ibexa

Path

ez publish / technical manual / 4.3 / installation / virtual host setup


Caution: This documentation is for eZ Publish legacy, from version 3.x to 5.x.

Virtual host setup

This section describes how to set up a virtual host for eZ Publish using the Apache web-server. A virtual host setup is only needed if eZ Publish has been configured to use the host access method, which is the most secure method.

By making use of virtual hosts, it is possible to have several sites running on the same server. The sites are usually differentiated by the name they are accessed. Apache will look for a specified set of domains and use different configuration settings based on the domain that is accessed.

Generic virtual host setup

Virtual hosts are usually defined at the end of "httpd.conf", which is the main configuration file for Apache. Adding a virtual host for eZ Publish can be done by copying the following lines and replacing the text encapsulated by the square brackets with actual values. Please refer to the next section for a real life example of using virtual hosts.

NameVirtualHost [IP_ADDRESS]
 
<VirtualHost [IP_ADDRESS]:[PORT]>
    <Directory [PATH_TO_EZPUBLISH]>
        Options FollowSymLinks
        AllowOverride None
    </Directory>
 
    <IfModule mod_php5.c>
        php_admin_flag safe_mode Off
        php_admin_value register_globals 0
        php_value magic_quotes_gpc 0
        php_value magic_quotes_runtime 0
        php_value allow_call_time_pass_reference 0
    </IfModule>
 
    DirectoryIndex index.php
 
    <IfModule mod_rewrite.c>
        RewriteEngine On
        RewriteRule ^/([^/]+/)?content/treemenu.* /index_treemenu\.php [L]
        RewriteRule ^/var/([^/]+/)?storage/images(-versioned)?/.* - [L]
        RewriteRule ^/var/([^/]+/)?cache/(texttoimage|public)/.* - [L]
        RewriteRule ^/design/[^/]+/(stylesheets|images|javascript)/.* - [L]
        RewriteRule ^/share/icons/.* - [L]
        RewriteRule ^/extension/[^/]+/design/[^/]+/(stylesheets|flash|images|lib|javascripts?)/.* - [L]
        RewriteRule ^/packages/styles/.+/(stylesheets|images|javascript)/[^/]+/.* - [L]
        RewriteRule ^/packages/styles/.+/thumbnail/.* - [L]
        RewriteRule ^/var/storage/packages/.* - [L]
 
        #  Makes it possible to place your favicon at the root of your
        #  eZ Publish instance. It will then be served directly.
        RewriteRule ^/favicon\.ico - [L]
        #  Uncomment the line below if you want you favicon be served from the standard design.
        #  You can customize the path to favicon.ico by replacing design/standard/images/favicon.ico
        #  by the adequate path.
        #RewriteRule ^/favicon\.ico /design/standard/images/favicon\.ico [L]
        RewriteRule ^/design/standard/images/favicon\.ico - [L]
 
        # Give direct access to robots.txt for use by crawlers (Google, Bing, Spammers..)
        RewriteRule ^/robots\.txt - [L]
 
        # Platform for Privacy Preferences Project ( P3P ) related files for Internet Explorer
        # More info here : http://en.wikipedia.org/wiki/P3p
        RewriteRule ^/w3c/p3p\.xml - [L]
 
        # Uncomment the following lines when using popup style debug.
        # RewriteRule ^/var/cache/debug\.html.* - [L]
        # RewriteRule ^/var/[^/]+/cache/debug\.html.* - [L]
 
        RewriteRule .* /index\.php
    </IfModule>
 
    DocumentRoot [PATH_TO_EZPUBLISH]
    ServerName [SERVER_NAME]
    ServerAlias [SERVER_ALIAS]
 
</VirtualHost>

[IP_ADDRESS]

The IP address of the virtual host, for example "128.39.140.28". Apache allows the usage of a wildcards here ("*").

[PORT]

The port on which the webserver listens for incoming requests. This is an optional setting, the default port is 80. The combination of an IP address and a port is often referred to as a socket. Apache allows the usage of a wildcards here ("*").

[PATH_TO_EZPUBLISH]

Path to the directory that contains eZ Publish. This must be the full path, for example "/var/www/ezpublish-3.6.0".

[SERVER_NAME]

The host or the IP address that Apache should look for. If a match is found, the virtual host settings will be used.

[SERVER_ALIAS]

Additional hosts/IP addresses that Apache should look for. If a match is found, the virtual host settings will be used.

Please note that the "mod_rewrite" module must be enabled in "httpd.conf" in order to use the Rewrite Rules.

NameVirtualHost

The "NameVirtualHost" setting might already exist in the default configuration. Defining a new one will result in a conflict. If Apache reports errors such as "NameVirtualHost [IP_ADDRESS] has no VirtualHosts" or "Mixing * ports and non-* ports with a NameVirtualHost address is not supported", try skipping the NameVirtualHost line. For more info about the NameVirtualHost directive, see http://httpd.apache.org/docs/1.3/mod/core.html#namevirtualhost.

SOAP and WebDAV

If you would like to use the SOAP and/or the WebDAV features of eZ Publish, you'll have to add the following lines in the virtual host configuration:

RewriteCond %{HTTP_HOST} ^webdav\..*
RewriteRule ^(.*) /webdav.php [L]
 
RewriteCond %{HTTP_HOST} ^soap\..*
RewriteRule ^(.*) /soap.php [L]
 
ServerAlias soap.example.com
ServerAlias webdav.example.com

Geir Arne Waaler (01/10/2010 11:34 am)

Geir Arne Waaler (04/01/2011 11:37 am)

Geir Arne Waaler, André R.


Comments

  • Mistake in last rewrite rule

    When I tried the rewrite rules above, Apache (2.0.54) complained with "mod_rewrite: maximum number of internal redirects reached", resulting in a 500 error.

    The solution is that the last rewrite rule should read:

    RewriteRule .* index.php # no leading slash

    See http://www.sitepoint.com/print/mod_rewrite-no-endless-loops for an explanation.

    By the way, this VirtualHost setup is quite differet to those in the .htaccess_root file that shops with ez Publish 3.7.2 - would you recommend a selective merge of the two or to stick to this example?
  • .htaccess

    allman can you document this .htaccess file somewhere... not all have vhost controll but they want to use mod_rw

    DirectoryIndex index.php
     
    RewriteEngine On
    RewriteCond %{HTTP_HOST} ^webdav\..*
    RewriteRule ^(.*) webdav.php [L]
     
    RewriteCond %{HTTP_HOST} ^soap\..*
    RewriteRule ^(.*) soap.php [L]
     
    RewriteRule ^var/cache/debug.html.* - [L]
    RewriteRule ^var/[^/]+/cache/debug.html.* - [L]
    Rewriterule ^var/storage/.* - [L]
    Rewriterule ^var/[^/]+/storage/.* - [L]
    RewriteRule ^var/cache/texttoimage/.* - [L]
    RewriteRule ^var/[^/]+/cache/texttoimage/.* - [L]
    Rewriterule ^design/[^/]+/(stylesheets|images|javascript)/.* - [L]
    Rewriterule ^share/icons/.* - [L]
    Rewriterule ^extension/[^/]+/design/[^/]+/(stylesheets|images|javascripts?)/.* - [L]
    Rewriterule ^packages/styles/.+/(stylesheets|images|javascript)/[^/]+/.* - [L]
    RewriteRule .* index.php [L]
    
  • urls in cache probleme

    with this config, when somebody access your site using:
    http://yoursite.com/anything/here/index.php
    and if the cache need to be regenerated, urls will be prefixed with /anything/here

    to avoid this problem, we need to remove index.php from url doing an apache redirection

    replace
    <Directory [PATH_TO_EZPUBLISH]>
    Options FollowSymLinks
    AllowOverride None
    </Directory>
    by
    <Directory [PATH_TO_EZPUBLISH]>
    Options FollowSymLinks
    AllowOverride None
    RedirectMatch (.*)\index\.php$ $1
    </Directory>
  • Binary files world-readable

    With a rewrite rule setup like the one above, binary files (in var/storage/original) will be world-readable (unless you protect them in another way). This can be a serious security risk.

    Isn't it better to replace
    Rewriterule ^/var/[^/]+/storage/.* - [L]
    

    with more specific rules?
    Rewriterule ^/var/[^/]+/storage/images/.* - [L]
    Rewriterule ^/var/[^/]+/storage/images-versioned/.* - [L]
    Rewriterule ^/var/[^/]+/storage/images/.* - [L]
    


    The same counts for
    Rewriterule ^/var/storage/.* - [L]
    
  • One more rewrite rule for p3p files

    The P3P rules mandate presence of some xml files describing treatment done by website owner of customer sensitive data.
    Those files are by default placed in the p3p folder at the root of the site.
    Their presence is important not to give headaches with cookies being refused to users of eg. ie 6+ (the eye on a red background icon in the status bar)

    To comply with this, you can
    - create a p3p folder at the root of the eZP installation, and put the xml files in there
    - add this rewrite rule to the vhost setup:
    RewriteRule ^/p3p/.+\.xml - [L]
  • No subtree in admin content structure due to a rewrite rule error...

    The rule :

    RewriteRule content/treemenu/? /index_treemenu.php [L]

    contains an error that cause an empty content structure menu with only the root node (no subtree). You can use this rule instead :

    RewriteRule content/treemenu/?$ /index_treemenu.php [L]

    JB
    • Rewrite rules are OK, but index_treemenu.php contains a bug

      Starting from 4.0.1, the "treemenu" view of the "content" module does not use GET parameters anymore ( see http://issues.ez.no/11806 ). Because of this, the rewrite rules in the docs were updated ("$" removed).

      Problem when using the new rewrite rule appears because "index_treemenu.php" in 4.0.1 contains a bug ( see http://issues.ez.no/13528 ). With your suggestion (old rewrite rule, with "$") the system won't use "index_treemenu.php" at all, so the tree menu will work.

      However, for better performance it's recommended to download the updated "index_treemenu.php" from http://pubsvn.ez.no/nextgen/stable/4.0/index_treemenu.php and use the new rewrite rule (without "$").