Page 1 of 1

root directories (formatted clearly this time)

Posted: Sat Jul 20, 2019 4:39 pm
by racerlupine
(Let me try that again...next time I'll remember to Preview before I Submit...thanks for your patience...)

I've had Sonic as my ISP for several years. I was running a small private site at racerlupine.users.sonic.net/home/ . Recently I started hosting my domain on Sonic, and moved my site over to the domain at slavehouse.org/* . So the (abridged) top of my tree is:

WWW_pages
-+racerlupine
---+home
-----+pub
-----+RL
-----+XIII
---+slavehouse.org
-----+home
-----+pub
-----+site
-------+txt

1. "racerlupine" is my root directory, okay, but seems to me "slavehouse.org" should be the root for everything underneath that. But that appears not to be the case.

2. I need a directory that's not web visible for password files and stuff. If I chmod racerlupine to hide it from users won't that affect all the subdirectories too?

3. On my Apache install at home "htdocs" is the server root directory. That (abridged) tree is:

Apache24
-+bin
-+cgi-bin
-+files
-+htdocs
---+home
-+logs

...so I made a subdirectory "files" in "Apache24" for files I need but don't want web visible. Can I do something similar on Sonic?

Thanks in advance.

RACER

Re: root directories (formatted clearly this time)

Posted: Mon Jul 22, 2019 4:49 pm
by drew.phillips
1. You now have 2 web roots. One for "mini hosting" racerlupine.users.sonic.net (/home/WWW_pages/racerlupine) and then one for your virtual hosting directory located at slavehouse.org (/home/WWW_pages/slavehouse.org).

2. Setting restrictive permissions on one of the root directories may prevent Apache from accessing subdirectories so I would not recommend that.


For any directory you don't want visible on the web, you can add the following to a .htaccess file in that directory:

Code: Select all

<IfModule !mod_authz_core.c>
    Order Allow,Deny 
    Deny from all 
</IfModule>

<IfModule mod_authz_core.c>
    Require all denied
</IfModule>
This will prevent any clients from being able to access the contents of that directory, and any subdirectory.

For example you could store the files in /home/WWW_pages/racerlupine/private/ and add the .htaccess with the deny rules there. No one will be able to access that directory except for your code and .htaccess files referencing any passwd files there.

Re: root directories (formatted clearly this time)

Posted: Mon Jul 22, 2019 9:46 pm
by racerlupine
Drew,

This is just what I was after, many many thanks.

RACER