Virtualhost for local access only

[pec]

Is there any way to add a "local" virtualhost and restrict it for local access only ?

I tried to copy the domain config to vhost.conf and vhost_ssl.conf and changed the public IP within the Virtualhost container to 127.0.0.1, but that results in an error when try to reconfigure:

Syntax error on line 3 of /var/www/vhosts/domain.tld/conf/vhost.conf:
<VirtualHost> cannot occur within <VirtualHost> section

Maybe a bit of explanation:
My server was delivered with a auto-generated hostname like "lvps....".
I am running the same board software like this site here, XenForo.
XenForo has an Autolink option, that replaces raw links with the name of the linked page.
For a long time everything went well, I only had some problems with some free mailers like freenet.de . e-mails where rejected with "450 4.7.1 Client host rejected: cannot find your hostname, [12.34.567.890] (in reply to RCPT TO command)".
According to some articles on the internet and a KB doc in my provider's support area, I changed the hostname to the domain name.
The e-mail rejections are gone, but now XenForo's Autolink function doesn't work anymore for internal URL's. External URL's are still handled without any problems.
My internal statistics script also stopped working. This script uses curl to get the index.php. Now curl returns "curl: (35) error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol" when I try to connect to the domain.

I assume that this is a result of the name change. The domain is now an alias of localhost in /etc/host, but the domain's virtualhost is bind to the public IP. Everytime, Xenforo and curl try to connect to the domain, they don't do it over the Internet on the public IP, but internally. The SSL certificate is only valid for the domain, therefore connection are refused.

Somewhere on the internet I found a thread, where some guy had the same problem. His solution was:

The Virtual Host was bound to the external interface, and curl was trying to connect over localhost. So it never ended up at the configured virtual host.
To fix this, I have created a new VirtualHost entry bound to 127.0.0.1:80 that only allows connections from localhost. For my purposes, that is enough.

Unfortunately he did not describe how he created the new local Virtualhost.

Any help would be much appreciated.

 

[UFHH01]

Hi pec,

in your case, I recommend to delete the standard vhost - configuration files ( symlinks ):
For apache, these symlinks are located at "/etc/apache2/sites-enabled/" ( Ubuntu/Debian - based - systems ) and for nginx, they are located at "/etc/nginx/sites-enabled/" ( Ubuntu/Debian - based - systems ).
On Ubuntu-Debian - based system, these standard - configuration files are named "000-default.conf" and "000-default-ssl.conf" or "default.conf" and "default-ssl.conf" ( apache2 ) / "default" and "default-ssl" ( nginx ).

 

[pec]

Hi @UFHH01,

Thank you very much.
I removed the symlink (there was only one, 000-default.conf) and restarted apache, but I still get the same curl error.
Do I have to reconfigure something ?

Edit: forgot to mention the warning I got:

* Restarting web server apache2 [Mon May 16 15:31:32 2016] [warn] NameVirtualHost *:80 has no VirtualHosts
... waiting [Mon May 16 15:31:33 2016] [warn] NameVirtualHost *:80 has no VirtualHosts

 

[UFHH01]

Hi pec,

you seem to still use some own modifications in your domain specific configuration files.....
Pls. consider to rebuild all your configuration files with the command:

/usr/local/psa/admin/sbin/httpdmng --reconfigure-all
​

 

[UFHH01]

Hi pec,

in addition to your private conversation and the provided informations, I will continue to answer your questions:

Your basic additional informations are: Ubuntu 12.04, Plesk 12.5.30

You changed the file "etc/hosts" to:

127.0.0.1 www.DOMAIN.COM www lvpsXX-XX-XXX-XXX.dedicated.HOSTER-DOMAIN.COM lvpsXX-XX-XXX-XXX www.DOMAIN.COM www localhost
::1 www.DOMAIN.COM www lvpsXX-XX-XXX-XXX.dedicated.HOSTER-DOMAIN.COM lvpsXX-XX-XXX-XXX www.DOMAIN.COM www localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

# Auto-generated hostname. Please do not remove this comment.
XX.XX.XXX.XXX lvpsXX-XX-XXX-XXX.dedicated.HOSTER-DOMAIN.COM lvpsXX-XX-XXX-XXX

... which could be adjusted to:

127.0.0.1    localhost.localdomain    localhost
127.0.0.1    www.DOMAIN.COM    www
XX.XX.XXX.XXX    www.DOMAIN.COM    www
XX.XX.XXX.XXX    lvpsXX-XX-XXX-XXX.dedicated.HOSTER-DOMAIN.COM    lvpsXX-XX-XXX-XXX

Pls. make sure, that you add as well your hostname at "/etc/hostname", and reconfigure your configuration files afterwards. Pls. don't forget:

plesk bin server_pref --update -hostname www.DOMAIN.COM​

or follow: [How to] How to get or change server hostname on a Plesk server? ( KB - article 1793 )



I still recommend, to use a general used hostname, like:

servername.DOMAIN.COM    servername

... for your "/etc/hosts" and "/etc/hostname". If you do such a change, pls. make sure, that you modify your DNS - template to "v=spf1 +a +mx +a:<hostname> +ip4:<ip.mail> ?all" and apply the changes to your domain - specific DNS - settings.



You asked in the private conversation: "What would happen, when I change the configuration to "<VirtualHost *:443 >"?"
Well, this is just wrong and will lead to more issues/errors/failures/problems.

 

[pec]

First of all:
thank you very much for your help @UFHH01 !
Now everything works like a charm

... which could be adjusted to:

127.0.0.1    localhost.localdomain    localhost
127.0.0.1    www.DOMAIN.COM    www
XX.XX.XXX.XXX    www.DOMAIN.COM    www
XX.XX.XXX.XXX    lvpsXX-XX-XXX-XXX.dedicated.HOSTER-DOMAIN.COM    lvpsXX-XX-XXX-XXX

Had to modify this a bit to get it to work:

127.0.0.1    localhost.localdomain    localhost
XX.XX.XXX.XXX    www.DOMAIN.COM    www
XX.XX.XXX.XXX    lvpsXX-XX-XXX-XXX.dedicated.HOSTER-DOMAIN.COM    lvpsXX-XX-XXX-XXX

After removing the line "127.0.0.1 www.DOMAIN.COM www" XenForo is now able to convert the internal links into linked page title

Pls. don't forget:

plesk bin server_pref --update -hostname www.DOMAIN.COM​

After adjusting the /etc/hosts like proposed by you and after running the given command, the /etc/hosts looked like this:

127.0.0.1    www.DOMAIN.COM    www    localhost.localdomain    localhost
127.0.0.1    www.DOMAIN.COM    www    www.DOMAIN.COM    www
XX.XX.XXX.XXX    www.DOMAIN.COM    www
XX.XX.XXX.XXX    lvpsXX-XX-XXX-XXX.dedicated.HOSTER-DOMAIN.COM    lvpsXX-XX-XXX-XXX

So I had to remove the double entries.

btw: My server has IPv6 enabled. How about the IPv6 entries I had in the previous version of /etc/hosts ?
Do I have to add something for IPv6, too ?
e.g.

::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

 

[UFHH01]

Hi pec,

even that your server has IPv6 - support enabled, there doesn't seem to be an IPv6 configured for your domain - only IPv4. The standart IPv6 entries are only necessary, when you configure an IPv6 on your DNS.