|
I'm throwing in the towel on
this question. I've been puzzling over how and why Apache changed its default
document root location and trying to figure out how that would affect me for
weeks now. But no matter how much research I do the best I've been able to do
is to find occasional obtuse references to the new DocumentRoot in Apache which
seems to be /var/www under server 2.x.x with NO explanation at all as to why it
was changed or what I should do with existing Domains as I migrate them to my
new server. I remember someone
mentioning in a post I made weeks ago that the ownerships and permissions on my
web directories seemed odd. His remarks suggested he thought all web
directories ought to be owned by www-data and have permissions of 755. But he
never explained why he thought that was true or what he feared might happen if
it WASN'T true. Nevertheless, I remember him hinting he thought it might have
long term security implications. Unfortunately he provided no
references or source links to study up on this subject and I had NO CLUE where
to look for such information either. So I made a note of his comments and
concluded I would watch for information about this in my readings and research
because I figured SOMEWHERE along the line I'd run into this again. Perhaps I should explain
that on my old RedHat 7.2 server running Apache 1.2.something all web accounts
and documents existed in /home/www/mydomain or /home/www/yourdomain or
/home/www/theirdomain and each account at that level was owned by the site
owner. Directories above that in the tree (e.g. /home/www and above) were all
owned by root. In many cases permissions in the html directory and below were
either 744 or 644 and had been that way for years without causing trouble on my
old dedicated server. However, the www-data user and group did not exist there.
There were secondary links to individual web directories in the site owner's
home directory (e.g. /home/mydomain had a link to /home/www/mydomain, etc.). There was also another
directory link (synonym) at the top of the directory structure (/) named /www
that linked to this same structure. Thus, doing cd /www/mydomain was equivalent to doing cd /home/www/mydomain or cd /home/mydomain/www Since I had no idea when I
started setting up my new server that Apache2 on Debian Etch made a DIFFERENT
set of assumptions about where web files would be located and who would own
them, and I had a couple of dozen sites (not to mention a long list of
preconfigured software and shell scripts) that that were built around the old
www structure, I naturally started setting up my test domains using the web
directory structure I was familiar with. In fact, I already had 3
domains converted and working using that old structure before I heard anyone
even mention www-data and /var/www Up until now I could ignore
the differences because I'd managed to get everything working fine. But now
I've reached a fork in the road. And I'm not sure which way to go here or even
whether I should be concerned about this. One thing I know is I LOATH
the idea of changing the basic directory structure for all my old sites unless
there's a darn good reason to do so. If I do that, it could be YEARS before I
manage to find and fix all the configuration and setup parameters and shell
scripts that will need to change because I did so. Can someone please tell me
whether I really NEED to be worrying about this? And if making this change in
all my existing sites and scripts and software apps is desirable to improve
security (i.e. if the move to the new www-data and /var/www is important),
please tell me WHY it is. Truthfully, I don't doubt the person who suggested
this. I just don't understand why this change is so important or what I gain by
making it. Can YOU explain the reasons
for this shift and clarify how Apache 2.x.x now assumes things should be set-up
and can you tell me why it's important? Or, can you advise me on what to do
here based on your own experience? Thanks! |
|