How to close a connection if the requested host isn't a virtual host in apache

Question

On my web server I have a bunch of websites defined using VirtualHosts. Currently if I request a website from my webserver that is not defined as a virtual host, I will get back the first virtual host in the list.

I would like to make it so that any requests that ask for a website not defined in a virtual host will just close the connection, both for HTTP and HTTPS. I imagine this will involve creating default and default-ssl virtual hosts but I am unsure what exactly to put in them.

score 1 · Accepted Answer · edited Apr 13 '17 at 12:14

1

Use mod_security to make a 'drop' action rule for any request coming by. This closes the session by sending a FIN packet to the client.

Place your rule in the _default_ virtual host in Apache, which is described here and here.

edited Apr 13 '17 at 12:14

Community

1

answered Dec 03 '13 at 21:45

ErikE

4,896

score -1 · Answer 2 · edited Apr 13 '17 at 12:37

-1

Just serve dummy site as the first virtual host with dummy content but why? maybe it is not exactly you want.

If you really want to close the connection, try iptables. it can control real connection on kernel level before apache get it.

check here: https://unix.stackexchange.com/questions/28851/iptables-to-block-https-websites

edited Apr 13 '17 at 12:37

Community

1

answered Dec 03 '13 at 08:59

sio4

264

How to close a connection if the requested host isn't a virtual host in apache

2 Answers2

Linked

Related