I manage a few Mac OSX XServes for production websites and have recently run into an issue dealing with the server resolving the DNS of some of the sites. Further investigation revealed that httpd.conf was configured to listen on all IPs (port 80), but the virtual host configurations only applied to the actual IP for the domain (not localhost).
eg (freehand configuration, probably syntactically incorrect and missing irrelevant options): in httpd.conf: Listen 80
in domainA:80.conf: ServerName domainA.com
Now, in the /etc/hosts file, it had this entry: 127.0.0.1 localhost 127.0.0.1 domainA.com
what would happen when domainB.com called out to domainA.com on the same machine, it would use the localhost IP address. Therefore, instead of using the correct virtualHost configuration, it used the default configuration (this took me so damn long to figure out, but it makes perfect sense)
I don't really have a need to access the domains from localhost, so my question is: What's the best way to disable apache from trying to access the configuration using 127.0.0.1?
1) Comment out the '127.0.0.1 domainA.com' entry in /etc/hosts (this is what I did to fix it temporarily, but is this really a good solution)?
2) Update the httpd.conf file to listen only to the appropriate 1.2.3.4 IP address (Listen 1.2.3.4:80) ?
Sidenote: I went with option 1 temporarily because I use a Tenon configuration and was unsure of the ramifications of changing their default value on the 'Listen'
Your option 2 is the correct way to go. You'll probably find a
Listen 80
statement in your httpd.conf which is saying listen on port 80 on all available interfaces. Changing it toListen 1.2.3.4:80
will restrict it to that address.If you are using name-based virtual hosts, this shouldn't be a problem. In this case, Apache matches virtual hosts to request based on the hostname of the request; the ip address doesn't matter. This only becomes a problem if you are using SSL (which in most cases requires address- or port-based virtual hosts).
Is there any particular reason you're listing these domains in the local hosts file? If other people are able to access your servers it suggests that you have the appropriate DNS in place. If you really want them in the local hosts file, you could put them there with their actual IP address rather than making the names aliases for localhost.