Hello,

I have a VPS (Mosso Cloud Server) that is administered and monitored by Platinum Server Mgmt. I have CentOS 5 and Apache 2.2 installed.

I requested that my Document Root be set to /var/www/JPDemole.com/ and also a subdomain setup to /var/www/test.JPDemole.com/

They responded by telling me that it would, "[This would] cause a problem with the permissions and that it will be a permissions conflict if you set them to /var/www/. For security and compatibility purposes, they should be in /home/username/.... It can be put anywhere in there."

This is the first time I've been involved with any server administration, but while coding on numerous private vps's before, they had a setup similar to what I was requesting.

Am I incorrect in my understanding of the previous situations and the Mgmt company is in fact correct?

Thanks,
JP

From my understanding, the management company is likely correct. For Apache, it doesn't matter (much) where files reside, as long as the apache config files point the correct domain to the correct disk location. For example, www.JPDemole.com could point to /home/JPDemole/Productionserverdirectory and test.JPDemole.com could point to /home/JPDemole/TestServerDirectory. The contents of those directories are completely under your control, so what the users see when they get to either www or test would depend on what you had there.

Hm... if you're correct, then wouldn't that make me correct? Meaning, apache doesn't care where the files are as long as you point the DocumentRoot to the directory.

They said that it MUST resides somewhere in the /home/user/ directory. I was requesting it be placed in the /var/www/ directory. I understand on a shared network that allowing users to place files outside their user area is prohibitive, but since it's my own private server, I don't see the problem.

Right now, they're looking into it, so we'll see.

That's obviously untrue from a technical standpoint. Perhaps they have a formal policy that encourages a DocumentRoot residing in users' home directories? And they enforce it on both shared and exclusive servers for consistency? Dunno.

I suspect it does boil down to a security issue that they simply don't want to deal with. By having the files in /var/www, you would have to have read-write access, which you probably don't currently. By keeping this in your /home directory (where you presumably already have read-write access) security doesn't change. It could also be they have monitoring systems (like samhain) that look for changes in the system files. For a lot of these, you can customize which directories are watched, and if they watch /var/www, then they would either have to NOT watch it or deal with a lot of false-positives from your changes.

At any rate, the larger point I was trying to make is that since it doesn't matter where the files are, insisting on /var/www is simply a waste of time. There is absolutely no reason to prefer /var/www over any other location and I suspect you aren't going to get very far with this as the provider is they one who has to deal with the security issues.

That makes sense - the monitoring and such. As I said, not too knowledgeable in the way on actual admin skills... just enough to be dangerous I suppose.

The only reason for the /var/www/ was for personal preference of organization. Old habits I guess.

Thanks for the responses guys. Great stuff.

D