 |
Linode.com Forum
Linode Community Forums
|
| Author |
Message |
herculesjr
Joined: 28 May 2004
Posts: 11
|
| Posted: Tue Apr 05, 2005 5:35 pm Post subject: Apache vhosts on mySQL database |
|
|
this is possible??
:DDD
Imagine, vhosts on mysql, and one php script control all!! :D |
|
| Back to top |
|
OverlordQ
Joined: 04 Jun 2004
Posts: 200
|
| Posted: Tue Apr 05, 2005 8:34 pm Post subject: |
|
|
no,
http://httpd.apache.org/docs/vhosts/mass.html
Look there. |
|
| Back to top |
|
schmichael
Joined: 14 Mar 2004
Posts: 116
Location: Peoria, IL
|
| Posted: Wed Apr 06, 2005 12:01 pm Post subject: |
|
|
Actually it looks like it is possible. Check out the phpMyWebHosting project's documentation.
Another alternative would be to have a PHP script write virtual hosts out of the database to a new conf file for inclusion in the main Apache conf file.
The script would be easy to write, but the process would be scary to automate in my opinion because it would require PHP being able to write to Apache conf files and restart Apache! Scary...
However, add a little human intervention and just use PHP to dump you an up to date virtual hosts conf file, and it might be kind of slick. |
|
| Back to top |
|
griffinn
Joined: 09 Sep 2003
Posts: 47
|
| Posted: Wed Apr 06, 2005 9:23 pm Post subject: |
|
|
I imagine vhost settings are not something you will really update very dynamically (unless business is so bustling that you have people coming in and moving out every second).
In that case, consider using a flat file instead of MySQL tables to store your vhost config. Store your hostname-to-directory mappings in a RewriteMap-compatible format, and then depend on mod_rewrite to direct requests to the right place for you. |
|
| Back to top |
|
StephenV
Joined: 27 Dec 2004
Posts: 5
|
| Posted: Thu Apr 07, 2005 5:15 am Post subject: |
|
|
mod_perl has the ability to dynamically generate configuration file sections at runtime, by embedding code into httpd.conf (though I think you still have to restart the server to have changes take effect, as normal).
Dynamic vhosts is one of the examples given for this functionality, but I wouldn't want a mod_perl-enabled httpd being used for every request. mod_perl is a little... heavyweight.
Practically, I'd build a set of scripts which manages the httpd.conf, and responds to requests from a management webpage if needed.
The script running the webpage should *not* run as root - you really don't want anything web-accessible having that sort of access to your server! If I were setting this sort of thing up, I'd keep a queue of configuration changes to make in a database, which the website can append things to.
I'd have a seperate script - again, not setuid root - which monitors this database for changes. It would then make the changes, using sudo to become root only when needed.
That way, there are several layers of protection between the website and the root account - a bug in the website can't give access to the entire system. Even if there's a bug in both the website and the queue-runner script, the attacker is still limited by the restrictions placed on sudo.
Okay, this post is now a bit longer than I intended. My main point can be summed up as something along the lines of "you can do this, but do you really want to, and can you do it securely?" |
|
| Back to top |
|
| |
|