Domain masking/pointing to a directory of a web application?

I built a LAMP web application that let's users create their own profile page where they can upload their resume and portfolio. The url for a person's profile will be something like

http://jobbank.com/user/johndoe

John Doe registers the domain name http://johndoefreelancer.com and he wants it to point to http://jobbank.com/user/johndoe. Anyone who visits johndoefreelancer.com should not be aware that it's driven by http://jobbank.com/user/johndoe. This means that the browser url should persistently show addresses such as:

http://johndoefreelancer.com/aboutme (really points to jobbank.com/user/johndoe/aboutme) http://johndoefreelancer.com/portfolio (really points to jobbank.com/user/johndoe/portfolio)

Additionally, clicking on any links [a href=""] should keep you at johndoefreelancer.com instead of sending you to jobbank.com.

My question is, what is the best way to achieve this?

I'm considering: 1) Give instructions to users on how to domain forward with masking

2) Instruct users to fillout the field $homeUrl in their User Profile information, which is saved to the database

3) In my PHP code, if $homeUrl exists, replace all [a href="$_SERVER['HTTP_HOST']"] with [a href="$homeUrl"]

Is this the right approach? Is there a better way?

Hi,

The only practical way i could think of in the moment is:

add a field in the users Profile for a domainname
tell the users to let point the DNS host entry to your IP (or the main domainname of you)
create a virtual host which is the FIRST of alle vhosts you might have. (*)
in this virtual host create an index.php script which looks up the requested domainname in the user profile and display the page.

You might need to implement a switch for the urls you print on the page. eg. if you came over the special index page use / as "base href", in all other cases /user/username is "base href"

*) If apache gets a request for a name it dont know (because its no ServerName|Alias of an vhost, it uses the first Vhost as fallback.

RE: #1 - what's wrong with CNAME dns records for this purpose? Name based virtual hosts are messy to maintain with the kind of usage he's looking for, not to mention security would be a nightmare. From what I understand, he's looking for an automated way to achieve the above (without him having to approve each and every one of these).

Lior Cohen 2009-08-08 22:28:10

RE: /user/johndoe, I agree. There's no point in doing these regardless of how the domains are set up. +1 here, -1 above = 0.

Lior Cohen 2009-08-08 22:32:05

My understanding is that OP's users are buying their domains elsewhere. How is CNAME going to help? Name-based virtual host setup is easily automated in DNS; I'm not sure what you mean by "security nightmare" - it's not like OP's users are going to be involved in any way. The only somewhat messy thing here is mod_rewrite setup (IF he goes with /user/johndoe scheme).

ChssPly76 2009-08-08 22:38:49

As the owners of the domain they have bought, they have the ability to set up CNAME records that point from their domain to another domain. E.g. sub.mydomain.com -> jobbank.com. Having a large amount of vhosts that are created in an automated fashion = possible performance penalty. Such a performance penalty could potentially be used for attacks. vhosts are simply not meant to be used that way. A more scalable approach would be using mod rewrite, minus the /user/johndoe scheme, to redirect these requests to a single, controlled entry point (php script, in this case).

Lior Cohen 2009-08-08 23:32:55

Re: CNAME - fair enough, though I honestly don't see much difference between that and using A to point to an IP. I'm not so sure about "vhost performance penalty", though - where would that be incurred? In BIND? In Apache? Can you provide a link that would back that up? Same with "potentially be used for attacks" - if someone's going to instigate DOS attack, vhosts or no vhosts are unlikely to be a deciding factor.

ChssPly76 2009-08-08 23:57:00

the only plus point of a CNAME would be to let it point to eg. www.domainname.tld. Which is a good thing if domainname.tld has to change its ip, no customer has to change his dns setting.

Rufinus 2009-08-09 00:28:04

In Apache. The amount of ram used by apache grows with the amount of vhosts, unless wildcards or SQL based vhosts are used (google around for these). Without using the options above, restarting apache would be required to activate the newly added vhosts. Security != wildcards in general. I suppose you are right about vhosts not being a parameter when DOS attacks are always available, a good point there. See the next comment.

Lior Cohen 2009-08-09 00:40:05

Another consideration is that using vhosts, an additional "headache" is added in the form of having to handle dynamic creation. A much cleaner approach would be handling all of this using a simple .htaccess file with mod_rewrite and a PHP script as entry point. No need to handle apache, vhosts, wildcards and other vegetables. More predictable = more secure, scalable and easier to implement.

Lior Cohen 2009-08-09 00:44:01

@Rufinus - you're right. Just to clarify the whole "vhost" issue - I didn't mean creating individual `<VirtualHost>` entry for every domain name. I meant using `NameVirtualHost *:80` directive and adding a `ServerAlias` / rewrite rules for each domain.

ChssPly76 2009-08-09 00:47:13

@Lior - I type way to slow :-( I've clarified my point re: vhosts above. You're right with regards to .htaccess - it's definitely better as there's no need to restart apache.

ChssPly76 2009-08-09 00:50:31

@Rufinus: +1 for CNAME remark above.

Lior Cohen 2009-08-09 01:01:39

Thanks everyone, I've never worked with vhost before, so I'll see if my 3rd party webhosting (it's on a shared server) will allow it.

John 2009-08-09 02:27:08

ansaurus

tags:

views:

answers:

Domain masking/pointing to a directory of a web application?

related questions