So here's the deal.
I have multiple virtual host. Each virtual is a separate domain. Each domain is for separate applications. Lets say I have virtual hosts for:
http://.abc.com http://.def.com http://foo.com
I then a separate application, which is a RESTful HTTP api for the foo.com application.
What i want to achieve is essentially back channel communication between *.abc.com and *.def.com to api.foo.com. So that *.abc.com, *.def.com and foo.com are publicly accessible (this i have already set setup). But access api.foo.com is only accessible when being requested from the same server.
My criteria is:
- a 404 should be served to anyone attempting to browse to api.foo.com (not permission denied)
- access to api.foo.com is restricted to an IP or IP range
I have achieve this by:
- not setting a dns record for api.foo.com so anyone trying to access it will receive a 404.
creating an ip based virtual host for 127.0.0.1:80 and added the follow rule to /etc/hosts
127.0.0.1 api.foo.com
This works exactly as desired. But is this the correct way to achieve a private virtual host?
Sounds like a good solution for me. You could even scale this to multiple servers if your site grows.
One small hint: Clients wouldn't receive an 404 error, their browser will report them it couldn't find the host to begin with. A 404 means that the browser talked to the server, but the server couldn't finde the requested document.