Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Apache 2.4 deny access to https://server.fqdn |
|
| Author |
|
gnussbaum
Joined: 01 Mar 2017
Posts: 2
Location: US, Salem
|
 Posted: Wed 01 Mar '17 23:09 Post subject: Apache 2.4 deny access to https://server.fqdn |
 |
|
Hello,
New to the board. I am running apache 2.4.23 on a Windows 2012 R2 server. I created an alias and am able to get to https://alias.example.com without issue. I would like to deny access th e server's full qualified name, i.e., https://fqdn and only access via the alias.
Is this possible? |
|
| Back to top |
|
mraddi
Joined: 27 Jun 2016
Posts: 149
Location: Schömberg, Baden-Württemberg, Germany
|
| Posted: Fri 03 Mar '17 0:08 Post subject: |
|
|
Hello,
of course it is possible - use google or another searchengine to find the needed information 
I found http://stackoverflow.com/questions/13872892/htaccess-deny-requests-from-unauthorized-domains among others.
----------------------
Often your SSL-certificate is only valid for alias.example.com and maybe not for fqdn so the users should get a certificate-warning. But that does not prevent users from accessing your webserver.
With the following lines (tested in .htaccess in apache's document root - but should work in apache's config-file, too) you can deny access when requested using my.fqdn.local as hostname
| Code: | RewriteEngine On
RewriteCond %{SERVER_NAME} ^my\.fqdn\.local$
RewriteRule ^ - [F] |
Or you can redirect the user to alias.example.com with the following lines
| Code: | RewriteEngine On
RewriteCond %{SERVER_NAME} ^my\.fqdn\.local$
RewriteRule ^(.*) https://alias.example.com/ [R=302,L] |
Maybe a permanent redirect 301 would be better instead of using the temporary redirect with the 302? But that is up to you. 
Additional information: you can modify the RewriteCond like this:
| Code: | | RewriteCond %{SERVER_NAME} !^alias\.example\.com$ |
to rewrite (and redirect/deny) everything that is not (therefore the !) alias.example.com.
There are a lot of alternative options that are working, too.  |
|
| Back to top |
|
gnussbaum
Joined: 01 Mar 2017
Posts: 2
Location: US, Salem
|
| Posted: Fri 03 Mar '17 0:35 Post subject: |
|
|
| Thanks mraddi! |
|
| Back to top |
|
|
|
|
|
|
