Hi Brad,
Thanks for your honesty here. The problems you heard about are over. Thread-safety indeed was a problem that was easily tackled. The delays are totally gone. And I mean totally 
You do not need to add all hosts, but just 1 serverName in each VirtualHost. But, I actually tackled this as well today; when Jordan pulls in the last pull request, you don’t even need to add a serverName directive.
Feel free to do whatever you want, but I actually think it makes a lot of sense to use it.
For the VirtualHost with 50 domain names, the old mod_cfml would have created 50 Hosts in Tomcat. Mod_cfml 1.1 creates only one host, and adds the domain names as host aliases, which has very little overhead in Tomcat. Adding such an alias, only on the first request, takes max. 300 msecs.
Kind regards,
Paul KlinkenbergOp 28 mei 2015, om 16:13 heeft Brad Wood <@Brad_Wood> het volgende geschreven:
Thanks for the reply Paul. Honestly, I’ve been a little reticent to use mod_cfml since I’ve run into people having issues with it-- thread safety things when multiple sites start up at once, and delays before contexts are configured. Since I have a smallish number of static sites on my server, I prefer to simply configure them manually.
If I can’t use an IP address, I don’t think it will work anyway. One site I’m setting up now has like 50 domain names that all resolve to the same IP. That IP is bound to a single, generic redirect site. Even if I could add all the possible hostnames, I don’t want to. In IIS, I always just bound my site to the generic “redirect” IP and was done with it. Not putting any specific hostnames in Apache or Tomcat allowed me to add additional redirect domains at any time with no config changes.
Thanks!
~Brad
ColdBox Platform Evangelist
Ortus Solutions, Corp
E-mail: brad@coldbox.org mailto:brad@coldbox.org
ColdBox Platform: http://www.coldbox.org http://www.coldbox.org/
Blog: http://www.codersrevolution.com http://www.codersrevolution.com/
On Thu, May 28, 2015 at 1:46 AM, Paul Klinkenberg <@Paul_Klinkenberg mailto:Paul_Klinkenberg> wrote:
Hi Brad,
I only have an answer to question 2: is there a simpler way.
I am currently busy on getting the new docs out for mod_cfml version 1.1, which adds support for what you are looking for.
It sends an extra header to the Tomcat valve, which contains a unique name for the httpd Virtualhost (the “ServerName” of the httpd VirtualHost / the context-id in IIS). On the Tomcat side, we only create one Host for each unique name, and add all hostnames as a host alias.
You’re very welcome to try it out; the docs will be online in the coming weekend.
The only thing you need to take into consideration when using mod_cfml this way, is that you need to set an explicit ServerName in each httpd VirtualHost. If you don’t, then httpd will resolve the ip address, and use that result as the ServerName. Which is probably the same result for all local ips, which would result in only one Host on the Tomcat side.
Kind regards,
Paul Klinkenberg
Op 27 mei 2015, om 20:14 heeft Brad Wood <@Brad_Wood mailto:Brad_Wood> het volgende geschreven:
I’m trying to duplicate the IIS behavior I used to do with Adobe CF where a server with 5 sites would get 5 IPs assigned to it-- one for each site. Then in IIS I would bind each site to the IP I wanted, and I could also specify hostnames as well to keep people from trying to to screw with my site by using a fake hostname on the correct IP. For security, I would only allow CFIDE/administrator to be accessible on the default which was only bound to an internal IP on the box that wasn’t NATed anywhere outside.
I’m looking to replicate this same setup of enforcing a particular site to only respond on a specific IP, but it’s a little trickier with Lucee running on Tomcat behind Apache. I’m using a reverse proxy to an AJP listener. I can bind my Apache virtualhosts easy enough, but by default they all proxy to the same AJP listener which uses the HTTP host header to match the correct Tomcat host. My first issue is that Tomcat’s server.xml requires an actual hostname. I can’t just specify the IP address there unless the user is actually typing the IP in their browser. If I enter the host names in Tomcat that “works” but doesn’t prevent someone from accessing the “local” secure site by just faking a host name on the wrong IP with a simple host file entry.
The workaround I’ve got right now is to have multiple tags, each with a different AJP listener on a different port. Then my apache virtual hosts proxy to a specific AJP listener to “lock” the Apache virtualhost and Tomcat host together.
So the questions are:
How are other people accomplishing this (or are they)?
Is there a simpler way?
Will something bad happen inside of Lucee like the engine being loaded twice due to two tags?
Should I be using a different “name” attribute or does that not actually get used anywhere?
Thanks!
~Brad
–
You received this message because you are subscribed to the Google Groups “Lucee” group.
To unsubscribe from this group and stop receiving emails from it, send an email to lucee+unsubscribe@googlegroups.com mailto:lucee+unsubscribe@googlegroups.com.
To post to this group, send email to lucee@googlegroups.com mailto:lucee@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/de672e28-10de-4187-b2d3-53637c1e39fd%40googlegroups.com https://groups.google.com/d/msgid/lucee/de672e28-10de-4187-b2d3-53637c1e39fd%40googlegroups.com?utm_medium=email&utm_source=footer.
For more options, visit https://groups.google.com/d/optout https://groups.google.com/d/optout.
–
You received this message because you are subscribed to a topic in the Google Groups “Lucee” group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/lucee/IQW35p60fXQ/unsubscribe https://groups.google.com/d/topic/lucee/IQW35p60fXQ/unsubscribe.
To unsubscribe from this group and all its topics, send an email to lucee+unsubscribe@googlegroups.com mailto:lucee+unsubscribe@googlegroups.com.
To post to this group, send email to lucee@googlegroups.com mailto:lucee@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/615C47E8-EA85-49D0-BE97-A39203667592%40ongevraagdadvies.nl https://groups.google.com/d/msgid/lucee/615C47E8-EA85-49D0-BE97-A39203667592%40ongevraagdadvies.nl?utm_medium=email&utm_source=footer.
For more options, visit https://groups.google.com/d/optout https://groups.google.com/d/optout.
–
You received this message because you are subscribed to the Google Groups “Lucee” group.
To unsubscribe from this group and stop receiving emails from it, send an email to lucee+unsubscribe@googlegroups.com mailto:lucee+unsubscribe@googlegroups.com.
To post to this group, send email to lucee@googlegroups.com mailto:lucee@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/CALbQ1omOOCfVwdVrh6tRT0Pg2MOOitR05xe5F38eaiku%3D21-5g%40mail.gmail.com https://groups.google.com/d/msgid/lucee/CALbQ1omOOCfVwdVrh6tRT0Pg2MOOitR05xe5F38eaiku%3D21-5g%40mail.gmail.com?utm_medium=email&utm_source=footer.
For more options, visit https://groups.google.com/d/optout https://groups.google.com/d/optout.