---
title: "Apache Virtual Hosts"
date: 2020-12-20
draft: false
tags: ["Apache","Virtual Hosts","LetsEncrypt","Lets Encrypt","Reverse Proxy","DNS"]
authors: ["trent"]
---
date: 2020-12-20
## **Use Virtual Hosts**
This is a very useful way to keep your server organized.
## **Virtual Hosts On Your Lan**
You can practice on your Lan.
### Setting up DNS on your Lan
For instance, if your router is running `dnsmasq`, this may be as simple
as describing the virtual hosts in `/etc/hosts` on the router.
```console
192.168.1.101 blog.devbox blogstatic.devbox
```
### Here's An Example Reverse Proxy for A Flask Blog On Your Lan
```apache
# /etc/apache2/sites-enabled/blog.devbox.conf
ServerName blog.devbox
# dont' block LetsEncrypt
# ProxyPass "/.well-known" ! ... not needed on your Lan
# don't block /var/www/html/favicon.ico
ProxyPass "/favicon.ico" !
ProxyPass "/" "http://127.0.0.1:8000/"
ProxyPassReverse "/" "http://127.0.0.1:8000/"
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
```
### Here's An Example for A Static Blog On Your Lan
```apache
# /etc/apache2/sites-enabled/blogstatic.devbox.conf
ServerName blogstatic.devbox
DocumentRoot /var/www/html/blogstatic/site
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
```
## **Wan Deployment**
### Set up DNS
Log into your dns provider and create records
* A record for **blog.example.com** pointing to your ipv4 address
* AAAA record for **blog.example.com** pointing to your ipv6 address
* A record for **blogstatic.example.com** pointing to your ipv4 address
* AAAA record for **blogstatic.example.com** pointing to your ipv6 address
### Start With Virtual Hosts for HTTP
You don't need to create virtual hosts for SSL configuration, because
CertBot will automatically do that for you.
#### Reverse Proxy
```apache
# /etc/apache2/sites-enabled/blog.example.com.conf
ServerName blog.example.com
# dont' block LetsEncrypt
ProxyPass "/.well-known" !
# don't block /var/www/html/favicon.ico
ProxyPass "/favicon.ico" !
ProxyPass "/" "http://127.0.0.1:8000/"
ProxyPassReverse "/" "http://127.0.0.1:8000/"
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
```
#### Static Site
```apache
# /etc/apache2/sites-enabled/blogstatic.example.com.conf
ServerName blogstatic.example.com
DocumentRoot /var/www/html/blogstatic/site
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
```
### Get LetsEncrypt Certs
```console
certbot --apache -d blog.example.com -d blogstatic.example.com
```
Certbot will create and enable new conf files with SSL encryption configured,
and will modify your http conf files with redirections to https.