Q: Internal Websites Conflict with Public Websites
I have three public-facing websites working perfectly with their configured DNS and multihome'd IPs:
Server host name: server.exdomain.com (Ethernet = 10.0.1.3)
Websites:
| Name | IP Address | Port |
|---|---|---|
| Default: Server Website | All IP Addresses | 80 |
| Default: Server Website | All IP Addresses | 443 |
| exdomain.com | 10.0.1.4 | 443 |
| dev.exdomain.com (w/ http auth) | 10.0.1.4 | 443 |
| foobar.com | 10.0.1.5 | 443 |
| dev.foobar.com (w/ http auth) | 10.0.1.5 | 443 |
| jarjarbinks.com | 10.0.1.6 | 443 |
| dev.jarjarbinks.com (w/ http auth) | 10.0.1.6 | 443 |
Perfect! Everything works exactly as it should. DNS is configured for each host name and the corresponding IPs, each website pulls the valid certificate, and the "dev" sites ask for credentials as they should. Happy happy.
Here's where it gets sticky.
I want to add an internal-only domain, "myhouse.inside". I want this so that I can use tools like phpmyadmin and net2ftp that can only be accessed over VPN. I set up the DNS like I would the other host names above and point it to 10.0.1.7. I then add the website like I would above, but no SSL since it's private only (so port 80).
| Name | IP Address | Port |
|---|---|---|
| (…) | (…) | (…) |
| myhouse.inside | 10.0.1.7 | 80 |
Down goes every website. The previous six websites are all asking for credentials, Chrome says they all have proxy errors, and if the websites even load, they're showing the web content for myhouse.inside.
Now I searched around for relevant and similar questions and one common answer I saw was to edit apache_serviceproxy.conf like this:
Before
<VirtualHost *:80 >
After
<VirtualHost 10.0.1.3:80 >
But the main question I have that I can't find an answer to is will this prevent the other websites on IPs end in 4, 5, and 6 being accessible from the outside? Do I duplicate the VirtualHost entry for every website or every domain… or not at all? Is it not okay for all these websites to operate on the same port, and if it's not, then why do they work up until the point that I add this one internal domain?
I appreciate the help in advance.
1. Motorola modem (Comcast, bridge mode)
2. Router: Apple Time Capsule running DHCP and NAT, gets DNS from server (10.0.1.3)
3. Mac Mini (El Cap Server, running websites, DNS, OD, file sharing, FTP, Profile Manager, Calendar, VPN, and caching)
Posted on Mar 29, 2016 7:55 AM