February 23, 2024

What is a Virtual Host Server?

virtual host server

Virtual hosting servers allow multiple websites to run simultaneously on one server. Each domain name can access different websites with their own content.

Each vhost is isolated from other vhosts and its queues, exchanges and bindings have permissions that apply only to that vhost. Some may share a chroot directory.

IP based

IP based virtual hosting is the easiest and most common way of setting up a web server, as it requires creating dedicated hosts for every domain on the server, along with an associated port number. To avoid security vulnerabilities, only use ports not used by other vhosts; additionally, any settings that make port 443 active should be disabled or commented out.

Sponsored

At each request, the first name-based vhost that matches both address and port are utilized, also for SSL connections if available on the server. Main server definitions are then merged into all vhosts without regard to their position in the configuration file – meaning per-directory configuration information from main is never overridden by individual vhosts; when selecting Host: header missings this method also determines default server; otherwise main will take over.

Port based

Port-based virtual hosting enables one server to host several websites using different ports. This method can be beneficial when testing or staging websites, as it enables it to use its full potential – but may require more configuration than IP-based virtual hosting.

Nearly all Apache configuration directives can be put into a virtual host, except those related to process creation and those specifically reserved for main server context. Usually these directives will be configured within a ServerConfiguration> section.

An evaluation is performed on each request to determine if its URI matches any of the configured virtual hosts or main server, in which case that particular virtual host takes over and serves the request; otherwise it goes through the main server instead.

Sponsored

Name based

Name-based virtual hosting allows multiple websites to share one IP address. When requests arrive, the server checks for hostname in HTTP header and serves up different web pages based on which name was used to connect – similar to how Bruce Wayne answers his parlour phone when someone dials into Batcave.

If a virtual host doesn’t specify either its ServerName or Alias, a default name is taken from its base server configuration and this could potentially lead to problems if multiple names for domains exist within it. Therefore, it is advisable that explicit ServerNames for each vhost are always listed and wildcard characters such as * or? should not be used when listing VirtualHost > sections.

The server examines each virtual host definition in order of definition and selects the first vhost that matches a hostname in a request. If no matching vhost is found, it will be served by either main server or default vhost (whichever comes first in configuration file) with any remaining requests being rewritten to 404 error page rewriting as appropriate.

Explicit

Virtual host servers allow websites to have multiple URLs that point back to one IP address, giving a single server enough capacity to accommodate both types of traffic without needing two separate servers. A public website and an internal intranet could both benefit from using such a server in this way.

When an request arrives, a web server looks at its IP address to identify which virtual host should serve it. If the vhost contains a ServerName field, then this information is used; otherwise it uses the Host header in the request as a guideline.

Unless you provide your server with a ServerName and ServerAlias, any request to the server will default to its default vhost. To prevent this from happening, add a VirtualHost DocumentRoot directive into the main server configuration file – making sure that DocumentRoot and CGI directories of your vhost can only be written into by users and groups in root mode to prevent unintended file system access.