[warn] VirtualHost xx.xxx.xxx.xx:443 overlaps with VirtualHost xx.xxx.xxx.xx:443,

[phpman2]

Hallo zusammen,

ich hab hier einen VServer mit Debian Etch & Confixx 3.3.1 und folgenden Fehler wenn ich ein Apache restart / stop od. start ausführe:

neptun:/# /etc/init.d/apache2 start
Starting web server (apache2)...[Sun Aug 26 18:43:25 2007] [warn] VirtualHost xx.xxx.xxx.xx:443 overlaps with VirtualHost xx.xxx.xxx.xx:443, the first has precedence, perhaps you need a NameVirtualHost directive
[Sun Aug 26 18:43:25 2007] [warn] VirtualHost xx.xxx.xxx.xx:443 overlaps with VirtualHost xx.xxx.xxx.xx:443, the first has precedence, perhaps you need a NameVirtualHost directive

Unter Debian 3.1 und Apache 2.0.xx ist mir dieser Fehler nicht untergekommen.

Hoffe daher, dass Ihr mir weiterhelfen könnt.

Vielen Dank im voraus.

Gruß, PHPman

[charli]

Hallo,

vermutlich fehlt NameVirtualHost, wenn es daran nicht liegt komplette Vhosts zeigen (Code-Tags).

[phpman]

Hallo,

ansich sind die Daten in \etc\apache2\confixx_mhost.conf okay, sprich daten sind nicht direct in der apache2.conf eingetragen (werden per include verwendet)

Code:

Listen 443
php_admin_value include_path .

<Directory "/var/www/confixx/html">

  AllowOverride all

  <IfModule mod_access.c>
    Allow from all
  </IfModule>
  <IfModule mod_authz_host.c>
    Allow from all
  </IfModule>

  <IfModule mod_rewrite.c>

    RewriteEngine On
    Options +FollowSymlinks

    RewriteRule ^reseller/res[0-9]+/(.*)$ reseller/$1 [L]

    RewriteRule ^user/[a-zA-Z][-a-zA-Z0-9_]{0,4}[0-9]+/(.*)$ user/$1 [L]

    RewriteRule ^ftplogin/[a-zA-Z][-a-zA-Z0-9_]{0,4}[0-9]+/(.*)$ ftplogin/$1 [L]
    RewriteRule ^ftplogin/[a-zA-Z][-a-zA-Z0-9_]{0,4}[0-9]+f[0-9]+/(.*)$ ftplogin/$1 [L]

    RewriteRule ^poplogin/[a-zA-Z][-a-zA-Z0-9_]{0,4}[0-9]+p[0-9]+/(.*)$ poplogin/$1 [L]

  </IfModule>

  AddDefaultCharset off
  php_admin_flag engine on

</Directory>


NameVirtualHost xxx.xxx.xx.xx:80

<VirtualHost xxx.xxx.xx.xx:80>

  ServerName confixx.servername.domain.de

  #User confixx
  #Group confixx
  DocumentRoot /var/www/confixx/html
  Options FollowSymLinks


  php_admin_flag safe_mode Off
  php_admin_flag file_uploads On
  php_admin_flag track_vars On
  php_admin_flag magic_quotes_runtime Off
  php_admin_flag magic_quotes_gpc Off
  php_admin_value upload_tmp_dir /var/www/confixx/tmp
  php_admin_value include_path ".:/var/www/confixx/html/include:/var/www/confixx/html:/var/www/confixx/html/PEAR"
  php_admin_value default_charset none
  php_admin_value open_basedir /var/www/confixx
  php_admin_flag allow_url_fopen Off

  php_admin_value session.cookie_path /
  php_admin_value session.auto_start 0
  php_admin_value session.gc_maxlifetime 1800
  php_admin_value session.use_cookies 1
  php_admin_value session.cookie_lifetime 0
  php_admin_value session.cookie_secure Off
  php_admin_value session.use_trans_sid 0

  ScriptAlias /cgi-bin/ /var/www/confixx/html/cgi-bin/

  <IfModule mod_dir.c>
    DirectoryIndex index.html index.htm index.shtml index.cgi index.php
  </IfModule>

  CustomLog /var/log/apache2/confixx.servername.domain.de_access.log "%h %l %u %t \"%r\" %s %b \"%{Referer}i\" \"%{User-agent}i\""
  ErrorLog /var/log/apache2/confixx.servername.domain.de_error.log


</VirtualHost>

<VirtualHost xxx.xxxx.xx.xx:443>

  ServerName confixx.servername.domain.de

  #User confixx
  #Group confixx
  DocumentRoot /var/www/confixx/html
  Options FollowSymLinks


  php_admin_flag safe_mode Off
  php_admin_flag file_uploads On
  php_admin_flag track_vars On
  php_admin_flag magic_quotes_runtime Off
  php_admin_flag magic_quotes_gpc Off
  php_admin_value upload_tmp_dir /var/www/confixx/tmp
  php_admin_value include_path ".:/var/www/confixx/html/include:/var/www/confixx/html:/var/www/confixx/html/PEAR"
  php_admin_value default_charset none
  php_admin_value open_basedir /var/www/confixx
  php_admin_flag allow_url_fopen Off

  php_admin_value session.cookie_path /
  php_admin_value session.auto_start 0
  php_admin_value session.gc_maxlifetime 1800
  php_admin_value session.use_cookies 1
  php_admin_value session.cookie_lifetime 0
  php_admin_value session.cookie_secure Off
  php_admin_value session.use_trans_sid 0

  ScriptAlias /cgi-bin/ /var/www/confixx/html/cgi-bin/

  <IfModule mod_dir.c>
    DirectoryIndex index.html index.htm index.shtml index.cgi index.php
  </IfModule>


  <IfModule mod_ssl.c>
    SSLEngine on
    SSLCertificateKeyFile /etc/ssl.key/confixx.domain.de.key
    SSLCertificateFile /etc/ssl.crt/confixx.domain.de.crt


    SetEnvIf User-Agent ".*MSIE.*" \
      nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0

    <Files ~ "\.(cgi|shtml|phtml|php3?)$">
      SSLOptions +StdEnvVars
    </Files>

    <Directory "/var/www/confixx/html/cgi-bin">
      SSLOptions +StdEnvVars
    </Directory>

  </IfModule>


  CustomLog /var/log/apache2/confixx.servername.domain.de_access.ssl.log "%h %l %u %t \"%r\" %s %b \"%{Referer}i\" \"%{User-agent}i\""
  ErrorLog /var/log/apache2/confixx.servername.domain.de_error.ssl.log


</VirtualHost>

Include /etc/apache2/confixx_vhost.conf
# ^- Dieser Eintrag sollte unbedingt am Ende der Datei bleiben
## /CONFIXX

und dann hab ich noch von Confixx angelegte VHost Dateien, je Kunde!

Code:

<Directory "/var/www/web2/html">
  Options -FollowSymLinks -SymLinksIfOwnerMatch
  <IfModule mod_access.c>
    Allow from all
  </IfModule>
  <IfModule mod_authz_host.c>
    Allow from all
  </IfModule>
  php_admin_flag engine on
</Directory>

<Directory "/var/www/web2/html/cgi-bin/">
  <IfModule mod_python.c>
    <Files ~ "\.py$">
      AddHandler python-program .py
      PythonHandler mod_python.cgihandler
    </Files>
  </IfModule>
</Directory>
<VirtualHost xxx.xxx.xx.xx:80>
  ServerName kunden-test.de
  ServerAlias www.kunden-test.de web2.servername.domain.de
  DocumentRoot /var/www/web2/html
  SuexecUserGroup web2 web2
  ScriptAlias /cgi-bin/ /var/www/web2/html/cgi-bin/
  <IfModule mod_python.c>
    <Files ~ "\.py$">
      AddHandler python-program .py
      PythonHandler mod_python.publisher
    </Files>
  </IfModule>
  php_admin_value open_basedir /var/www/web2/html/:/var/www/web2/phptmp/:/var/www/web2/files/:/var/www/web2/atd/
  php_admin_value file_uploads 1
  php_admin_value upload_tmp_dir /var/www/web2/phptmp/

php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -fweb2@servername.domain.de"
</VirtualHost>

<VirtualHost xxx.xxx.xxx.xx:443>
  ServerName web2.servername.domain.de
  DocumentRoot /var/www/web2/html
  SuexecUserGroup web2 web2
  ScriptAlias /cgi-bin/ /var/www/web2/html/cgi-bin/
  <IfModule mod_python.c>
    <Files ~ "\.py$">
      AddHandler python-program .py
      PythonHandler mod_python.publisher
    </Files>

  </IfModule>
  php_admin_value open_basedir /var/www/web2/html/:/var/www/web2/phptmp/:/var/www/web2/files/:/var/www/web2/atd/
  php_admin_value file_uploads 1
  php_admin_value upload_tmp_dir /var/www/web2/phptmp/
  <IfModule mod_ssl.c>
    SSLEngine on
    SSLCertificateKeyFile /etc/ssl.key/confixx.servername.domain.de.key
    SSLCertificateFile /etc/ssl.crt/confixx.servername.domain.de.crt
    SetEnvIf User-Agent ".*MSIE.*" \
      nokeepalive ssl-unclean-shutdown \
      downgrade-1.0 force-response-1.0
    <Files ~ "\.(cgi|shtml|phtml|php3?)$">
      SSLOptions +StdEnvVars
    </Files>
    <Directory "/var/www/web2/html/cgi-bin">
      SSLOptions +StdEnvVars
    </Directory>
  </IfModule>

php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -fweb2@servername.domain.de"
</VirtualHost>

Kann es daran liegen ? Und ist der Fehler sehr Sicherheits kritisch?

Folgende Fehler sind desweitern in error.log

Code:

[Sun Aug 26 21:07:31 2007] [warn] Init: SSL server IP/port conflict: web7.servername.domain.de:443 (/etc/apache2/confixx_vhosts/web7.conf:56) vs. web8.servername.domain.de:443 (/etc/apache2/confixx_vhosts/web8.conf:56)
[Sun Aug 26 21:07:31 2007] [warn] Init: SSL server IP/port conflict: web6.servername.domain.de:443 (/etc/apache2/confixx_vhosts/web6.conf:63) vs. web8.servername.domain.de:443 (/etc/apache2/confixx_vhosts/web8.conf:56)
....
[Sun Aug 26 21:07:31 2007] [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!!

Hoffe Du kannst mir helfen.

Danke im voraus.

Gruß, PHPman

[charli]

Hallo,

Du hast web2 einen SSL-Vhost gegeben, Confixx legt bereits einen SSL-Vhost für sich selbst an. Das geht nur mit (mindestens) 2 IPs oder indem man die Vhosts auf verschiedene Ports legt. Lege den Confixx-SSL-Vhost auf Port 543, ergänze "Listen 543" und starte den Apachen neu. Confixx ist dann unter

Code:

https://confixx.servername.domain.de:543

erreichbar und der SSL-Vhost von web2 kann ohne Portangabe genutzt werden.