https://bz.apache.org/bugzilla/show_bug.cgi?id=69743
[email protected] changed: What |Removed |Added ---------------------------------------------------------------------------- Version|2.4.64 |2.4.65 --- Comment #36 from [email protected] --- You’re out of your mind! You broke IP-based access to the server over SSL (without SSL everything works) and broke local web development! Now it’s impossible to access a domain by IP if such a config used to work (SSLStrictSNIVHostCheck Off): <VirtualHost 192.168.1.16:443> ServerName example.local ServerAlias 192.168.1.16 SSLEngine on SSLCertificateFile "C:/home/example.local/cert.crt" SSLCertificateKeyFile "C:/home/example.local/cert.key" <Directory "C:/home/example.local"> AllowOverride All Options +Indexes Require all granted </Directory> DocumentRoot "C:/home/example.local" </VirtualHost> With this config, https://example.local and https://192.168.1.16 used to work perfectly (for access from the local network and from a mobile phone). Now access via https://192.168.1.16 doesn’t work, only http://192.168.1.16! And Nginx and Caddy don’t have this kind of nonsense—everything works perfectly there. With such ill‑considered actions, you’re killing your already outdated server. If you wanted to prevent a user from accidentally landing on someone else’s domain, you should have done it like in Nginx—with an additional default_server parameter that defines the default server for an IP. In your case, it’s set to route to the first server that happens to be listening on the IP, and you decided to fight this with a dumb config break instead of a sensible improvement to the program. Terrible approach! -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
