/vhssl.conf DocumentRoot /srv/www/vhosts/www.example.com/httpsdocs <Directory "/srv/www/vhosts/www.example.com/httpsdocs"> Options +Indexes +FollowSymLinks AllowOverride All Require all granted </Directory> ScriptAlias /cgi-bin/ "/srv/www/vhosts/www.example.com/cgi-bin/" <Directory "/srv/www/vhosts/www.example.com/cgi-bin"> Options +ExecCGI -Includes SSLOptions +StdEnvVars AllowOverride None Require all granted </Directory> </VirtualHost>
Now for <url>:
If your website don't need cgi-bin then remove the ScriptAlias /cgi-bin/ part in the setup of the vhost.
# cd /etc/httpd/conf/vhosts.d # cp vhosts.con <url>.conf
Change www.example.com to the <url> inside the config file.
The first two virtual host are only needed when you setup the primairy website that gets the www subdomain. Use example.com only as a redirect to www.example.com for easy entry on the URL line in the browser.
Between steps you can use ll to see if it went OK.
To check the con (selinux) type ll -Z.
When you don't need cgi-bin skip it. you can always add it later when needed.
Only the first time:
# cd /srv/www # mkdir vhosts # chcon -t httpd_sys_content_t vhosts
For every new vhost:
# cd /srv/www/vhosts/ # mkdir www.example.com # cd www.example.com # mkdir httpsdocs # mkdir cgi-bin # chown root:users httpsdocs cgi-bin # chcon -t httpd_sys_script_exec_t cgi-bin
When you make a directory for a CMS site:
# chown apache:apache -R httpsdocs/ # chcon -R -t httpd_sys_rw_content_t *