Advanced Features

Virtual Hosting Advanced Features

Having done some research about the directive we have found some very exceptional capability heretofore unknown.

It is important to understand that giving cgi-bin access to your virtually subhosted clients is a potential security risk. This is because the CGIs your customers upload and execute have all of the rights and privileges of the CGIs you execute. Therefore, it is possible for a virtually subhosted client, which has been granted CGI privileges, to read or remove any file in your directory heirarchy. Moreover, it is possible for a malicious subhosted client to crack weak passwords and gain shell access to your Virtual Server. Please see our document, Virtual Subhosting and Security Issues for more information.

Previously in email we had recommended that you can configure a cgi-bin for Virtual Hosting by modifying the srm.conf and access.conf files. We have since found a better (and easier) solution and therefore retract what we have posted previously about configuring virtual cgi-bin's.

We recommend you use the SRMOptions tag right in the directive. In our "www.newdom.org" example:

# point newdom.org to subdirectory newdom
<VirtualHost newdom.org>
ServerName www.newdom.org
ServerAdmin newdom@newdom.org
DocumentRoot /usr/local/etc/httpd/vhosts/newdom
ScriptAlias /cgi-bin/ /usr/local/etc/httpd/vhosts/newdom/cgi-bin/
ErrorDocument 404 /errors/notfound.html
</VirtualHost>

Notice that we also included a custom configuration of an ErrorDocument 404 in the options (i.e. Document not found). Note the file location we specified is with respect to the DocumentRoot.... so the actual file location of the "notfound.html" is at:

/usr/home/yourserv/usr/local/etc/httpd/newdom/errors/notfound.html

Pretty much any directive in the srm.conf file can be placed inside of the SRMOptions tags. For more info on the SRMOptions tag and its relationship with the Host tag, please see the following URLs:

http://hoohoo.ncsa.uiuc.edu/docs/setup/httpd/Overview.html
http://hoohoo.ncsa.uiuc.edu/docs/setup/httpd/Host.html
http://hoohoo.ncsa.uiuc.edu/docs/setup/httpd/VirtualHost.html
http://hoohoo.ncsa.uiuc.edu/docs/setup/httpd/SRMOptions.html
http://hoohoo.ncsa.uiuc.edu/docs/setup/srm/Overview.html

Another great feature is the ability to create seperate log files for your virtual hosts.

In the host directives of your httpd.conf file, add lines to define your new log files like this:

TransferLog logs/localhost_access_log

So it would look like this:

# point newdom.org to subdirectory newdom
<VirtualHost newdom.org>
ServerName www.newdom.org
ServerAdmin newdom@newdom.org
DocumentRoot /usr/local/etc/httpd/vhosts/newdom
TransferLog logs/newdom_access
ErrorLog logs/newdom_error
AgentLog logs/newdom_agent
RefererLog logs/newdom_referer
ScriptAlias /cgi-bin/ /usr/local/etc/httpd/vhosts/newdom/cgi-bin/
ErrorDocument 404 /errors/notfound.html
</VirtualHost>

This will allow you to better track your virtual host usage.

Copyright © 1996-2000, Last Modified: 21 January 2000A Little Technology Shoppe, LLC (ALTS.NET)®. All rights reserved. All brand names and product names used on these web pages are trademarks, or trade names of their respective holders.