Udgivet i

Using the ServerPath directive

Using the ServerPath directive

We have a server with two name-based vhosts. In order to match the correct virtual host a client must send the correct Host: header. Old HTTP/1.0 clients do not send such a header and Apache has no clue what vhost the client tried to reach (and serves the request from the primary vhost). To provide as much backward compatibility as possible we create a primary vhost which returns a single page containing links with an URL prefix to the name-based virtual hosts.

<VirtualHost 172.20.30.40>
    # primary vhost
    DocumentRoot "/www/subdomain"
    RewriteEngine On
    RewriteRule "." "/www/subdomain/index.html"
    # ...
</VirtualHost>

<VirtualHost 172.20.30.40>
DocumentRoot "/www/subdomain/sub1"
    ServerName www.sub1.domain.tld
    ServerPath "/sub1/"
    RewriteEngine On
    RewriteRule "^(/sub1/.*)" "/www/subdomain$1"
    # ...
</VirtualHost>

<VirtualHost 172.20.30.40>
    DocumentRoot "/www/subdomain/sub2"
    ServerName www.sub2.domain.tld
    ServerPath "/sub2/"
    RewriteEngine On
    RewriteRule "^(/sub2/.*)" "/www/subdomain$1"
    # ...
</VirtualHost>

Due to the ServerPath directive a request to the URL http://www.sub1.domain.tld/sub1/ is always served from the sub1-vhost.
A request to the URL http://www.sub1.domain.tld/ is only served from the sub1-vhost if the client sent a correct Host: header. If no Host: header is sent the client gets the information page from the primary host.

Please note that there is one oddity: A request to http://www.sub2.domain.tld/sub1/ is also served from the sub1-vhost if the client sent no Host: header.

The RewriteRule directives are used to make sure that a client which sent a correct Host: header can use both URL variants, i.e., with or without URL prefix.

Using Virtual_host and mod_proxy together

The following example allows a front-end machine to proxy a virtual host through to a server running on another machine. In the example, a virtual host of the same name is configured on a machine at 192.168.111.2. The ProxyPreserveHost On directive is used so that the desired hostname is passed through, in case we are proxying multiple hostnames to a single machine.

<VirtualHost *:*>
    ProxyPreserveHost On
    ProxyPass "/" "http://192.168.111.2/"
    ProxyPassReverse "/" "http://192.168.111.2/"
    ServerName hostname.example.com
</VirtualHost>
Udgivet i

Block or redirect using mod_geoip

Installing mod_geoip allows you to block or redirect traffic based on the geografical location of the client using the IP-address of the client. mod_geoip for CentOS is available at the EPEL repository. If you haven’t setup the EPEL repository follow the instructions explained on their website. I asume you allready installed Apache. Download and install mod_geoip, GeoIP and the related libraries:

yum install GeoIP GeoIP-devel GeoIP-data zlib-devel mod_geoip

As MaxMind regularly update their database files you might choose to download the file manually using by a cronjob. Create a bash script which download and install the GeoLite databases. This example is base on the GeoLite version, if you have a subscription your change the according lines to download the appropiate database files:

#!/bin/bash
#Download Maxmind GeoIP databases
cd /var/lib/GeoIP
mv GeoIP.dat GeoIP.dat.old
/usr/bin/wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz
/usr/bin/wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
gunzip GeoIP.dat.gz
gunzip GeoLiteCity.dat.gz

Make this script executable:

chmod 750 SCRIPTNAME.SH

and edit your crontab to run this script every 3rd day of the month:

crontab -e
0 0 3 * * /PATH_TO_SCRIPT/SCRIPTNAME

Edit the configuration file /etc/httpd/conf.d/mod_geoip.confand activate the module and change the path of the database. (GeoLiteCity.dat also returns the CityNames and the geographic locations):

LoadModule geoip_module modules/mod_geoip.so
<IfModule mod_geoip.c>
  GeoIPEnable On
  GeoIPDBFile /var/lib/GeoIP.dat
</IfModule>

and restart Apache:

/ect/init.d/apache restart

Now create a .htaccess file. For example if you want to block clients from Russia and China:

SetEnvIf GEOIP_COUNTRY_CODE CN BlockCountry
SetEnvIf GEOIP_COUNTRY_CODE RU BlockCountry
Deny from env=BlockCountry

If you want to redirect based on the country using mod_rewrite in combination with mod_geoip, your .htaccess file could look like this:

RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^(NL|BE)$
RewriteRule ^(.*)$ http://www.mydomain.com/nl/$1 [L]

For more example take a look at he website of MaxMind

Copy from http://www.linux-faqs.info/apache/block-or-redirect-using-mod-geoip