On Mon, Aug 29, 2011 at 1:19 PM, Always Learning centos@u61.u22.net wrote:
I was thinking virtualization (Xen or an OpenVZ style might be appropriate).
Perhaps when I start using Centos 6.1. KVM or XEN ?
For light use you could drop in VMware server or player or virtualbox without much effect on the current system. It shouldn't be necessary, though, unless you'd like to install otherwise conflicting rpm packages or give root access to someone on the virtual server only.
Listen should be used in the global configuration. So, for example your 2.2 configuration file listens on 1.2.3.4:80:
The standard Listen statement is used globally for the benefit of non-virtual hosts, if any.
And you have an Apache 2.3.x instance with a separate config file listening on either a different IP or a different port on the initial IP:
Even sub-version numbers of Apache are stable, odd ones are less stable. That is why I use only 2.2.
<VirtualHost 1.2.3.5:80>
I never ever give a virtual host declaration an IP address. If moving the virtual host to another server, I don't have to change anything expect the DNS. Also virtual hosts are web sites with different domain names, so I use
<virtualhost anydomain.com:80 www.anydomain.com:80>
<virtualhost domain2.com:80 www.domain2.com:80>
instead.
So why can't you do that for your new virtualhost instead of running on a different IP?
I found some information on
http://httpd.apache.org/docs/2.2/vhosts/examples.html
http://httpd.apache.org/docs/2.2/mod/core.html#namevirtualhost
I think the solution for me is two NameVirtualHost statements:-
NameVirtualHost 11.22.33.44:80
NameVirtualHost 11.22.33.55:80
with normal virtual hosts on IP 11.22.33.44 and the special virtual host on 11.22.33.55
This will give me a separate IP address, for the special virtual host, which I can utilise in iptables.
If you are just firewalling there, apache can permit/deny ip ranges on its own for a location or virtualhost.