On 4/23/23 15:08, Chris Adams wrote:
Once upon a time, Patrick O'Callaghan <pocallaghan@xxxxxxxxx> said:
httpd: could not open error log file /var/www/bree.org.uk/error.log
Putting the log under /var/www is very bad practice, as that could be
remotely accessible now (and share all kinds of useful information to
attackers). Rather than do that, and disable SELinux protections, you
should put your logs under the log directory, /var/log. If you don't
like the default permissions on /var/log/httpd, you can make another
directory, but still under /var/log (and not accessible over the web).
Chris and others earlier,
I don't understand how his logs are accessible to the web. They are not
under the DocumentRoot. error.log is above it and access.log is next to
it. Is it somehow possible for a client to reach above / ?
If so, let me know how. I like to package my VirtualHosts so everything
is in one zippable, portable package. If my stuff is in the wind I'll
need to make some changes.
path/to/domain/DocRoot
path/to/domain/conf
path/to/domain/acc (link to /var/log/httpd/domain/access.log)
path/to/domain/err (link to /var/log/httpd/domain/error.log)
Thanks in advance,
Mike
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
