I'm running Apache 2.4.54 on Debian Bullseye and have 42 VHOSTs configured. Most of them are subdomains xxx.my.domain.com of our main domain, say my.domain.com. One client has a special domain. There is also a default VHOST to catch all the requests. All the VHOSTS reside in numbered files, the default comes last.
- HTTP -> HTTPS
- subdomain not catches before -> ErrorDocument
- no subdomain -> errorDocument
In the case I just enter https://my.domain.com, this request is catched by one of the earlier vhosts and not by the default VHOST. I don't understand why this happens.
Without SSL, the request is answered by 99-default.conf
99-default.conf
<VirtualHost _default_:80>
ServerName my.domain.com
Redirect permanent / https://my.domain.com
ErrorLog ${APACHE_LOG_DIR}/default_error.log
CustomLog ${APACHE_LOG_DIR}/default_access.log vhost_combined
</VirtualHost>
<VirtualHost *:80>
ServerAlias *.my.domain.com
Redirect 404 /
DocumentRoot /var/www/html/
ErrorDocument 404 "Subdomain does not exist"
ErrorLog ${APACHE_LOG_DIR}/default_error.log
CustomLog ${APACHE_LOG_DIR}/default_access.log combined
</VirtualHost>
# match requests without subdomain
<VirtualHost _default_:443>
ServerName my.domain.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
Redirect 404 /
ErrorDocument 404 "Please choose subdomain"
ErrorLog ${APACHE_LOG_DIR}/default_error.log
CustomLog ${APACHE_LOG_DIR}/default_access.log combined
</VirtualHost>
# match any subdomain that does not exist (that's why order is important)
<VirtualHost *:443>
ServerAlias *.my.domain.com
Redirect 404 /
DocumentRoot /var/www/html/
ErrorDocument 404 "Subdomain does not exist"
ErrorLog ${APACHE_LOG_DIR}/default_error.log
CustomLog ${APACHE_LOG_DIR}/default_access.log combined
</VirtualHost>
02-app-customer.conf
<VirtualHost *:443>
Protocols h2 http/1.1
ServerAlias customers-domain.com
# ServerAlias customer.my.domain.com
SSLEngine on
SSLCertificateFile /etc/ssl/certs/wildcard.crt
SSLCertificateKeyFile /etc/ssl/private/wildcard.key
SSLCertificateChainFile /etc/ssl/certs/wildcard_chain.crt
ErrorLog ${APACHE_LOG_DIR}/app_error.log
CustomLog ${APACHE_LOG_DIR}/app_access.log vhost_combined
Include conf.d/security.conf
Include /usr/local/app/local/customer/httpd.conf
<FilesMatch ".+\.ph(p[3457]?|t|tml)$">
SetHandler "proxy:unix:/run/php/php7.4-fpm-app.sock|fcgi://localhost"
</FilesMatch>
</VirtualHost>
# Redirection from port 80 to 443 if ssl enabled
<VirtualHost *:80>
ServerName customers-domain.com
# ServerAlias customer.my.domain.com
Redirect permanent / https://www.customers-domain.com/
ErrorLog ${APACHE_LOG_DIR}/app_error.log
CustomLog ${APACHE_LOG_DIR}/app_access.log vhost_combined
</VirtualHost>
# Redirect of www.customers-domain.com to customers-domain.com
<VirtualHost *:443>
Protocols h2 http/1.1
ServerName www.customers-domain.com
ServerAlias www.customers-domain.biz
SSLEngine on
SSLCertificateFile /etc/ssl/certs/wildcard.crt
SSLCertificateKeyFile /etc/ssl/private/wildcard.key
SSLCertificateChainFile /etc/ssl/certs/wildcard_chain.crt
ErrorLog ${APACHE_LOG_DIR}/app_error.log
CustomLog ${APACHE_LOG_DIR}/app_access.log vhost_combined
Redirect permanent / https://customers-domain.com
</VirtualHost>
<VirtualHost *:80>
ServerName www.customers-domain.com
ServerAlias www.customers-domain.biz
Redirect permanent / https://customers-domain.com/
ErrorLog ${APACHE_LOG_DIR}/app_error.log
CustomLog ${APACHE_LOG_DIR}/app_access.log vhost_combined
</VirtualHost>
I don't understand why a request to https://my.domain.com is catched by 02-app-customer.conf and not by 99-default.conf. Any ideas?
