Multiple Sites on Different Ports – Web Server Management

TCP/IP Ports

A port in the world of TCP is usually used to determine which applications will be handed the data when a TCP/IP message shows up. For example if a computer receives a packet with the destination of port 80, the computer will usually hand this to the web server because that is usually what is listening on port 80.

Multiple Ports for Apache

While the Apache2 server is initially set up to listen only on Port 80, you can configure it to listen on a different port and even multiple ports and serve up different websites depending on the port configuration.

I tend to use this multiple port feature for testing new versions of software or for internal services for which I use another front end server to act as a reverse proxy (covered much later in this website). This multi-port approach is often more convenient than using IP addresses but the URLs that you need to type into the browser are less than ideal, especially for an outside facing system.

Are You Listening?

If you look as the output of “ss”, you will see that after a standard apache2 installation on Ubuntu you will see the following:

root@wsmdemo:/etc/apache2/sites-enabled# ss -nta
State        Recv-Q        Send-Q               Local Address:Port                 Peer Address:Port        Process       
LISTEN       0             4096                 127.0.0.53%lo:53                        0.0.0.0:*                         
LISTEN       0             128                        0.0.0.0:22                        0.0.0.0:*                         
ESTAB        0             0                    192.168.68.12:22                 192.168.68.103:57630                     
LISTEN       0             511                              *:80                              *:*                         
LISTEN       0             128                           [::]:22                           [::]:*

The interesting line here is second from the bottom where the Local Address:Port shows “*:80” that shows that Apache is listening on port 80.

Make Apache Listen

To make apache listen to another port, you need to get a “Listen” directive put into the configuration. I will show you first the *standard* place where I think they intend for us to put things and I’ll also show you how I tend to organize multiple ports (for those times where I use them).

The file /etc/apache2/ports.conf contains entries that will make apache listen on port 80 and, if modules are enabled, also on port 443. Adding additional ports is simple, just add new listen directives.

Listen 80
Listen 2000
Listen 2100

<IfModule ssl_module>
        Listen 443
</IfModule>

<IfModule mod_gnutls.c>
        Listen 443
</IfModule>

Here, I’ve added listen directives for port 2000 and 2100.

If you reload the configuration file and check the ports under “ss”, you will see now that port 2000 and 2100 are added to the list and you can even visit your site using the different port numbers but unfortunately you will probably always see the same page. In order to show different content based on different port numbers you need to configure the VirtualHost entries.

Configure the site file

In the sites-available folder we can change the matching port number for the virtual host. I’ve show this just for the “red” site now configured to be served up when requests are received on port 2100.

<VirtualHost *:2100>
	ServerAdmin webmaster@localhost
	DocumentRoot /var/www/red

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

The important thing to remember is that just because you add the :2100 to the VirtualHost, it does not cause the server to magically start listening on this port. I often troubleshoot student machines and they have left out the “Listen” command. I usually get them to type “ss -nta” to show me if something is listening to the port.

My Preferred Approach

Since I am often just enabling sites on non-standard port numbers temporarily I usually put the Listen command inside the site configuration file such as:

Listen 2100
<VirtualHost *:2100>
	ServerAdmin webmaster@localhost
	DocumentRoot /var/www/red

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

I do need to remove the “Listen” directive from the ports.conf file since we cannot have two listen commands for the same port.

The reason that I like this is because I can now switch off the red site (and the listening port) in a single a2dissite command without having to remember to disable the site and then modify the ports.conf file.

For the standard Port 80 and Port 443, I think it is best to just leave things where they are since the same port number is likely to be used multiple times.