Hello,
On 08.12.2010 16:01, Eric Covener wrote:
.. I propose a less quirky configuration, for example
with "ServerName .. exclusive"
So it would handshake with the "wrong" information and serve the wrong
virtualhosts error documents?
The "exclusive" defined vhost would do what the second vho
Hello,
On 08.12.2010 15:03, Eric Covener wrote:
And at least 50% of the world would think whatever you intuitively
expect to happen in this case is quirky. That's why there's a
configuration file.
I expect nothing to happen intuitively.
What happens now, serving any-SSL violating the vhost def
Hello,
On 08.12.2010 14:13, Tom Evans wrote:
...
And the experienced user has seen these warnings often, so he regularly
clicked on "I understand the risks" and accepted the ssl session anyway -
and it's even wiser in most cases to do because mostly you're better off (in
web 2.0 services for exa
Hello,
On 08.12.2010 13:45, Tom Evans wrote:
.. but at this point apache knows that there is something wrong with the
request or the configuration, and should throw an error instead of serving
the wrong data.
Typically, you don't even get to that point. Most browsers will throw
a fit if they r
Hello,
On 08.12.2010 13:31, Eric Covener wrote:
"ServerName ... exclusive" directive for
the config (and logic behind) could make sense, ...
This facility is effectively already there by creating a default
(first-listed) name-based virtual host and handling unspecified
domains that show up on
Hello,
On 08.12.2010 12:48, Tom Evans wrote:
Until the incoming request has been received and decrypted, apache has
no clue that the domain requested was 'not-ssl-configured-domain.xx'.
That's kind of the point of SSL.
Ok, thanks for pointing that out.
Apache determines which vhost to use to
Hello,
On 08.12.2010 11:38, Matus UHLAR - fantomas wrote:
Now what happens to my surprise is that /phppgadmin is accessible via
all my virtual hosts, not just the one (base host) where it is
defined.
...
On 07.12.10 20:27, Joost de Heer wrote:
SSL namebased virtualhosting will not work.
..
He
Ho,
On 07.12.2010 20:33, Eric Covener wrote:
Apache uses the first virtual host in each set of NameVirtualHost's as
a default/catch-all after IP-based vhosting ...
Now I understand, thanks for your patience in explaining it.
What I did now is add a dummy-domain on top of my SSL config:
## SS
Hi,
On 07.12.2010 20:27, Joost de Heer wrote:
Now what happens to my surprise is that /phppgadmin is accessible via
all my virtual hosts, not just the one (base host) where it is
defined.
All your virtual hosts or all your SSL virtual hosts?
The latter.
https://onesite.com/phppgadmin
https
Hello,
On 07.12.2010 19:35, Eric Covener wrote:
...
No, based on my short description of how a virtualhost is found, you
never jump to 2nd-best IP:PORT match to match up a
servername/serveralias ...
Right, so I'd expect apache to throw an error - instead it uses a ServerName
from another virt
Hello,
On 07.12.2010 19:13, Eric Covener wrote:
What works and should _not_ work:
https://twosite.com/phppgadmin
You only listed one port 443 virtualhost, and it has the Alias in it.
Apache finds the best match for the IP:Port, then looks at the
ServerName/ServerAlias in that set of NameVirtu
Hello,
I've switched to a new debian server with apache 2.2.9 and installed the
'phpgadmin'
tool via a debian package.
This copies the php sources outside of /var/www and sets an 'alias ..'
directive in /etc/apache2/conf.d/
Now what happens to my surprise is that /phppgadmin is accessible via
12 matches
Mail list logo
