Goeiemiddag Leonard, > On Tue, 2017-01-10 at 12:00 +0000, Always Learning wrote: > > (4) The 'extra' Apache Virtual Host file contains .... > > > > <VirtualHost 184.108.40.206:80 dummy.domain.com:80> > > Why do you add dummy.domain.com:80 here as the match is done on the > ServerName? > > > DocumentRoot /prod/web/domains/dummy/ > > ServerName 220.127.116.11 > > CustomLog ............ > > ErrorLog ........... > > HostnameLookups Off (5) IP addresses hosting multiple web sites will have a host name. That host name is unlikely to be the name of one of the hosted web sites. For example 18.104.22.168 4-3-2-1-static.friendly-ip.com Thus, if an attempt is made to connect to "a web site" with a domain name of "4-3-2-1-static.friendly-ip.com", it will not be a genuine access attempt, by a genuine web user, to a genuine web site. It is likely an access attempt to a non-hosted web site name on 22.214.171.124 will automatically be redirected by Apache to the 126.96.36.199 virtual domain. One could say the host name, 4-3-2-1-static.friendly-ip.com, is not absolutely required in the 188.8.131.52 virtual host file. Not knowing whether all access attempts to the IP host name will always be directed to the 184.108.40.206 virtual host file, I included the host name. (6) Another example is a Virtual Private Server (VPS) hosting multiple web sites and a mail server (Mail Transfer Agent = MTA) on a single IP address. The web sites could be:- sunshine-in-winter.com centos-is-wonderful.eu ilovelinux.uk ikhouvanmijbuurvrouw.nl etc. The mail server (MTA) could be:- mail3.example.com When someone attempts to access web site "mail3.example.com", having that "web site name" in the Apache virtual host file, results in the request instantly being redirected to 127.0.0.1 One can have several "web site names" in the virtual host file, in addition to the IP address. Similarly, if someone attempts to send emails to ..... at mail3.example.com the mail server should reject it because that "domain name" is not a genuine email address domain name for the MTA. (7) I developed an Apache error processing system. It consists of several PHP routines. It does not work for status codes of 400 or 500 (I do not know why) but it does for 403 and 404. That system, shared by all hosted web sites, examines the requested web page name and compares it to two lists, one starting with /... and the other with keywords in any position. If a match is found, the IP address is placed in a monthly table (in IPtables) and blocked (sudo command in a PHP routine). This means after the first conspicuously wrong (deliberately wrong) attempt to access a non-existent web page, the IP address is instantly blocked. I'm a self-taught Linux user who chose Centos years ago. I am glad I did. I am continually learning new things almost every day. -- Regards, Paul. England, EU. England's place is in the European Union.