|This article does not cite any references or sources. (February 2008)|
Virtual hosting is a method for hosting multiple domain names (with separate handling of each name) on a single server (or pool of servers). This allows one server to share its resources, such as memory and processor cycles, without requiring all services provided to use the same host name. The term virtual hosting is usually used in reference to web servers but the principles carry over to other internet services.
One widely used application is shared web hosting. Shared web hosting prices are lower than a dedicated web server because many customers can be hosted on a single server. It is also very common for a single entity to want to use multiple names on the same machine so that the names can reflect services offered rather than where those services happen to be hosted.
There are two main types of virtual hosting, name-based and IP-based. Name-based virtual hosting uses the host name presented by the client. This saves IP addresses and the associated administrative overhead but the protocol being served must supply the host name at an appropriate point. In particular, there are significant difficulties using name-based virtual hosting with SSL/TLS. IP-based virtual hosting uses a separate IP address for each host name, and it can be performed with any protocol but requires a dedicated IP address per domain name served. Port-based virtual hosting is also possible in principle but is rarely used in practice because it is unfriendly to users.
Name-based and IP-based virtual hosting can be combined: a server may have multiple IP addresses and serve multiple names on some or all of those IP addresses. This technique can be useful when using SSL/TLS with wildcard certificates. For example, if a server operator had two certificates, one for *.example.com and one for *.example.net, he could serve foo.example.com and bar.example.com off the same IP address but would need a separate IP address for baz.example.net.
Name-based virtual hosts use multiple host names for the same IP address.
A technical prerequisite needed for name-based virtual hosts is a web browser with HTTP/1.1 support (commonplace today) to include the target hostname in the request. This allows a server hosting multiple sites behind one IP address to deliver the correct site's content. More specifically it means setting the Host HTTP header.
For instance, a server could be receiving requests for two domains, www.example.com and www.example.net, both of which resolve to the same IP address. For www.example.com, the server would send the HTML file from the directory /var/www/user/Joe/site/, while requests for www.example.net would make the server serve pages from /var/www/user/Mary/site/. Equally two subdomains of the same domain may be hosted together. For instance, a blog server may host both blog1.example.com and blog2.example.com.
The biggest issue with name-based virtual hosting is that it is difficult to host multiple secure websites running SSL/TLS. Because the SSL/TLS handshake takes place before the expected hostname is sent to the server, the server doesn't know which certificate to present in the handshake. It is possible for a single certificate to cover multiple names either through the "subjectaltname" field or through wildcards but the practical application of this approach is limited by administrative considerations and by the matching rules for wildcards. There is an extension to TLS called Server Name Indication which presents the name at the start of the handshake but browser support for this extension is not yet wide enough for public sites to rely on it (in particular it is not supported by Internet Explorer on Windows XP).
Furthermore if the Domain Name System (DNS) is not properly functioning, it is difficult to access a virtually-hosted website even if the IP address is known. If the user tries to fall back to using the IP address to contact the system, as in http://10.23.45.67/, the web browser will send the IP address as the host name. Since the web server relies on the web browser client telling it what server name (vhost) to use, the server will respond with a default website—often not the site the user expects.
A workaround in this case is to add the IP address and host name to the client system's hosts file. Accessing the server with the domain name should work again. Users should be careful when doing this, however, as any changes to the true mapping between host name and IP address will be overridden by the local setting. This workaround is not really useful for an average web user, but may be of some use to a site administrator while fixing DNS records.
When IP-based virtual hosting is used, each site (either a DNS host name or a group of DNS host names that act the same) points to a unique IP address. The webserver is configured with multiple physical network interfaces, virtual network interfaces on the same physical interface or multiple IP addresses on one interface. The web server can either open separate listening sockets for each IP address, or it can listen on all interfaces with a single socket and obtain the IP address the TCP connection was received on after accepting the connections. Either way, it can use the IP address to determine which website to serve. The client is not involved in this process and therefore (unlike with name-based virtual hosting) there are no compatibility issues.
The downside of this approach is the server needs a different IP address for every web site. This increases administrative overhead (both assigning addresses to servers and justifying the use of those addresses to internet registries) and contributes to IPv4 address exhaustion.
The default port number for HTTP is 80. However, most webservers can be configured to operate on almost any port number, provided the port number is not in use by any other program on the server.
For example, a server may host the website www.example.com. However, if the owner wishes to operate a second site, and does not have access to the domain name configuration for their domain name, and/or owns no other IP addresses which could be used to serve the site from, they could instead use another port number, for example, www.example.com:81 for port 81, www.example.com:8000 for port 8000, or www.example.com:8080 for port 8080.
However this is not a user friendly approach. Users cannot reasonably be expected to know the port numbers for their websites and moving a site between servers may require changing the port number. Using non-standard port numbers may also be seen as unprofessional and unattractive to users. In addition, some firewalls block all but the most common ports, causing a site hosted on a non-standard port to appear unavailable to some users.
Virtual web hosting is often used on large scale in companies whose business model is to provide low cost website hosting for customers. The vast majority of web hosting service customer websites worldwide are hosted on shared servers, using virtual hosting technology.
Many businesses utilize virtual servers for internal purposes, where there is a technological or administrative reason to operate several separate websites, such as a customer extranet website, employee extranet, internal intranet, and intranets for different departments. If there are not security concerns in the website architectures, they can be merged into a single server using virtual hosting technology, which reduces management and administrative overhead and the number of separate servers required to support the business.