Apache listens on second ip, is this a bug?

[Richard G]

When checking a thread about the ~userdir directive, by accident I found that all servers were also listening to the second ip address.

This is strange, because this is how a user's httpd.conf looks like:

<VirtualHost 217.23.xxx.xxx:80 >

No furthere virtualhost directives present, so it should be only listening to this ip address.

Also, the userdir is disabled.

But we have another ip adres on this server. When I do this:
http://other.ip.adr.es/~username

I get the site of the user visible. So it seems that apache is not only listening on the one ip mentioned in the virtualhost container -and- the userdir directive still works on the second ip address (if present).

How can this be disabled?

 

[Richard G]

It seems (thanks nicknl) that uncommening the user home directory's line in /etc/httpd/conf/httpd.conf like this:

# User home directories
Include conf/extra/httpd-userdir.conf

fixes this problem.

However, this is standardly commented (so with a # in front of it) nowadays on new install's. So I wonder if this is the correct way of doing things.
And if yes, why is it commented by default?

 

[Arieh]

Ah that explains it, the userdir_module makes that /~user working,

conf/extra/httpd-userdir.conf simply disables it:

UserDir disabled

Maybe John could verify that we could simply uncomment the include line to disable the /~user everywhere.

 

[Richard G]

Correct, but I don't understand why the line is commented by default in httpd.conf. It confuses me.

Either way, the /~user is disabled because it's also disabled by default in the httpd-userdir.conf, but when commented in httpd.conf it will still work on the second ip. So why comment it by default? That's the part I don't understand.

 

[Arieh]

By a default DA installation it is commented out, so /~user is working. That makes sense cause the /~user is a default feature, showing up in user creation mails etc. So I'm guessing if you want to disable it you can just uncomment it.

Edit: I also do wonder about this userdir mod, because with the shared ip it has been done with the AliasMatch.

 

[Richard G]

because with the shared ip it has been done with the AliasMatch

Correct, that is why I'm confused too. And even Aliasmatch is commented by default (in the ips_virtual_host.conf template) and when using the mod_ruid howto, I also comment those lines in the httpd-vhosts.conf file according to the howto.

 

[Richard G]

I just think of something which might remove our confusion.
If I'm correct, the Aliasmatch only works on the virtual host files. The second ip is nowhere mentioned or stated in one of the virtual host configs, so the second ip will only be related to the main httpd.conf. And the main httpd.conf had the /~user enabled, so that's the reason it's working on the second ip. And also the reason that Aliasmatch won't have any effect on it (imho).

 

[Arieh]

No they are at /etc/httpd/conf/ips.conf and they have AliasMatch as well, but commented out.

 

[Richard G]

Ah yeah indeed... in the ips.conf they are inside a virtualhost container, with Aliasmatch commented... you're correct.
In that case we're still confused.

 

[zEitEr]

by accident I found that all servers were also listening to the second ip address.

By default apache is not binded to any IP, it listens *:80, and *:443.
If you want to limit it, you should update /etc/httpd/conf/httpd.conf to meet your needs.