Date: Fri, 22 Sep 2000 09:06:01 +1100 (EST) From: Enno Davids <enno.davids@metva.com.au> To: freebsd-isp@FreeBSD.ORG Subject: Re: named virtual hosts Message-ID: <200009212206.JAA25083@metva.com.au> In-Reply-To: <Pine.BSF.4.21.0009211242560.56056-100000@peony.ezo.net> from Jim Flowers at "Sep 21, 0 01:00:24 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
| OTOH, you can use the same IP# and unique ports (443. 444, 445 etc). Just | assign an alias IP# to your interface and direct unsecure access to one | IP# with named hosts and secure access to the alias. For example: The problem with this is that those people who are stuck behind firewalls and proxies may not be able to get to your site. This is mostly a problem for people using the 'free' ISPs where fairly agressive firewalling is used to ensure that proxies are always used and that traffic can be controlled. We ran afoul of this last year when we tried running two instances of virtual hosts on the same IP (managing some resources for customers). The complaints from people who could get to the content started essentially immediately. In our case one of the free ISPs in question punched extra firewall holes to let our traffic through, but that's not something you can rely on. (And it helped that another business unit owned part of them or some such!) Bottom line, yes it _can_ be done, but the standard ports are all that are really supported by other admins around the place. Certainly they are the only ones that figure large in people's assumptions. If you have to use a second port try 563 BTW. Its officially for SSL transported netnews, but as has been noted you can't see inside an SSL connection anyway and it can't be cached so its a better choice for second SSL service on a webserver. Enno. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200009212206.JAA25083>