Mixed domains on Google search results when using Apache with multiple Virtual Hosts

July 24, 2019 No comments Virtual Host Apache Google

1. Overview

In this article, we will describe the problem with mixed domains on the Google search results when using Apache multiple virtual hosts configuration. We will showcase a real-life example of this situation, that we actually faced with our domains lately.

2. Domains configuration

To present the problem in a simplified form lets assume we have two domains configured on one IP address: domain1.com and domain2.com.

The index.html page for those domains have the following titles (this will be important to show how messed up search results were):

  • Domain1 Home Page - Domain1
  • Domain2 Home Page - Domain2

Initially, domains are configured as virtual hosts on one server (one IP address) using Apache, so we have two files:

/etc/apache2/sites-available/domain1.com.conf
/etc/apache2/sites-available/domain2.com.conf

with the following configuration:

<VirtualHost *:80>
    ServerAdmin admin@domain1.com
    ServerName domain1.com
    ServerAlias www.domain1.com
    DocumentRoot /var/www/domain1.com/public_html
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:80>
    ServerAdmin admin@domai2.com
    ServerName domain2.com
    ServerAlias www.domain2.com
    DocumentRoot /var/www/domain2.com/public_html
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

When all domains are configured to serve data with HTTP protocol ONLY, we DON'T HAVE ANY ISSUES. Everything is working fine, and search engines are correctly indexing content of those domains and treat them as separate sites.

The situation changes when we try to add security configuration (HTTPS) JUST FOR ONE domain. In our case domain domain1.com will get additional SSL configuration:

<VirtualHost *:443>
 ServerName www.domain1.com
 DocumentRoot /var/www/site
 SSLEngine on
 SSLCertificateFile /path/to/www_domain1_com.crt
 SSLCertificateKeyFile /path/to/www_domain1_com.key
 SSLCertificateChainFile /path/to/DigiCertCA.crt
</VirtualHost>

3. Mixed search engine results

When only one domain (domain1.com) is configured to establish SSL connections it doesn't mean we can't request another domain (domain2.com) using HTTPS protocol. In fact, https://domain2.com will give the 'Connection is not private' result in the browser, not 404 Page not found error. Connection is not private

The Advanced section contains information about certificate generated not for domain2.com but for domain1.com. This is probably the reason search engines gets totally lost and we will get very strange searching results, like:

  • mixed titles

    Domain1 Home Page - Domain1 - Domain2
    https://domain2.com
    
  • mixed articles

    Domain1 Article - Domain1
    https://domain2.com/article-from-domain1
    
  • mixed domains

    Domain1 Home Page - Domain1
    https://domain2.com
    

4. Cleaning the mess

We don't have to explain anyone that this strange situation will have a huge impact on the SEO of your websites. So how to get rid of this problem fast? The solution is simple. When we use virtual hosts and want to set up a security protocol for one domain, others should also have SSL connection established.

In our case we need to add SSL configuration also for domain2.com:

<VirtualHost *:443>
 ServerName www.domain2.com
 DocumentRoot /var/www/site
 SSLEngine on
 SSLCertificateFile /path/to/www_domain2_com.crt
 SSLCertificateKeyFile /path/to/www_domain2_com.key
 SSLCertificateChainFile /path/to/DigiCertCA.crt
</VirtualHost>

And thats it, after few weeks search results should back to normal.

5. Conclusion

This article presents a strange situation of mixing results by Google from two different domains when using multiple virtual hosts on one server, with one dedicated IP address. Fortunately, this situation is manageable, we must remember that when we want to set up a SSL connection for one domain others also need to have a secure configuration set up.

{{ message }}

{{ 'Comments are closed.' | trans }}