Clinard Concepts & Solutions
Computer Consulting for the Triad
Computer Consulting for the Triad
Multiple Domains, Multiple Servers, One IP Address
In the following article I describe how to set up multiple websites on seperate physical servers behind one ip. Now you can run IIS and Apache on seperate machines behind one ip address. This article assumes you have basic knowledge of installing and configuring apache.
Problem: Multiple websites hosted on seperate servers behind one ip.
Solution: For reasons requested by our client we used the proxy/gateway ability of Apache to read the http headers and pass to the correct server.
Originally, the client hosted multiple sites and web applications on an IIS 6.0 server. New web application development required a L.A.M.P. stack be installed on a separate server. For all intensive purposes we will label:
LAMP stack as server 1 and IIS as server 2.
site-a.com hosted on server 1
site-b.com hosted on server 2.
This brought up a problem. All port 80 traffic was being forwarded by the firewall to server 1 regardless of the http request. They needed a way to filter requests by domain to each separate physical server. The set up can be seen in the graphic below.
As many have written, you can do this with IIS. Although proxying is not built in. It requires an add-on.
Lets start out with the proxying concept. If you're not familiar with Apaches proxy abilities please check this out before you start messing around with your server. A badly configured proxy server can be dangerous for your network and the rest of us on the internet. A typical proxy server intercepts the requests of clients then sends to other servers. The requests and replies being sent by the proxy between the client and destination server CAN be modified if so desired. In our situation though, the requests and replies are being sent unmodified. In this case, it makes our proxy more of a gateway.
Client --> Proxy --> Server
The Apache gateway can be on a seperate machine or on server 1 itself. In this setup we use server 1.
Lets open the apache configuration (httpd.conf) and take a look at what is needed to get this going. We need to start out by enabling a few mod_proxy modules. There are many modules associated with mod_proxy that enable much more functionality. The basic few get things going in our case and give a good starting point for more elaborate configurations later on.
Search for the LoadModule section and make sure the following modules are loaded: mod_proxy, mod_proxy_http, mod_proxy_connect
Other relevant modules are available: mod_proxy_ftp, mod_proxy_ajp, mod_proxy_balancer, mod_proxy_html, mod_headers, mod_deflate, mod_cache, mod_disk_cache, mod_mem_cache.
Some you may use, some you wont. While this article focuses on the basics, more complicated configurations requiring these may be needed for your situation. Read the linked documentation for more details of what each handles.
Next we need to enable the proxy server. Uncomment the following lines:
<IfModule mod_proxy.c>
ProxyRequests Off
<Proxy *>
Order deny, allow
Allow from all
</Proxy>
</IfModule>
What are these lines telling us?
ProxyRequests - we set this to off. Other wise we would be running an open proxy through which any one could use to spam etc. The next lines determine who can connect to your proxy. We set this to all because we want everyone to be able to connect to our sites.
Next we get down to the configuration of each domain/site. We do this using name based virtualhost containers. In these we tell apache how to respond to the http requests and where to send them. Take a look at the example:
NameVirtualHost *:80
#Site-A Configuration
<VirtualHost *:80>
DocumentRoot /var/www/html
ServerName www .site-a.com
ServerAlias site-a.com
</VirtualHost>
#Site-B Configuration
<VirtualHost *:80>
ProxyPreserveHost On
ProxyPass / http:// 192.168.0.10
ServerName www .site-b.com
ServerAlias site-b.com *.site-b.com
</VirtualHost>
What does this do? Apache takes each http request and compares it to the virtualhost list to find a match. It always starts at the top and works down. If a match is not found the request is sent to the first virtaulhost which is the default host. The first virtualhost is our new site which is locally served, hince the local document root. The second is server 2. Lets take a look at the one for server 2.
ProxyPreserveHost - with this set to on, it tells apache to send the http headers unmodified to the destination server.
ProxyPass - tells where to send the request.
Suppose you want a landing page for unrecognized requests or when someone uses your ip instead of an address. Simply make a default virtualhost and add some sort of "What were you searching for" index page with the links to the sites you host. Again, keep in mind - Apache starts with the first VHOST then cycles through trying to find a match. If no match is found, it defaults back to the first. Example:
NameVirtualHost *:80
#Default
<VirtualHost *:80>
DocumentRoot /var/www/html/fallback
</VirtualHost>
#Site-A Configuration
<VirtualHost *:80>
DocumentRoot /var/www/html
ServerName www .site-a.com
ServerAlias site-a.com
</VirtualHost>
#Site-B Configuration
<VirtualHost *:80>
ProxyPreserveHost On
ProxyPass / http:// 192.168.0.10
ServerName www .site-b.com
ServerAlias site-b.com *.site-b.com
</VirtualHost>
Notice in the first VirtualHost we used a subdirectory. If we don't use a subdirectory apache will default to site-a's index page and defeat the purpose of the fall back. We place the index page we created in the subdirectory. Now when someone enters you're ip you can send them to a page to help them find what they were looking for.