10.8.2. The Secure Web Server Virtual Host


By default, the Apache HTTP Server is configured as both a non-secure and a secure server. Both the non-secure and secure servers use the same IP address and hostname, but listen on different ports: 80 and 443 respectively. This enables both non-secure and secure communications to take place simultaneously.
One aspect of SSL enhanced HTTP transmissions is that they are more resource intensive than the standard HTTP protocol, so a secure server cannot serve as many pages per second. For this reason, it is often a good idea to minimize the information available from the secure server, especially on a high traffic website.

Important

Do not use name-based virtual hosts in conjunction with a secure Web server as the SSL handshake occurs before the HTTP request identifies the appropriate name-based virtual host. Name-based virtual hosts only work with the non-secure Web server.
The configuration directives for the secure server are contained within virtual host tags in the /etc/httpd/conf.d/ssl.conf file.
By default, both the secure and the non-secure Web servers share the same DocumentRoot. It is recommended that a different DocumentRoot be made available for the secure Web server.
To stop the non-secure Web server from accepting connections, comment out the line in httpd.conf which reads Listen 80 by placing a hash mark (#) at the beginning of the line. When finished, the line looks like the following example:
#Listen 80
For more information on configuring an SSL enhanced Web server, refer to the chapter titled Apache HTTP Secure Server Configuration in the System Administrators Guide. For advanced configuration tips, refer to the Apache Software Foundation documentation available online at the following URLs:
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.