Why does all non matching traffic go to the first VirtualHost rather than the default site config in httpd.conf

Question

I have always wondered why all non matching traffic go to the first VirtualHost rather than the default site config in httpd.conf?

Lets assume httpd.conf has not been edited.

I create a file called /etc/httpd/conf.d/vhost.conf

With the following:

<VirtualHost *:80>
        ServerName website.com
        ServerAlias www.website.com
        DocumentRoot "/site1"
        <Directory "/site1">
                AllowOverride All
                Require all granted
        </Directory>

        Some Rules Here
</VirtualHost>
<VirtualHost *:80>
        ServerName example.com
        ServerAlias www.example.com
        DocumentRoot "/site2"
        <Directory "/site2">
                AllowOverride All
                Require all granted
        </Directory>

        Some Rules Here
</VirtualHost>

This the above example, if you send a request for stackoverflow.com you would get filtered into the first vhost, no matter what the filters are rather than the default website in httpd.conf

What am I missing?

Answer 1

You’re not doing anything wrong; that’s simply how Apache’s Name-based Virtual Hosts work:

After you configure virtual hosts on Apache, the original default web server (if any) becomes just another virtual host; there’s nothing special about the web server that’s configured in httpd.conf. The default virtual host (for an IP address that Apache “listens” to) is simply the first one listed in the Apache configuration file(s):

If you are adding virtual hosts to an existing web server, you must also create a <VirtualHost> block for the existing host. The ServerName and DocumentRoot included in this virtual host should be the same as the global ServerName and DocumentRoot. List this virtual host first in the configuration file so that it will act as the default host.

Also, from the same page:

If no matching virtual host is found, then the first listed virtual host that matches the IP address will be used.

As a consequence, the first listed virtual host is the default virtual host. The DocumentRoot from the main server will never be used when an IP address matches the NameVirtualHost directive. If you would like to have a special configuration for requests that do not match any particular virtual host, simply put that configuration in a <VirtualHost> container and list it first in the configuration file.

---

The best overall description for how Virtual Hosts work on Apache that I have found is An In-Depth Discussion of Virtual Host Matching. This also specifies that,

The first name-based vhost in the configuration file for a given IP:port pair is significant because it is used for all requests received on that address and port for which no other vhost for that IP:port pair has a matching ServerName or ServerAlias. It is also used for all SSL connections if the server does not support Server Name Indication.

The first vhost in the config file with the specified IP address has the highest priority and catches any request to an unknown server name, or a request without a Host: header field (such as a HTTP/1.0 request).