Apache virtual server match error?

I do apologize that I do not know a good way to explain this, but I will do my best

below are the software versions of my server, all up to date as of this post. (as far up to date on Ubuntu v18.04 as you can get anyway)

Operating system Ubuntu Linux 18.04.5 Perl version 5.026001 Path to Perl /usr/bin/perl BIND version 9.11 Postfix version 3.3.0 Mail injection command /usr/lib/sendmail -t Apache version 2.4.29 PHP versions 7.2.33, 7.4.9 Webalizer version 2.23-08 Logrotate version 3.11.0 MySQL version 5.7.31-0ubuntu0.18.04.1 ProFTPD version 1.35 SpamAssassin version 3.4.2

First I am going to explain what is I am doing:

When I set up a server, I normally create a bogus domain, such as 123abc.xyz, that could not exist.

Why? Originally it was a way to mitigate problems with issues of Let’s Encrypt. Say I was hosting a subdomain and wanted to get certificates like an example below:

example.com
www.example.com
demo.example.com
dev.example.com

Looks reasonable right?

But due to the .htaccess files in other domains, if the 1st site (alphabetically) in Virtualmin had a .htaccess file that had a re-write rule that says if the domain is not using www to redirect to www, and I did not have www.demo.example.com or www.dev.example.com set up, it would fail because for some reason it would pull the .htaccess file from the 1st site inside Virtualmin and upon requesting the certificates it would add those directives to the request, so I created the bogus domain that had no .htaccess file in it as mitigation, this worked wonders for years, but on migrating sites I noticed a strange oddity.

During migration, I used the Windows hosts file to point to the new server for all my domains, but I had a domain in my Windows hosts file that was NOT in Virtualmin and it pulled up the 2nd site in Virtualmin instead of the Under construction index.html that is in the 123abc.xyz

I went to:
domain-not-in-virtualmin.com (but incidentally is in my Windows hosts file pointing to the Virtualmin server)

it showed the contents for:
456def.com (A fully hosted site that is live and publicly accessible)

When this failed, I would have expected it to show the contents of
123abc.xyz (which is the index.html under construction file)

since that is the 1st listed alphabetically and I expected it to follow this directive under the website options ( [Default website for IP address?] Yes (but only because it is alphabetically first))

I bring this up since it does NOT seem to be following that directive, that I might start experiencing the Let’s encrypt problems with subdomains once again.

I wanted to post this in the Issue tracker but was unsure if this is now designed to function this way now since it might be “SEEING” that 123abc.xyz can not possibly exist (publically), BUT I did test it by putting it in the Windows hosts file, and apache IS actually hosting 123abc.xyz…

I do have subdomains on this server, but have not gotten to the implementation of them yet. I will post back if I have the issues I believe I will have, with Let’s encrypt (just to make it work, I will probably have to give them www, which I don’t want on subdomains, but it does not mean that I have to use it, it is just … clutter)

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.