---
title: "Apache Virtual Hosts"
date: 2020-12-20
draft: false
tags: ["Apache","Virtual Hosts","LetsEncrypt","Lets Encrypt","Reverse Proxy","DNS"]
authors: ["trent", "john", "joe"]
post: 16
---
date: 2020-12-20

## **Use Virtual Hosts**
This is a very useful way to keep your server organized.

## **Virtual Hosts On Your Lan**
You can practice on your Lan.
### Setting up DNS on your Lan
For instance, if your router is running `dnsmasq`, this may be as simple
as describing the virtual hosts in `/etc/hosts` on the router.
```console
192.168.1.101     blog.devbox blogstatic.devbox
```
### Here's An Example Reverse Proxy for A Flask Blog On Your Lan
```apache
# /etc/apache2/sites-enabled/blog.devbox.conf
<VirtualHost *:80>

    ServerName blog.devbox

    # dont' block LetsEncrypt
    # ProxyPass "/.well-known" !  ... not needed on your Lan

    # don't block /var/www/html/favicon.ico
    ProxyPass "/favicon.ico" !

    ProxyPass "/" "http://127.0.0.1:8000/"
    ProxyPassReverse "/" "http://127.0.0.1:8000/"

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>
```
### Here's An Example for A Static Blog On Your Lan
```apache
# /etc/apache2/sites-enabled/blogstatic.devbox.conf
<VirtualHost *:80>
	ServerName blogstatic.devbox
	DocumentRoot /var/www/html/blogstatic/site

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
```
## **Wan Deployment**
### Set up DNS
Log into your dns provider and create records

* A record for **blog.example.com** pointing to your ipv4 address
* AAAA record for **blog.example.com** pointing to your ipv6 address
* A record for **blogstatic.example.com** pointing to your ipv4 address
* AAAA record for **blogstatic.example.com** pointing to your ipv6 address

### Start With Virtual Hosts for HTTP
You don't need to create virtual hosts for SSL configuration, because
CertBot will automatically do that for you.
#### Reverse Proxy
```apache
# /etc/apache2/sites-enabled/blog.example.com.conf
<VirtualHost *:80>

    ServerName blog.example.com

    # dont' block LetsEncrypt
    ProxyPass "/.well-known" !

    # don't block /var/www/html/favicon.ico
    ProxyPass "/favicon.ico" !

    ProxyPass "/" "http://127.0.0.1:8000/"
    ProxyPassReverse "/" "http://127.0.0.1:8000/"

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>
```
#### Static Site
```apache
# /etc/apache2/sites-enabled/blogstatic.example.com.conf
<VirtualHost *:80>
	ServerName blogstatic.example.com
	DocumentRoot /var/www/html/blogstatic/site

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
```
### Get LetsEncrypt Certs
```console
certbot --apache -d blog.example.com -d blogstatic.example.com
```
Certbot will create and enable new conf files with SSL encryption configured,
and will modify your http conf files with redirections to https.