Situation: OS: Debian 7. apache version: Apache/2.2.22 Multiple websites for HTTP only. 2 websites for HTTP/HTTPS using 1 external IP address with SNI. Names used: 1.domain.tld - http only www.domain1.tld - http only www.domain2.tld - http/https www.domain3.tld - http/https domain4.tld - no website, but DNS is pointing to this server. ISPconfig configuration: Server IP addresess: - IP address enabled for HTTP Vhost, ports 80,443. Vhost website: - IPv4 address = *. Test: 1. Whenever i browse to the exact URLs, all is fine. 2. When i browse to a non-existing website, but with a catch-all DNS entry, therefore pointing to my webserver it will be hit by the virtualhost with the 'lowest' name. Browing to www.domain4.tld results in 1.domain.tld responding. 3. When I browse to https://www.domain1.tld/ (note: NO https site). The lowest virtualhost name with HTTPS will respond. Therefore presenting www.domain2.tld. This also has the negative result that incorrect URLs end up in Google searches as well. Is this expected behavior? Please let me know if additional information is required.
I did found the following: on https://httpd.apache.org/docs/2.4/vhosts/examples.html does this answer the behavior question? Is there a way the server doesn't reply on non-matching virtualhosts?
