[Discuss] one vs many static IP addresses
Edward Ned Harvey (blu)
blu at nedharvey.com
Mon Jan 4 08:56:26 EST 2016
> From: Discuss [mailto:discuss-bounces+blu=nedharvey.com at blu.org] On
> Behalf Of Stephen Adler
>
> the use of apache virtual
> hosting, the question I have is if there is any reason to use more then
> 1 static IP address to run my web and sshd services from my basement
> server?
In the distant past, you needed multiple IP addresses to name based virtual hosting with SSL, but that problem was solved by SNI, Server Name Indication. Some very old clients (old versions of XP, and Android 2, and very few others) still don't support SNI, but those clients are inherently insecure, so maybe it's *good* to drop SSL support for those clients, and make no pretense that anything they do is secure. SNI was introduced in TLS 1.0, which is currently the oldest unbroken version of SSL/TLS. Anything older than TLS 1.0 is SSLv2 and SSLv3, both of which are deprecated and broken.
If you have more than one physical server (and no firewall/NAT box/load balancer) then you might need more than one IP address.
Aside from these issues, apache can serve all your content over a single IP just as well as it can over multiple IP's.
More information about the Discuss
mailing list