WampServer
Apache, PHP, MySQL
on Windows
THE NEED for VIRTUAL HOSTS
Posted by:
RiggsFolly
(---.dynamic.dsl.as9105.com)
Date: October 02, 2014 06:05PM
WAMPServer Homepage - Virtual Hosts
Note: The use of VirtualHost is mandatory with Apache if you want to work properly with web applications, CMS or your local sites .
It is recommended - even imperative - to create a virtual host for each of your projects, even if you put them in the structure \wamp\www\subfolder.
The WampServer home page (\wamp\www\index.php) expects you to have created a Virtual Host for all your projects and will therefore work properly only if you do so.
History
In order to make life easier for beginners using WampServer to learn PHP Apache and MySQL it was suggested that you create subfolders under the `\wamp\www\` folder.
Acceptable only for simple tutorials
This made life easy for the complete beginner, and was perfectly acceptable for example for those following tutorials to learn PHP coding.
However it was never intended for use when developing a real web site that you would later want to copy to your live hosted server.
In fact if you did use this mechanism it often caused problems as the live sites configuration would not match your development configuration.
The Problem for real website development.
The reason for this is of course that the default DocumentRoot setting for wamp is
regardless of what your subfolder was called.
This ment that often used PHP code that queried the structure or your site received different information when running on your development WampServer to what it would receive when running on a live hosted server, where the DocumentRoot configuration points to the folder at the top of the website file hierarchy.
This kind of code exists in many frameworks and CMS's for example WordPress and Joomla etc.
For Example
Lets say we have a project called project1 held in `wamp\www\project1` and run incorrectly as `[localhost]`
This is what would be reported by some of the PHP command in question:
Now if we had correctly defined that site using a Virtual Host definition and ran it as `http: //project1` the results on the WAMPServer devlopment site will match those received when on a live hosted environment.
Now this difference may seem trivial at first but if you were to use a framework like WordPress or one of the CMS's like Joomla for example, this can and does cause problems when you move your site to or from a live server.
How to create a Virtual Host in WampServer
----------------------------------------------------------------------------------------
--- With Wampserver 3.0.0 it is simplier and can be done automaticaliy with few click:
--- see [forum.wampserver.com]
--- But this does not prevents you reading the following explanations; it will help you understand what a VirtualHost is.
----------------------------------------------------------------------------------------
Actually this should work basically the same for any windows Apache server, with differences only in where you may find the Apache config files.
There are 2 steps to create your first Virtual Host in Apache:
1. Create the Virtual Host definition(s)
2. Add your new domain name to the HOSTS file.
Step 1, Create the Virtual Host definition(s)
Edit the file called `httpd-vhosts.conf` which for WampServer lives in
-- If this is the first time you edit this file, remove the default example code, it is of no use.
I am assuming we want to create a definition for a site called project1 that lives in
\wamp\www\project1
Very important, first we must make sure that localhost still works so that is the first VHOST definition we will put in this file.
In principle, since Wampserver 3.0.4 and Apache 2.4.18 this definition already exists
Note: each VHOST definition has its own DocumentRoot definition.
Small aside
The way virtual hosts work in Apache: The first definition in this file will also be the default site, so should the domain name used in the browser not match any actually defined virtually hosted domain, making localhost the first domain in the file will therefore make it the site that is loaded if a hack attempt just uses your IP Address.
So if we ensure that the Apache security for this domain **is ALWAYS SET TO**
Setp 2:
Add your new domain name to the HOSTS file.
Now we need to add the domain name that we have used in the Virtual Host definition to the HOSTS file so that windows knows where to find it. This is similiar to creating a DNS A record, but it is only visible in this case on this specific PC.
Edit `C:\windows\system32\drivers\etc\hosts`
The file has no extension and should remain that way. Watch out for notepad, as it may try and add a `.txt` extension if you have no better editor.
I suggest you download Notepad++, its free and a very good editor.
Also this is a protected file so you must edit it with administrator privileges, so launch you editor using the Run as Administrator menu option
The hosts file should look like this when you have completed these edits
Now we must tell windows to refresh its domain name cache, so launch a command window again using the Run as Administrator menu option again, and do the following.
To activate this change in you running Apache we must now stop and restart the Apache service.
Now if the WAMP icon in the system tray does not go GREEN again, it means you have probably done something wrong in the `\wamp\bin\apache\apache2.4.9\conf\extra\httpd-vhosts.conf` file.
If so here is a useful mechanism to find out what is wrong. It uses a feature of the Apache exe (httpd.exe) to check its config files and report errors by filename and line numbers.
Launch a command window.
So fix the errors and retest again until you get the output
Now there is one more thing.
Wampmanager Tray Icon Your VirtualHost menu item
The 'Your Virtual Hosts' menu item searches the file that is used to define Virtual Hosts that we have just changed and creates menu links for each ServerName parameter it finds and creates a menu item for each one.
Now if you take this to its logical extension
You can now move your web site code completely outside the \wamp\ folder structure simply by changing the DocumentRoot parameter in the VHOST definition. So for example you could do this:
Create a folder on the wamp disk or any other disk (beware of network drive, they are a bit more complicated)
D:
MD websites
CD websites
MD example.com
CD example.com
MD www
You now copy your site code to, or start creating it in the \websites\example.com\www folder and define your VHOST like this:
Then add this new development domain to the HOSTS file:
NOTE: It is not a good idea to use a ServerName or ServerAlias that is the same as your live domain name, as if we had used example.com as the ServerName it would mean we could no longer get to the real live site from this PC as it would direct example.com to 127.0.0.1 i.e. this PC and not out onto the internet.
ALSO:
See that I have allowed this site to be accessed from the internet from within the VHOST definitions, this change will apply to only this site and no other. Very useful for allowing a client to view your changes for an hour or so without having to copy them to the live server.
This does mean that we have to edit this file manually to turn this access on and off.
Also I have added some modifications to the PHP config, again that will only apply to this one site.
Very useful when maintaining a site with specific requirement unlike all the other sites you maintain.
I guess we can assume from the parameters used that it has a long running page in it somewhere
Another bonus to using Virtual Hosts
Because we are using Virtual Hosts, we can tailor the Apache AND PHP parameters from within the VHOST definition therefore applying these change to only one of the possibly many sites we maintain.
We can therefore leave the httpd.conf and php.ini files which of course are GLOBAL to all the sites, containing general base settings and not have to fiddle with them for each different site we may work on.
We also have a record for each site that needed parameters tailoring and what that tailoring was.
----------------------------------------------------------------------------
You can not reply to this message.
Open a new thread to describe your problem be sure to give the answers to: READ THIS BEFORE YOU ASK A QUESTION
Edited 8 time(s). Last edit at 12/09/2019 06:37PM by Otomatic.
Note: The use of VirtualHost is mandatory with Apache if you want to work properly with web applications, CMS or your local sites .
It is recommended - even imperative - to create a virtual host for each of your projects, even if you put them in the structure \wamp\www\subfolder.
The WampServer home page (\wamp\www\index.php) expects you to have created a Virtual Host for all your projects and will therefore work properly only if you do so.
History
In order to make life easier for beginners using WampServer to learn PHP Apache and MySQL it was suggested that you create subfolders under the `\wamp\www\` folder.
wamp
|-- www
|-- Chapter1
|-- Chapter2
|-- etc
These subfolders would then show as links in the WampServer Homepage under a menu called 'Your Projects' and these links would contain a link to `localhost/subfoldername`.Acceptable only for simple tutorials
This made life easy for the complete beginner, and was perfectly acceptable for example for those following tutorials to learn PHP coding.
However it was never intended for use when developing a real web site that you would later want to copy to your live hosted server.
In fact if you did use this mechanism it often caused problems as the live sites configuration would not match your development configuration.
The Problem for real website development.
The reason for this is of course that the default DocumentRoot setting for wamp is
DocumentRoot "c:/wamp/www/"
regardless of what your subfolder was called.
This ment that often used PHP code that queried the structure or your site received different information when running on your development WampServer to what it would receive when running on a live hosted server, where the DocumentRoot configuration points to the folder at the top of the website file hierarchy.
This kind of code exists in many frameworks and CMS's for example WordPress and Joomla etc.
For Example
Lets say we have a project called project1 held in `wamp\www\project1` and run incorrectly as `[localhost]`
This is what would be reported by some of the PHP command in question:
$_SERVER['HTTP_HOST'] = localhost $_SERVER['SERVER_NAME'] = localhost $_SERVER['DOCUMENT_ROOT'] = c:/wamp/www
Now if we had correctly defined that site using a Virtual Host definition and ran it as `http: //project1` the results on the WAMPServer devlopment site will match those received when on a live hosted environment.
$_SERVER['HTTP_HOST'] = project1 $_SERVER['SERVER_NAME'] = project1 $_SERVER['DOCUMENT_ROOT'] = c:/wamp/www/project1
Now this difference may seem trivial at first but if you were to use a framework like WordPress or one of the CMS's like Joomla for example, this can and does cause problems when you move your site to or from a live server.
How to create a Virtual Host in WampServer
----------------------------------------------------------------------------------------
--- With Wampserver 3.0.0 it is simplier and can be done automaticaliy with few click:
--- see [forum.wampserver.com]
--- But this does not prevents you reading the following explanations; it will help you understand what a VirtualHost is.
----------------------------------------------------------------------------------------
Actually this should work basically the same for any windows Apache server, with differences only in where you may find the Apache config files.
There are 2 steps to create your first Virtual Host in Apache:
1. Create the Virtual Host definition(s)
2. Add your new domain name to the HOSTS file.
Step 1, Create the Virtual Host definition(s)
Edit the file called `httpd-vhosts.conf` which for WampServer lives in
\wamp\bin\apache\apache2.4.41\conf\extra\httpd-vhosts.conf(Apache version numbers may differ, engage brain before continuing)
-- If this is the first time you edit this file, remove the default example code, it is of no use.
I am assuming we want to create a definition for a site called project1 that lives in
\wamp\www\project1
Very important, first we must make sure that localhost still works so that is the first VHOST definition we will put in this file.
In principle, since Wampserver 3.0.4 and Apache 2.4.18 this definition already exists
<VirtualHost *:80>
DocumentRoot "c:/wamp/www"
ServerName localhost
ServerAlias localhost
<Directory "c:/wamp/www">
AllowOverride All
Require local
</Directory>
</VirtualHost>
Now we define our project: and this of course you do for each of your projects as you start a new one.
<VirtualHost *:80>
DocumentRoot "c:/wamp/www/project1"
ServerName project1
<Directory "c:/wamp/www/project1">
AllowOverride All
Require local
</Directory>
</VirtualHost>Note: each VHOST definition has its own DocumentRoot definition.
Small aside
The way virtual hosts work in Apache: The first definition in this file will also be the default site, so should the domain name used in the browser not match any actually defined virtually hosted domain, making localhost the first domain in the file will therefore make it the site that is loaded if a hack attempt just uses your IP Address.
So if we ensure that the Apache security for this domain **is ALWAYS SET TO**
Require localany casual hack from an external address will receive an error and not get into your PC, but should you misspell a domain you will be shown the WampServer homepage, because you are on the same PC as WampServer and therfore `local`.
Setp 2:
Add your new domain name to the HOSTS file.
Now we need to add the domain name that we have used in the Virtual Host definition to the HOSTS file so that windows knows where to find it. This is similiar to creating a DNS A record, but it is only visible in this case on this specific PC.
Edit `C:\windows\system32\drivers\etc\hosts`
The file has no extension and should remain that way. Watch out for notepad, as it may try and add a `.txt` extension if you have no better editor.
I suggest you download Notepad++, its free and a very good editor.
Also this is a protected file so you must edit it with administrator privileges, so launch you editor using the Run as Administrator menu option
The hosts file should look like this when you have completed these edits
127.0.0.1 localhost 127.0.0.1 project1 ::1 localhost ::1 project1Note that you should have definitions in here for the IPV4 loopback address `127.0.0.1` and also the IPV6 loopback address `::1` as Apache is now IPV6 aware and the browser will use either IPV4 or IPV6 or both. I have no idea how it decides which to use, but it can use either if you have the IPV6 stack turned on, and most window OS's do as of XP SP3.
Now we must tell windows to refresh its domain name cache, so launch a command window again using the Run as Administrator menu option again, and do the following.
ipconfig /flushdnsThis forces windows to clear its domain name cache and reload it, in reloading it will re-read the HOSTS file so now it knows about the domain `project1`.
To activate this change in you running Apache we must now stop and restart the Apache service.
Wampmamaner Tray Icon -> Apache -> Service -> Restart Service
Now if the WAMP icon in the system tray does not go GREEN again, it means you have probably done something wrong in the `\wamp\bin\apache\apache2.4.9\conf\extra\httpd-vhosts.conf` file.
If so here is a useful mechanism to find out what is wrong. It uses a feature of the Apache exe (httpd.exe) to check its config files and report errors by filename and line numbers.
Launch a command window.
cd \wamp\bin\apache\apache2.4.41\bin httpd -t
So fix the errors and retest again until you get the output
Syntax OK
Now there is one more thing.
Wampmanager Tray Icon Your VirtualHost menu item
The 'Your Virtual Hosts' menu item searches the file that is used to define Virtual Hosts that we have just changed and creates menu links for each ServerName parameter it finds and creates a menu item for each one.
Now if you take this to its logical extension
You can now move your web site code completely outside the \wamp\ folder structure simply by changing the DocumentRoot parameter in the VHOST definition. So for example you could do this:
Create a folder on the wamp disk or any other disk (beware of network drive, they are a bit more complicated)
D:
MD websites
CD websites
MD example.com
CD example.com
MD www
You now copy your site code to, or start creating it in the \websites\example.com\www folder and define your VHOST like this:
<VirtualHost *:80>
DocumentRoot "d:/websites/example.com/www"
ServerName example.local
ServerAlias www.example.local
<Directory "d:/websites/example.com/www">
AllowOverride All
Require all granted
</Directory>
php_flag display_errors Off
php_flag log_errors On
php_value max_upload_size 40M
php_value max_execution_time 120
php_value error_log "d:/wamp/logs/example_com_phperror.log"
</VirtualHost>Then add this new development domain to the HOSTS file:
127.0.0.1 localhost ::1 localhost 127.0.0.1 project1 ::1 project1 127.0.0.1 example.local ::1 example.local
NOTE: It is not a good idea to use a ServerName or ServerAlias that is the same as your live domain name, as if we had used example.com as the ServerName it would mean we could no longer get to the real live site from this PC as it would direct example.com to 127.0.0.1 i.e. this PC and not out onto the internet.
ALSO:
See that I have allowed this site to be accessed from the internet from within the VHOST definitions, this change will apply to only this site and no other. Very useful for allowing a client to view your changes for an hour or so without having to copy them to the live server.
This does mean that we have to edit this file manually to turn this access on and off.
Also I have added some modifications to the PHP config, again that will only apply to this one site.
Very useful when maintaining a site with specific requirement unlike all the other sites you maintain.
I guess we can assume from the parameters used that it has a long running page in it somewhere
php_value max_execution_time 120and it is very badly written and will not run with errors being displayed on the browser without making a horrible mess of the page.
php_flag display_errors OffBelieve me sites like this exist and people still want them maintained badly.
Another bonus to using Virtual Hosts
Because we are using Virtual Hosts, we can tailor the Apache AND PHP parameters from within the VHOST definition therefore applying these change to only one of the possibly many sites we maintain.
We can therefore leave the httpd.conf and php.ini files which of course are GLOBAL to all the sites, containing general base settings and not have to fiddle with them for each different site we may work on.
We also have a record for each site that needed parameters tailoring and what that tailoring was.
----------------------------------------------------------------------------
You can not reply to this message.
Open a new thread to describe your problem be sure to give the answers to: READ THIS BEFORE YOU ASK A QUESTION
Edited 8 time(s). Last edit at 12/09/2019 06:37PM by Otomatic.
Why create VirtualHost BEFORE installing CMS
Posted by:
Otomatic
(Moderator)
Date: April 14, 2020 11:22AM
Hello,
Why it is necessary to create a VirtualHost BEFORE installing a CMS ?
Let's go back to VirtualHost or Virtual Hosts.
A virtual host declaration includes (almost) imperative elements:
IP address means the IP address of the virtual server and, in this case, the character *, which acts as a wildcard character, and corresponds to any IP address. The port number is optional and is 80 by default. Nevertheless, here we specify it to facilitate possible replacements.
- b]Line 01 ServerName[protocol:///]qualified domain name[:port][/b]
By default, the protocol is http. The domain name is the name by which you will be asked to connect to the virtual site. It must meet the standards of domain names. If, as name we have (without quotation marks) "ServerName site_name", we will connect by (http://site_name)
- Line 02 DocumentRoot directory path (Without final slash)
This directive is used to define the directory from which Apache will serve the files. The URL path will be added by the server to the root of the documents in order to build the path of the searched document.
For example, with DocumentRoot C:/wamp/www/mysite, an access to (http://site_name/index.php) then refers to C:/wamp/www/mysite/index.php.
If the directory path is not an absolute path, it is considered relative to the path defined by the ServerRoot directive.
- Line 03 <Directory directory path> ... </Directory> (With a final slash on the way)
The <Directory> and </Directory> tags allow you to group a set of directives that apply only to the specified directory, its subdirectories, and files located in these subdirectories, such as permissions or access bans.
- Line 04 Options .....
Defines the features available for a particular directory. The + sign before the name of the functionality validates it, the - sign invalidates it. In this case:
Indexes : If a required URL corresponds to the directory concerned, and if no index.html or index.php file is defined for this directory, the mod_autoindex module will return a formatted listing of the directory content.
FollowSymLinks: The server will follow the symbolic links in the directory concerned.
Multiviews: Multiple views ("multiviews"
with content negotiated using the mod_negotiation module are allowed.
- Line 05 AllowOverride all
When the server finds an.htaccess file, it must know which of the directives placed in that file are allowed to modify the pre-existing configuration; it is the role of AllowOverride to authorize all or some of the directives in the.htaccess files.
- Line 06 Require local
The Require Directive allows or prohibits access to the directory concerned. In this case (Local Require) only access requests from the PC on which the server is installed will be allowed (This corresponds to Allow from 127.0.0.0.1 and ::1 and localhost from Apache 2.2).
-----------------------------------
When you put a CMS (Joomla, Wordpress or other) online with a host, you can only do so if you have a "site" on that host to install the CMS or put other files on it.
You don't realize it, but at the host, your "site" is declared as a Virtual Host, exactly as we just dissected it above (perhaps with more or less options).
Looking at it a little closer, at the host's site, the access path (DocumentRoot) is a little more complex than locally, for example :
/srv/data/web/vhosts/name_of_site/htdocs
or
/mnt/109/sdb/a/d/site_name
assuming that at the host, your site is site-name.net when you ask (http://site-name.net/wordpress/index.php),
it is the file /srv/data/web/vhosts/site-name/htdocs/wordpress/index.php that will be served.
And if, in a PHP script at this host, you ask:
Now to a local server, for example Wampserver.
You create a folder, for example C:/wamp/www/www/my_site/ in which you install a CMS, for example Joomla (in a folder named joomla) and launch the installation script. To do this, you had to put the url (http://localhost/my_site/joomla/proc_install.php). And yes, it was necessary to add localhost in the url.
What does the Apache documentation say?
- Any request that does not match any existing <VirtualHost> section is processed with the main server configuration.
- If a virtual server does not define a ServerName directive, the name of this virtual server will be inherited from the main server.
This is the case, because after installing Wampserver, no VirtualHost is defined. It is therefore the definitions of the Apache configuration file that are taken into account:
And, in this case of installing a CMS with the url (http://localhost/...), all parameters (paths, files, internal url, etc.) created during the installation procedure will be created with the php variable $_SERVER['DOCUMENT_ROOT'] equal to C:/wamp/www and not C:/wamp/www/my_site
This is why it is much more difficult to create a VirtualHost my_site AFTER installing a CMS, because then, the value of $_SERVER['DOCUMENT_ROOT'] would become C:/wamp/www/my_site while the parameters, after installing the CMS only know C:/wamp/www where path error and files not found.
Why it is necessary to create a VirtualHost BEFORE installing a CMS ?
Let's go back to VirtualHost or Virtual Hosts.
A virtual host declaration includes (almost) imperative elements:
<VirtualHost *:80>
ServerName nom_du_site
DocumentRoot C:/wamp/www/monsite
<Directory "C:/wamp/www/monsite/">
Options +Indexes +FollowSymLinks +MultiViews
AllowOverride all
Require local
</Directory>
</VirtualHost>
- Line 00 <VirtualHost address IP[:port]>IP address means the IP address of the virtual server and, in this case, the character *, which acts as a wildcard character, and corresponds to any IP address. The port number is optional and is 80 by default. Nevertheless, here we specify it to facilitate possible replacements.
- b]Line 01 ServerName[protocol:///]qualified domain name[:port][/b]
By default, the protocol is http. The domain name is the name by which you will be asked to connect to the virtual site. It must meet the standards of domain names. If, as name we have (without quotation marks) "ServerName site_name", we will connect by (http://site_name)
- Line 02 DocumentRoot directory path (Without final slash)
This directive is used to define the directory from which Apache will serve the files. The URL path will be added by the server to the root of the documents in order to build the path of the searched document.
For example, with DocumentRoot C:/wamp/www/mysite, an access to (http://site_name/index.php) then refers to C:/wamp/www/mysite/index.php.
If the directory path is not an absolute path, it is considered relative to the path defined by the ServerRoot directive.
- Line 03 <Directory directory path> ... </Directory> (With a final slash on the way)
The <Directory> and </Directory> tags allow you to group a set of directives that apply only to the specified directory, its subdirectories, and files located in these subdirectories, such as permissions or access bans.
- Line 04 Options .....
Defines the features available for a particular directory. The + sign before the name of the functionality validates it, the - sign invalidates it. In this case:
Indexes : If a required URL corresponds to the directory concerned, and if no index.html or index.php file is defined for this directory, the mod_autoindex module will return a formatted listing of the directory content.
FollowSymLinks: The server will follow the symbolic links in the directory concerned.
Multiviews: Multiple views ("multiviews"
with content negotiated using the mod_negotiation module are allowed.- Line 05 AllowOverride all
When the server finds an.htaccess file, it must know which of the directives placed in that file are allowed to modify the pre-existing configuration; it is the role of AllowOverride to authorize all or some of the directives in the.htaccess files.
- Line 06 Require local
The Require Directive allows or prohibits access to the directory concerned. In this case (Local Require) only access requests from the PC on which the server is installed will be allowed (This corresponds to Allow from 127.0.0.0.1 and ::1 and localhost from Apache 2.2).
-----------------------------------
When you put a CMS (Joomla, Wordpress or other) online with a host, you can only do so if you have a "site" on that host to install the CMS or put other files on it.
You don't realize it, but at the host, your "site" is declared as a Virtual Host, exactly as we just dissected it above (perhaps with more or less options).
Looking at it a little closer, at the host's site, the access path (DocumentRoot) is a little more complex than locally, for example :
/srv/data/web/vhosts/name_of_site/htdocs
or
/mnt/109/sdb/a/d/site_name
assuming that at the host, your site is site-name.net when you ask (http://site-name.net/wordpress/index.php),
it is the file /srv/data/web/vhosts/site-name/htdocs/wordpress/index.php that will be served.
And if, in a PHP script at this host, you ask:
echo $_SERVER['DOCUMENT_ROOT'];you will get
/srv/data/web/web/vhosts/site-name/htdocsor
/mnt/109/sdb/a/d/site-nameAll this to say that a VirtualHost existed at the host BEFORE you installed a CMS, Joomla or Wordpress for example.
Now to a local server, for example Wampserver.
You create a folder, for example C:/wamp/www/www/my_site/ in which you install a CMS, for example Joomla (in a folder named joomla) and launch the installation script. To do this, you had to put the url (http://localhost/my_site/joomla/proc_install.php). And yes, it was necessary to add localhost in the url.
What does the Apache documentation say?
- Any request that does not match any existing <VirtualHost> section is processed with the main server configuration.
- If a virtual server does not define a ServerName directive, the name of this virtual server will be inherited from the main server.
This is the case, because after installing Wampserver, no VirtualHost is defined. It is therefore the definitions of the Apache configuration file that are taken into account:
ServerName localhost:80 DocumentRoot "C:/wamp/www" <Directory "C:/wamp/www/">localhost being the only VirtualHost defined, all urls will have to be based on this virtual site, so start with (http://localhost/.....) to be processed without errors. In addition, it is the only one defined in the hosts file. If we omit localhost, the url will not be found, hence error 404.
And, in this case of installing a CMS with the url (http://localhost/...), all parameters (paths, files, internal url, etc.) created during the installation procedure will be created with the php variable $_SERVER['DOCUMENT_ROOT'] equal to C:/wamp/www and not C:/wamp/www/my_site
This is why it is much more difficult to create a VirtualHost my_site AFTER installing a CMS, because then, the value of $_SERVER['DOCUMENT_ROOT'] would become C:/wamp/www/my_site while the parameters, after installing the CMS only know C:/wamp/www where path error and files not found.
How to activate https SSL in Wampserver
Posted by:
Otomatic
(Moderator)
Date: July 14, 2020 01:48PM
Using https with SSL in local VirtualHost
Now integrated into Wampserver as of version 3.3.2
For this, the Apache listening port must not only be port 443, but also port 80.
The Apache documentation on this subject specifies that you need both VirtualHost, one on port 80 and the other on port 443.
We can read in the file wamp64/bin/apache/apache2.4.57/conf/extra/httpd-ssl.conf
-- Procedure explained for wampserver installed in e:\wamp64 and for apache 2.4.57
Modify the paths and version according to your installation
Procedure compiled from comparisons and tests of various documentations and explanations including those of Artemus24 on its website [www.jcz.fr].
For all intents and purposes, here's my own procedure for using https ssl locally.
This is an English translation from my French procedure, and there might be some misunderstandings.
It may not be the best method and there may be redundancies and/or extra stuff, but :
This procedure works and has been tried for Apache 2.4.37 to 2.4.57 in 64 bits
-- Wampserver must be stopped, so services must be stopped.
-- Modification of file e:\wamp64\bin\apache\apache2.4.57\conf\httpd.conf
Uncomment:
To activate https SSL, you must load both modules in httpd.conf:
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule ssl_module modules/mod_ssl.so
The loading of these modules will only be activated after completing the entire key creation procedure and ensuring that the VirtualHost works correctly in httpd port 80.
-- Replacement of the e:\wamp64\bin\apache\apache2.4.57\conf\extra\httpd-ssl.conf file
To obtain information, read the comments in the original file.
Afterwards, you can review the information that will still be in the original file:
e:\wamp64\bin\apache\apache2.4.53\conf\original\extra\httpd-ssl.conf
which has not been modified.
Replace the contents of the e:\wamp64\bin\apache\apache2.4.57\conf\extra\httpd-ssl.conf file with :
Define SERVERNAMEVHOSTSSL wampserver.aviatechno
Define DOCUMENTROOTVHOSTSSL G:\www\wampserver
Define ADMINVHOSTSSL wampserver@otomatic.net
The VirtualHost must already exist and be valid in http port 80, so exist in the file :
e:\wamp64\bin\apache\apache2.4.57\conf\extra\httpd-vhosts.conf[/b]
-- Replace all the contents of the file e:\wamp64\bin\apache\apache2.4.57\conf\openssl.cnf
by
Open a "as administrator" command window
And in this window type the following lines.
You can copy/paste in blocks of several lines, with an empty line at the end of the block, otherwise the last command of the block would not be executed.
Never close the command window before the procedure is completed, otherwise the environment variables previously declared by set would be lost.
- For another local site, only repeat from 6 to 12 by changing the ServerName SERVLOCAL
The command window must be positioned on the wamp/bin/apache/apache/apache2.4.53/bin/ folder and it is imperative to create the environment variables (Change path and version if necessary) before running commands 6 to 12
Where to store the various certificates:
This doesn't seem to be mandatory. The https mode works correctly with Firefox, Opera, Chrome and Edge browsers without the certificates having been stored as below!
--- The certificate "Certs\Cacerts\Certificat.crt" is to be put away :
-- Windows, in the Certificate Manager (Launched by "certmgr.msc" :
in "Trusted Root Certification Authorities" :
- Right-click on "Trusted Root Certificate Authorities" -> All tasks -> Import -> Browse
to go get Certs\Cacerts\Certificat.crt
-- Firefox, Tools -> Options -> Privacy and security
- Certificates -> View Certificates.
- Store "Authorities" then Import
--- The client or Site certificate(s) with the suffix ".pfx or .p12".
It contains the certificate, its intermediary and the private key.
-- Windows, in the Certificate Manager (certmgr.msc), "Personal" store.
-- Firefox, in the "Your Certificates" store.
The password will be requested.
I am only talking about the Firefox browser since, to my knowledge, it is the only one that manages the certificates itself, the others using Windows certificates.
Force https for one or several VirtualHost
To force a VirtualHost to be launched in https, just add a rewrite directive in its structure <VirtualHost *:80> in the httpd-vhosts.conf file.
Edited 16 time(s). Last edit at 10/26/2023 11:35AM by Otomatic.
Now integrated into Wampserver as of version 3.3.2
For this, the Apache listening port must not only be port 443, but also port 80.
The Apache documentation on this subject specifies that you need both VirtualHost, one on port 80 and the other on port 443.
We can read in the file wamp64/bin/apache/apache2.4.57/conf/extra/httpd-ssl.conf
# This is the Apache server configuration file providing SSL support. # When we also provide SSL we have to listen to the # standard HTTP port and to the HTTPS portTo avoid, as they say in my house, mixing wipes and towels, the VirtualHost port 80 are defined in the httpd-vhosts.conf file and the VirtualHost https port 443 are defined in the httpd-ssl.conf file.
-- Procedure explained for wampserver installed in e:\wamp64 and for apache 2.4.57
Modify the paths and version according to your installation
Procedure compiled from comparisons and tests of various documentations and explanations including those of Artemus24 on its website [www.jcz.fr].
For all intents and purposes, here's my own procedure for using https ssl locally.
This is an English translation from my French procedure, and there might be some misunderstandings.
It may not be the best method and there may be redundancies and/or extra stuff, but :
This procedure works and has been tried for Apache 2.4.37 to 2.4.57 in 64 bits
-- Wampserver must be stopped, so services must be stopped.
-- Modification of file e:\wamp64\bin\apache\apache2.4.57\conf\httpd.conf
Uncomment:
#Include conf/extra/httpd-ssl.confto obtain:
Include conf/extra/httpd-ssl.conf
To activate https SSL, you must load both modules in httpd.conf:
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule ssl_module modules/mod_ssl.so
The loading of these modules will only be activated after completing the entire key creation procedure and ensuring that the VirtualHost works correctly in httpd port 80.
-- Replacement of the e:\wamp64\bin\apache\apache2.4.57\conf\extra\httpd-ssl.conf file
To obtain information, read the comments in the original file.
Afterwards, you can review the information that will still be in the original file:
e:\wamp64\bin\apache\apache2.4.53\conf\original\extra\httpd-ssl.conf
which has not been modified.
Replace the contents of the e:\wamp64\bin\apache\apache2.4.57\conf\extra\httpd-ssl.conf file with :
#
# This is the Apache server configuration file providing SSL support.
# When we also provide SSL we have to listen to the
# standard HTTP port and to the HTTPS port
#
Listen 0.0.0.0:443 https
Listen [::0]:443 https
# Where the certificates are
Define CERTIFS ${INSTALL_DIR}/bin/Certs
Protocols h2 h2c http/1.1
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=31536000; preload"
</IfModule>
SSLSessionCache shmcb:${INSTALL_DIR}/tmp/ssl_gcache_data(512000)
SSLOptions +StrictRequire +StdEnvVars -ExportCertData
# SSL Protocol support:
SSLProtocol -all +TLSv1.2 +TLSv1.3
SSLCompression Off
SSLHonorCipherOrder On
# SSL Cipher Suite:
SSLCipherSuite SSL ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384
# Encryptions TLSv1.3
SSLCipherSuite TLSv1.3 TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384
SSLOpenSSLConfCmd ECDHParameters secp521r1
SSLOpenSSLConfCmd Curves sect571r1:sect571k1:secp521r1:sect409k1:sect409r1:secp384r1
##
## SSL Virtual Host Context
Define SERVERNAMEVHOSTSSL MYSITE_ServerName
Define DOCUMENTROOTVHOSTSSL MYSITE_DocumentRoot
<VirtualHost *:443>
ServerName ${SERVERNAMEVHOSTSSL}
DocumentRoot "${DOCUMENTROOTVHOSTSSL}"
SSLEngine on
SSLCertificateFile "${CERTIFS}/Site/${SERVERNAMEVHOSTSSL}.crt"
SSLCertificateKeyFile "${CERTIFS}/Site/${SERVERNAMEVHOSTSSL}.key"
<Directory "${DOCUMENTROOTVHOSTSSL}/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride all
Require local
</Directory>
CustomLog "${INSTALL_DIR}/logs/custom.log" "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
# End of SSL Virtual Host Context - To be repeated for another SSL VirtualHost
# Do not remove these lines UnDefine
UnDefine SERVERNAMEVHOSTSSL
UnDefine DOCUMENTROOTVHOSTSSL
You must modify all the lines where there is MYSITE to put your own data and parameters, for example:Define SERVERNAMEVHOSTSSL wampserver.aviatechno
Define DOCUMENTROOTVHOSTSSL G:\www\wampserver
Define ADMINVHOSTSSL wampserver@otomatic.net
The VirtualHost must already exist and be valid in http port 80, so exist in the file :
e:\wamp64\bin\apache\apache2.4.57\conf\extra\httpd-vhosts.conf[/b]
-- Replace all the contents of the file e:\wamp64\bin\apache\apache2.4.57\conf\openssl.cnf
by
#============ openssl.cnf =============# [ca] default_ca = CA_default [CA_default] dir = ../../../Certs cacerts_dir = $dir/Cacerts certificate = $cacerts_dir/Certificat.crt new_certs_dir = $dir/Newcerts private_dir = $cacerts_dir private_key = $private_dir/Certificat.key RANDFILE = $private_dir/Certificat.rnd other_dir = $dir/Other database = $other_dir/index.txt serial = $other_dir/serial.txt default_crl_days = 14610 default_days = 14610 default_md = sha512 x509_extensions = usr_cert name_opt = ca_default cert_opt = ca_default preserve = no policy = policy_match [policy_match] countryName = match stateOrProvinceName = match localityName = match organizationName = optional organizationalUnitName = optional commonName = supplied emailAddress = optional [usr_cert] basicConstraints = CA:FALSE nsCertType = client keyUsage = nonRepudiation, digitalSignature, keyEncipherment nsComment = "OpenSSL Generated Certificate" subjectKeyIdentifier = hash authorityKeyIdentifier = keyid,issuer [ocsp] basicConstraints = CA:FALSE subjectKeyIdentifier = hash authorityKeyIdentifier = keyid,issuer keyUsage = critical, digitalSignature extendedKeyUsage = critical, OCSPSigning [req] default_bits = 4096 default_keyfile = ../../../Certs/Cacerts/Certificat.pem encrypt_key = no default_md = sha512 string_mask = utf8only prompt = no utf8 = yes distinguished_name = req_distinguished_name req_extensions = v3_req x509_extensions = v3_ca [req_distinguished_name] countryName_default = FR stateOrProvinceName_default = Paris localityName_default = Paris 0.organizationName_default = Otomatic & Cie organizationalUnitName_default = Wampserver commonName = Common Name (eg, your website’s domain name) commonName_max = 64 emailAddress_default = otomatic@otomatic.net emailAddress_max = 40 [v3_req] basicConstraints = CA:FALSE keyUsage = nonRepudiation, digitalSignature, keyEncipherment [v3_ca] # Extensions to use when signing a CA basicConstraints = critical, CA:true keyUsage = keyCertSign, cRLSign nsCertType = sslCA, emailCA nsComment = "SSL ROOT CA" subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always,issuer:always subjectAltName = @alt_names [alt_names] DNS.1 = IP:127.0.0.1 DNS.2 = localhost
Open a "as administrator" command window
And in this window type the following lines.
You can copy/paste in blocks of several lines, with an empty line at the end of the block, otherwise the last command of the block would not be executed.
Never close the command window before the procedure is completed, otherwise the environment variables previously declared by set would be lost.
Rem Wampserver installation variables Rem To be modified according to your installation set installdir=e:\wamp64 set apachever=2.4.57 Rem Rem Verification and possible creation of folders cd /D %installdir%\bin Rem Removal of any certificates that may be present if exist Certs rmdir /S /Q Certs if not exist Certs md Certs cd Certs if not exist Other md Other if not exist Cacerts md Cacerts if not exist Server md Server if not exist Site md Site Rem Information to be created copy nul .\Other\Index.txt @echo 01> .\Other\Serial.txt Rem MyPass can be replaced by your own password (4 to 20 characters) @echo MyPass> .\Other\Password.txt set /P PASSWORD= <.\Other\Password.txt Rem cd..
Rem We are in the folder %installdir%\bin Rem We go to apache used /bin cd apache\apache%apachever%\bin Rem Declaration of variables - Imperative set OPENSSL_CONF=%installdir%\bin\apache\apache%apachever%\conf\openssl.cnf set DIRCERTS=%installdir%\bin\Certs Rem +-+-+-+-+ Creation of the self-signed certificate +-+-+-+ Rem 1- Generation of a random number. (The seed 1358 can be replaced) openssl rand -out %DIRCERTS%/Cacerts/Certificat.rnd -base64 1358 Rem 2- Private RSA key. openssl genrsa -out %DIRCERTS%/Cacerts/Certificat.key -rand %DIRCERTS%/Cacerts/Certificat.rnd 4096 Rem 3- Request for signature. Rem /C=FR : Country -- /ST=Paris : State or region -- /L=Paris : City Rem /O=Otomatic & Cie : Organisation -- /CN=Otomatic & Cie : Division openssl req -new -sha256 -key %DIRCERTS%/Cacerts/Certificat.key -out %DIRCERTS%/Cacerts/Certificat.csr -subj "/C=FR/ST=Paris/L=Paris/O=Otomatic & Cie/CN=Otomatic & Cie" Rem 4- Self-signed certificate. openssl x509 -req -days 1830 -sha256 -in %DIRCERTS%/Cacerts/Certificat.csr -signkey %DIRCERTS%/Cacerts/Certificat.key -out %DIRCERTS%/Cacerts/Certificat.crt openssl x509 -in %DIRCERTS%/Cacerts/Certificat.crt -outform der -out %DIRCERTS%/Cacerts/Certificat.der openssl x509 -in %DIRCERTS%/Cacerts/Certificat.crt -outform pem -out %DIRCERTS%/Cacerts/Certificat.pem Rem 5- Public Key Extraction Plaintext Block Chaining openssl rsa -in %DIRCERTS%/Cacerts/Certificat.key -pubout -out %DIRCERTS%/Cacerts/Certificat.pbc Rem +-+-+-+-+ End of the creation of the self-signed certificate +-+-+-+-+
Rem +-+-+-+-+-+-++ Certificates and server keys for a local site +-+-+-+-+-+ Rem 6- ServerName of the local site for which you want the keys set SERVLOCAL=aviatechno Rem 7- Random number (Different seed - 1677 may be changed) if exist %DIRCERTS%\Server\Server.rnd del %DIRCERTS%\Server\Server.rnd openssl rand -out %DIRCERTS%/Server/Server.rnd -base64 1677 Rem 8- Private RSA key. if exist %DIRCERTS%\Server\Server.key del %DIRCERTS%\Server\Server.key openssl genrsa -out %DIRCERTS%/Server/Server.key -rand %DIRCERTS%/Server/Server.rnd 4096 Rem 9- Signing request for ServerName certificate Rem /C=FR : Country -- /ST=Paris : State or région -- /L=Paris : City Rem /O=Otomatic & Cie : Organisation -- /CN=nom du site local if exist %DIRCERTS%\Server\Server.csr del %DIRCERTS%\Server\Server.csr openssl req -new -sha256 -key %DIRCERTS%/Server/Server.key -out %DIRCERTS%/Server/Server.csr -subj "/C=FR/ST=Paris/L=Paris/O=Otomatic & Cie/OU=Wampserver/CN=%SERVLOCAL%" Rem 10- Signature request for server certificate. if exist %DIRCERTS%\Server\Server.crt del %DIRCERTS%\Server\Server.crt openssl x509 -req -days 4383 -sha256 -in %DIRCERTS%/Server/Server.csr -CA %DIRCERTS%/Cacerts/Certificat.crt -CAkey %DIRCERTS%/Cacerts/Certificat.key -CAcreateserial -out %DIRCERTS%/Server/Server.crt openssl x509 -outform der -in %DIRCERTS%/Server/Server.crt -out %DIRCERTS%/Server/Server.der openssl x509 -inform DER -outform PEM -in %DIRCERTS%/Server/Server.der -out %DIRCERTS%/Server/Server.pem openssl crl2pkcs7 -nocrl -certfile %DIRCERTS%/Cacerts/Certificat.crt -certfile %DIRCERTS%/Server/Server.crt -out %DIRCERTS%/Server/%SERVLOCAL%.p7b if exist %DIRCERTS%\Server\%SERVLOCAL%.pfx del %DIRCERTS%\Server\%SERVLOCAL%.pfx openssl pkcs12 -export -nodes -in %DIRCERTS%/Cacerts/Certificat.crt -inkey %DIRCERTS%/Server/Server.key-out %DIRCERTS%/Server/%SERVLOCAL%.pfx -descert -name "%SERVLOCAL%" -password pass:%PASSWORD% Rem Rem 11- Client certificate. Rem Nota : Un mot de passe sera demandé sauf si option finale -password pass:MyPass openssl pkcs12 -nodes -export -in %DIRCERTS%/Server/Server.crt -inkey %DIRCERTS%/Server/Server.key -out %DIRCERTS%/Site/%SERVLOCAL%.pfx -clcerts -descert -name "Client %SERVLOCAL% Certificate" -password pass:%PASSWORD% Rem 12- Copy of keys copy /Y %DIRCERTS%\Server\Server.crt %DIRCERTS%\Site\%SERVLOCAL%.crt copy /Y %DIRCERTS%\Server\Server.key %DIRCERTS%\Site\%SERVLOCAL%.key
- For another local site, only repeat from 6 to 12 by changing the ServerName SERVLOCAL
The command window must be positioned on the wamp/bin/apache/apache/apache2.4.53/bin/ folder and it is imperative to create the environment variables (Change path and version if necessary) before running commands 6 to 12
set installdir=e:\wamp64 set apachever=2.4.57 set OPENSSL_CONF=%installdir%\bin\apache\apache%apachever%\conf\openssl.cnf set DIRCERTS=%installdir%\bin\Certs cd /D %installdir%\bin\apache\apache%apachever%\bin set /P PASSWORD= <..\..\..\Certs\Other\Password.txt
Where to store the various certificates:
This doesn't seem to be mandatory. The https mode works correctly with Firefox, Opera, Chrome and Edge browsers without the certificates having been stored as below!
--- The certificate "Certs\Cacerts\Certificat.crt" is to be put away :
-- Windows, in the Certificate Manager (Launched by "certmgr.msc"
:in "Trusted Root Certification Authorities" :
- Right-click on "Trusted Root Certificate Authorities" -> All tasks -> Import -> Browse
to go get Certs\Cacerts\Certificat.crt
-- Firefox, Tools -> Options -> Privacy and security
- Certificates -> View Certificates.
- Store "Authorities" then Import
--- The client or Site certificate(s) with the suffix ".pfx or .p12".
It contains the certificate, its intermediary and the private key.
-- Windows, in the Certificate Manager (certmgr.msc), "Personal" store.
-- Firefox, in the "Your Certificates" store.
The password will be requested.
I am only talking about the Firefox browser since, to my knowledge, it is the only one that manages the certificates itself, the others using Windows certificates.
Force https for one or several VirtualHost
To force a VirtualHost to be launched in https, just add a rewrite directive in its structure <VirtualHost *:80> in the httpd-vhosts.conf file.
<VirtualHost *:80>
ServerName mysite
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ 'https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]'
DocumentRoot "G:/www/myfolder"
<Directory "G:/www/myfolder/">
....
Note: do not put the simple quotes around 'https://%{HTTP....]'. They are there to avoid the transformation into a clickable link.Edited 16 time(s). Last edit at 10/26/2023 11:35AM by Otomatic.
Sorry, you can't reply to this topic. It has been closed.
