HTTP - Virtual Host (Vanity hostnames / Custom Domain)
About
Virtual hosting is a http feature that allows:
- to host multiple DNS name (domain)
- on the same web server
- on a computer using a single IP address.
In other term, this functionality permits to host several website on the same computer.
Implementation and Routing
Virtual host actually determine a host value to be used as ip name as a piece of routing information.
It's also possible to determine the requested name from the IP but most configurations use only name-based virtual hosts so the server doesn't need to worry about IP addresses.
When the user (browsers) makes requests, the web server application:
- determines the host from the host header or request url
- use this information to customize the response (such as serving a directory in place of another)
Host determination
The algorithm (as explained in section 5.2) is:
- if the request uri is absolute, the host value is the host of the request uri (as found in the authority part)
- otherwise, the host value is the value of the host header
and if the host is not a valid host on the server, the response MUST be a 400 (Bad Request) error message.
Proxy (X-Forwarded-Host)
The implementation / configuration takes place
- in the web http server
- or on the proxy (a proxy is a web server)
If you're server is running behind a proxy, the host header will be the hostname of the proxy, if the request uri is not qualified , you should therefore use the X-Forwarded-Host header to determine how to handle requests.
SSL and Certificate
Server certificate are part of the SSL protocol.
When using SSL, the SSL connection is established before the browser sends an HTTP request, the name of the requested server is then not known (and generally the default server’s certificate is served).
To resolve this problem and serve the appropriate certificate, several solutions can be used:
| Solution | Cons |
|---|---|
| Assign a separate IP address for every HTTPS server | The oldest and most robust method but not easy to implement for dynamic custom domain |
| Lookup the name in the SSL Server Name Indication property | |
| Use only one domain validated certificate with several name in the Subject Alternative Name (SubjectAltName) field (ie www.example.com and www.example.org) | The SubjectAltName field length is limited |
| Use a wildcard certificate (for example, *.example.org) |
Webhosting configuration
Provider
Your webhosting provider provide an interface to the configuration of your webserver.
Web Server / Proxy
If you host your server your self, you need to configure your webserver virtual host features.
Example: Apache - Virtual Host (Vhost)