Publish a web page on your B3 but *not* the admin page
Posted: 26 Apr 2013, 10:45
In my opinion this is somewhat of a design flaw in the B3. Many of the virtual pages are globally defined, so that if you create your own named host definition on a different root visitors will still be able to access the admin page. I don't want that and if you don't want that too than you should read on.
Let's assume that you already experimented with named virtual hosts, then you may have found that if you named your config file 'blog.conf' apache would keep showing the bubba page and if you named it 'myblog.conf' you actually get to see the intended site. This is due to the (ASCII byte value) load order apache uses and I'm going to implement that to completely ignore the site definition in the original bubba.conf file.
First step is to split this original bubba.conf file into the two individual site definitions: SSL enabled and plain HTTP. As many of you know, I like automation and I'll use that for this purpose again:
So now I have an SSL enabled version of bubba.conf in 'bubba-ssl' and a plain HTTP version in 'bubba-intranet'. Next step is to enter the LAN IP address as the listen address in the VirtualHost header, so that I can still access the B3 admin site from the LAN:
Now I want a new 'catch all' vhost to replace the default bubba host. I'm not looking to add sensible information on this vhost, since people that are going to be serviced by it are most likely hackers. So I'll quickly prepare a new web root for this vhost:
Note that I've renamed the file to .php, so that I can add some dynamic actions or content later on.
This is a listing of the corresponding defaulthost conf file:
To enable the new site definitions, run the following:
If you already have your own named vhost definition (remember to add the appropriate blocks from the defaulthost listing above) in /etc/apache2/sites-enabled, then prepend a number (I suggest you start at 10) to that name as well. This will ensure that it will always get loaded before 'bubba'.
Let's assume that you already experimented with named virtual hosts, then you may have found that if you named your config file 'blog.conf' apache would keep showing the bubba page and if you named it 'myblog.conf' you actually get to see the intended site. This is due to the (ASCII byte value) load order apache uses and I'm going to implement that to completely ignore the site definition in the original bubba.conf file.
First step is to split this original bubba.conf file into the two individual site definitions: SSL enabled and plain HTTP. As many of you know, I like automation and I'll use that for this purpose again:
Code: Select all
cd /etc/apache2/sites-available
# Find the site definition offsets
offset80=$(grep -b "<\s*VirtualHost.*80\s*>" bubba|cut -d: -f1)&&echo $offset80
offset443=$(grep -b "<\s*VirtualHost.*443\s*>" bubba|cut -d: -f1)&&echo $offset443
# Split the file into two new separate files
if (( $(echo "$offset80 > $offset443"|bc -l) )); then
dd bs=$offset80 count=1 if=bubba of=bubba-ssl
dd bs=$offset80 skip=1 if=bubba of=bubba-intranet
else
dd bs=$offset443 count=1 if=bubba of=bubba-intranet
dd bs=$offset443 skip=1 if=bubba of=bubba-ssl
fi
Code: Select all
# Get the lan interface and find the IP address for it
lanIF=$(bubba-networkmanager-cli getlanif)&&echo $lanIF
lanIP=$(ip route show dev $lanIF|grep "scope link"|awk '{print $7}')&&echo $lanIP
# Change the listen address of the bubba-intranet site to LAN only
sed -i "s/<\s*VirtualHost.*80\s*>/<VirtualHost $lanIP:80>/" bubba-intranet
Code: Select all
mkdir /home/web/errors
cp /var/www/index.html /home/web/errors/index.php
This is a listing of the corresponding defaulthost conf file:
Using quote kills indenting, but in this case I wanted to mark the lines that you want to include in your named vhost as well.# cat /etc/apache2/sites-available/defaulthost
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /home/web/errors
DirectoryIndex index.php index.html
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
ScriptAlias /cgi-bin/ /home/web/errors
ErrorLog ${APACHE_LOG_DIR}/defaulthost-error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/defaulthost-access.log combined
# Remap the Bubba defined paths to the error page
AliasMatch ^/manual /home/web/errors/index.php
AliasMatch ^/pim /home/web/errors/index.php
AliasMatch ^/organizer /home/web/errors/index.php
AliasMatch ^/mail /home/web/errors/index.php
AliasMatch ^/calendar /home/web/errors/index.php
AliasMatch ^/horde3 /home/web/errors/index.php
AliasMatch ^/album /home/web/errors/index.php
AliasMatch ^/admin /home/web/errors/index.php
# Custom error pages
ErrorDocument 400 /errors/index.php
ErrorDocument 401 /errors/index.php
ErrorDocument 403 /errors/index.php
ErrorDocument 404 /errors/index.php
ErrorDocument 500 /errors/index.php
</VirtualHost>
To enable the new site definitions, run the following:
Code: Select all
cd /etc/apache2/sites-available
# assign the highest load priority to defaulthost
ln -s ../sites-available/defaulthost ../sites-enabled/00-defaulthost
# ... and the second highest to bubba-intranet
ln -s ../sites-available/bubba-intranet ../sites-enabled/01-bubba-intranet
/etc/init.d/apache2 reload