我有一个在 Apache2 上运行的带有域(来自 strato)的 vServer。我唯一运行的站点具有以下 vHost:
<IfModule mod_ssl.c>
<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
SSLCertificateFile /etc/letsencrypt/live/example.de/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.de/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ServerName www.example.de
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
</IfModule>
以及以下 apache2ctl -S:
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using xxx:xxx:xxx:xxxx::x. Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
*:443 is a NameVirtualHost
default server www.example.de (/etc/apache2/sites-enabled/vps.conf:2)
port 443 namevhost www.example.de (/etc/apache2/sites-enabled/vps.conf:2)
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/lock/apache2" mechanism=fcntl
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="www-data" id=33
Group: name="www-data" id=33
毕竟我读到过我应该无法访问 www.example.com 下的服务器,因为我从未配置 DNS 条目以匹配该子域。我只有条目 example.de,并相应地设置了 IP。但它确实想访问 www 下的服务器,所以我将 ServerName 更改为 www.example.com。有趣的是,我能够访问 www.example.com 和 example.com 下的服务器,并且没有证书错误。
这是我不明白的事情,但我愿意理解,因为它困扰着我。
仅供参考:该服务器正在运行 owncloud。
谢谢!
答案1
这里的关键是“默认服务器”。Apache 始终有一个“默认服务器”...它将接受主机名与任何定义不匹配的任何站点的连接。
在这种情况下,正如您的日志正确显示的那样:
default server www.example.de (/etc/apache2/sites-enabled/vps.conf:2)
www.example.de 是您的默认网站,任何不匹配的主机名都将发送到该网站。
我通常建议人们为默认站点设置一个标准的“404”站点,以告诉人们他们没有到达正确的站点……然后确保正确定义了正确的域名。