Join Log in
Score:0
Emily avatar Server

Apache with vhosts: Newly created site opens other site

ao flag
Emily

I have a server with three vhosts, the default (domain.com), site1.com and site2.com. The server is running Ubuntu 22.04 LTS with Apache2. Until yesterday, this server only served the default domain, a simple hand-crafted site, and site1.com, which contains a Wordpress site, and did so without problems. I'm using HTTPS with LetsEncrypt certificates.

Yesterday, I installed site2.com and popped a second Wordpress instance there. Now, site1.com and domain.com work properly, but site2.com opens site1.com except when I type www.site2.com. Just typing site2.com opens site1.com.

I'm thoroughly confused. Can anyone suggest what's going wrong?

Here are my vhost files:

000-default.conf

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html

    LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

RewriteEngine on
RewriteCond %{SERVER_NAME} =domain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

000-default-le-ssl.conf

<IfModule mod_ssl.c>
SSLStaplingCache shmcb:/var/run/apache2/stapling_cache(128000)
<VirtualHost *:443>
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html

    LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

ServerName domain.com
SSLCertificateFile /etc/letsencrypt/live/domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
Header always set Strict-Transport-Security "max-age=31536000"
SSLUseStapling on
</VirtualHost>
</IfModule>

site1.conf

<VirtualHost *:80>
  ServerName site1.com
  ServerAlias www.site1.com
  DocumentRoot "/var/www/site1.com/"

  ErrorLog "/var/log/apache2/site1_com_error_log"
  TransferLog "/var/log/apache2/site1_com__access_log"

  <Directory />
    Options +Indexes +FollowSymLinks +ExecCGI
    AllowOverride All
    Order deny,allow
    Allow from all
    Require all granted
</Directory>

RewriteEngine on
RewriteCond %{SERVER_NAME} =site1.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

Site1-le-ssl.conf

<IfModule mod_ssl.c>
<VirtualHost *:443>
  ServerName site1.com
  ServerAlias www.site1.com
  DocumentRoot "/var/www/site1.com/"

  ErrorLog "/var/log/apache2/site1_com_error_log"
  TransferLog "/var/log/apache2/site1_com__access_log"

  <Directory />
    Options +Indexes +FollowSymLinks +ExecCGI
    AllowOverride All
    Order deny,allow
    Allow from all
    Require all granted
</Directory>

RewriteEngine on
# Some rewrite rules in this file were disabled on your HTTPS site,
# because they have the potential to create redirection loops.

# RewriteCond %{SERVER_NAME} =site1.com
# RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/site1.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/site1.com/privkey.pem
</VirtualHost>
</IfModule>

Site2.conf

<VirtualHost *:80>
  ServerName site2.com
  ServerAlias www.site2.com
  DocumentRoot "/var/www/site2.com/"

  ErrorLog "/var/log/apache2/site2_com_error_log"
  TransferLog "/var/log/apache2/site2_com_access_log"

  <Directory />
    Options +Indexes +FollowSymLinks +ExecCGI
    AllowOverride All
    Order deny,allow
    Allow from all
    Require all granted
</Directory>

RewriteEngine on
RewriteCond %{SERVER_NAME} =site2.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

Site2-le-ssl.conf

<IfModule mod_ssl.c>
<VirtualHost *:443>
  ServerName site2.com
  ServerAlias www.site2.com
  DocumentRoot "/var/www/site2.com/"

  ErrorLog "/var/log/apache2/site2_com_error_log"
  TransferLog "/var/log/apache2/site2_com_access_log"

  <Directory />
    Options +Indexes +FollowSymLinks +ExecCGI
    AllowOverride All
    Order deny,allow
    Allow from all
    Require all granted
</Directory>

RewriteEngine on

Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/site2.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/site2.com/privkey.pem
</VirtualHost>
</IfModule>

I have the following in my hosts file:

127.0.0.1 localhost
127.0.0.1 site1.com
127.0.0.1 site2.com
127.0.0.1 domain.com
29
0 + 4
HBruijn avatar
in flag
HBruijn
"permanent" redirects are supposed to be cached in your web browser and any changes in an (incorrect) configuration won't be picked up after you make them. You'll need to test each adjustment in a new anonymous/private/incognito window. - The second thing is to not use a parameterised mod_rewrite rule for your trivial redirect http to https, but do as the manual recommends [avoid mod_rewrite](https://httpd.apache.org/docs/2.4/rewrite/avoid.html) and use [`Redirect`](https://httpd.apache.org/docs/2.4/mod/mod_alias.html#redirect) directives. [example](https://serverfault.com/a/1126661/37681)
0
Reply
HBruijn avatar
in flag
HBruijn
Setting up a directory block for your root directory `<Directory />` with the Options `+FollowSymLinks +ExecCGI` is really bad security and NOT needed (in general) and potentially opens up your server for all kinds of attacks and information disclosure
0
Reply
Emily avatar
ao flag
Emily
Super helpful feedback. Thanks. Yes, the problem came from the cacheing in the browser. The tips on avoiding mod_rewrite and changing the directory block settings are really helpful. Appreciate it a great deal!
0
Reply
John Hanley avatar
cn flag
John Hanley
Your hosts file does not have entries for `www.site1.com` or `www.site2.com`. Given that Apache and the container are sharing the same ports, you configuration setup is broken and there must be error occurring that you have not noticed.
1
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.