Using /var/www vs. /srv vs. /home/user/public_html
Have to decide whether to use /var/www or /home/user/public_html to store website is my question. I have read conflicting information /home/user/public_html: 1) opens up more access to your system. 2) Creates a longer search time for files.
If I use /srv directory it is just linked to /var/www and if i upgrade Apache I don't have to worry about wiping out my sites? Can you please give me the pros and cons regarding where to physically put web files for public access. If I don't use /home/user/public_html then I only need a small /home partition since I will be the only one building web pages and have seperate desktop. Also this slackware box has 2 160gb ata hdd so whether or not i use /var/www I should put it on its own partition for security precautions? Finally can anyone tell me how to mount /tmp no dev instead of with default? Thank you |
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
|
Thank you Hangdog42 your detailed and helpful response.
|
I know i marked this thread as solved but maybe i can just get the answers to these basic questions?
I google and the first question did not generate much. I'm looking at Apache site but some of it is really hard to read if you find the topic answers At the risk of sounding stupid I am going to ask anyway what is the difference between DocumentRoot and UsrRoot? How does the function of DocumentRoot and UsrRoot affect the use of /var/www as opposed to /srv/www? I know this is really basic but I need to understand it. If I am using /srv/www then it gets its' own partition, right? |
Quote:
Quote:
You can set DocumentRoot to point to whatever directory you like. If you do this at the system level (httpd.conf), that is used as the system default. However, it can be overridden by setting up a virtual host with its own DocumentRoot. In that case, the virtual host DocumentRoot applies to that virtual host only. Quote:
|
I guess he means UserDir instead of UsrRoot, which gives ability for any user on your system to host files on your apache by using their directory /home/userlogin/public_html. Files there can be accessed trough your webserver at: http://your.server/~userlogin
About the security measures you were worried about: Allowing that public directory to be served by apache will depend on how you setup your apache and also about how you trust your users, bad people would be able to exploit your system with malicious scripts. |
Quote:
|
Here is the link I was looking at:
http://wiki.apache.org/httpd/DistrosDefaultLayout So the question was supposed to be what is the difference between 'ServerRoot' and 'DocumentRoot"? Seems I was up too long comparing distro layouts because I was trying to follow a centos virtual hosting tutorial; here: http://www.xenocafe.com/tutorials/li...rver/index.php What I meant by this question Quote:
FYI previous questions answered by Hangdog42 provided satisfactory clarity and instruction, just the use of /srv/www instead of /var/www since slackware has a ready /srv directory that's not reference in tutorials? Thanks and sorry for the mix up. |
Quote:
Quote:
|
Understand now!
Yes Hangdog42 I did notice in slackware /srv has /srv/http and /srv/www this is why I wondered why tutorials weren't describing it's use? Understanding that /srv, /srv/http, /srv/www are softlinks(meaning just a link to /var/www and /var/http, gave rise to my questioning whether I could put web pages in a directory that was just a link to /var/www and /var/http. I understand now the Key is which I set as DocumentRoot in httpd.conf and ServerRoot is always ./usr because that is where all programs live in slackware.
Quote:
Why would I make system DocumentRoot different than the virtual host's? Another terminology distinction I am not clear on HTTP vs. WWW? My 2wire gateway router's firewall settings for HTTPS Server provides as default port 443 and WWW Server default port is 80 (or the other way around)? In reading I understand port assignments in linux refer to 443 as secure and 80 as not using SSL, I understand this. When I read HTTP to me is the equivalent of Apache server, while i understand http literally means hyper text protocol. Is there some other technical distinction I need to understand? Once i get the web server working First priority is getting 'slackware for beginners forum' running. Do you use Dupral or lvm? Do you have mysql on the same box with your web server? lol Thanks Hangdog |
Quote:
Quote:
Quote:
Quote:
Quote:
Apache is pretty secure out of the box, but you might consider looking at something like mod_security to lock it down more. You also should think about detecting intrusions. I don't know if you want to go for a full-fledged IDS like Snort or a more simple system file monitor like Aide. The point is that if you have a web server attached to the internet, it WILL be attacked and people are looking for vulnerabilities in programs like Drupal or Joomla. Basically you want to be able to discover if an attack has happened and have a recovery plan in case you are cracked. You also want to have a process for keeping your server fully patched. Slackware makes that really pretty easy with slackpkg, but you do have to make sure you run it regularly and/or read the Slackware changelogs. |
Great job posts Hangdog42, I certainly will not put any services online without appropriate permissions, iptables, limit of ip and port forwarding and other forms of security I've been reading about. Here is a link defining http & https:
http://www.biztechmagazine.com/article.asp?item_id=277 Here is a great basic video tut I really enjoyed "Set up a secure virtual host in Apache" http://video.google.com/videoplay?do...29322494607612 |
All times are GMT -5. The time now is 06:49 PM. |