On the server that hosts this blog, I ran into an interesting problem which lead to learning a lot about apache virtual hosts.

Symptoms and Background

Unexpected vhosts were getting selected, and default vhosts where not being used.

This server hosts both https://jonp.blog.hauris.org and https://hacksplain.com. Each of those sites is configured as a virtualhost in a separate vhost file. There are also default vhosts for both http and https traffic. DNS points .blog.hauris.org and .hacksplain.com to this server, but mistyping http://jopn.blog.hauris.org brought me to hacksplain.com. Why is mistyping something.blog.hauris.org activating hacksplain.com? I would expect it to fall back to the default vhost, but it wasn't.

Problem

The apachectl -S command which lists the order that is used to decide what virtual host to send a request to. This showed me that my default vhosts where being chosen absolute last.

Named-based vs. IP-based Virtual hosts

This is well documented in the apache docs, but it was new to me. In my server vhost config, I was specifying the host name, like this:

<VirtualHost hacksplain.com:80>
    ServerName hacksplain.com
    # ...

This actually looks up hacksplain.com and uses the IP address and port combination before matching matching on ServerName.

Meanwhile my defaults looked like: <VirtualHost _default_:80> which matches any IP address (as does * wildcard).

But IP matching is a higher precedence than name based (using the ServerName directive).

Solution

To fix this, I switched the two actual domain vhosts to use pure name based resolution instead of IP-based resolution.

<VirtualHost *:80>
    ServerName hacksplain.com
    # ...
</VirtualHost>
<VirtualHost *:443>
    ServerName hacksplain.com
    # ...
</VirtualHost>

If I ever need to split hosts by IP address, then I could add the IP addresses to the default vhost; but those will always take precedence over any vhost on that IP that that is reyling purely on name-based vhost resolution.