I look after the intranet in our office, running Mac OS X Server 10.5.8. We have several applications running on the intranet - Bugzilla, TWiki, a few home grown apps and some static pages. (Don't use the OS X collaboration tools - we were using TWiki before they were available.)
There is one host set up, and all the apps run under that - http://intranet/bugzilla, http://intranet/twiki, etc.
I've just read the chapter in Apache docs on virtual named hosts and I'm keen to try them. If I'm right, I'll end up with URLs like http://bugzilla/, http://twiki/, etc.? I know I also have to manage the DNS zone as well to add these names as aliases.
The advantages I can see are that it would make it easier to relocate an app to a different physical host should the need ever arise. We do have a dev set up for our public website, so having a virtual named host there makes it easier to test.
On the down side, I do have to manage DNS settings as well, whereas with a single host there is only one name to worry about.
What's the perceived wisdom here? Is this a good way to proceed?
Are there other advantages and disadvantages anyone would like to share before I make the leap. Or not.
Cheers.
For an Intranet with sensitive data, you not only want to enable virtual named hosts, you also want to make sure that the default site points to a dummy which says who to contact to report a misconfiguration.
Here's part of the text I serve up on my default page:
First of all I don't think is a choice you have to worry to much about. If you later find out that you decided "wrong" it shouldn't be to much trouble change the structure and put a few automatic http redirects in place.
Myself I would definitely go with separate VirtualHosts. If nothing else because of the extra options it gives me when it comes to configuration, logs, etc.
Yet, I guess it comes down to a cost-benefit analysis. How much work is it for you to also manage the DNS? Is that "cost" worth the extra freedom VirtualHost gives you? That part of the equation is hard for an outsider to give you the answer to.
I think that it's often a matter of aesthetics.
Personally, I would segregate things by virtual host: http://bugzilla.intranet, http://twiki.intranet, etc.. It does give you options for more easily relocating things to other hosts in the future, but you can always accomplish that after the fact by using redirects in Apache. Virtual hosts also let you partition off directory structures more tightly, which adds a little more security to a web server (which may not be as big a concern for you in an intranet setting).
Vhosts are also easier to restrict access to during testing than a simple sub directory under the main site's directory. Again, this can be done the other way using simple .htaccess rules, but I prefer to have things logically (if not physically) separated as often as possible.
Once you've got it set up, VHosts are definitely easier to manage, particularly in terms of configuration. You can tweak the config for one vhost and not worrying about it affecting your other sites.
If you set up a wildcard DNS entry, e.g. *.intranet, you won't have to worry about maintaining multiple DNS names.
If you use SSL (if you're transmitting passwords via webforms for any reason, I certainly hope you are), you will need to deploy multiple SSL certificates, one for each virtual host. However this can be minimised if you use a wildcard certificate, which you can either purchase, or generate yourself.