Your comments are "right on" here, Lester. I think we become our own enemies when we mindlessly follow the layouts provided by distro authors or hosting providers like a school of lemmings hell bent on destruction. That makes it easy for ANYONE who knows the way our distro providers or server hosts do things to hack our servers in seconds using standard scripts. I had that happen more than once at my old hosting provider and I'm convinced it was an "inside job". There's really nothing wrong with what Apache or Debian did. It's just that I didn't go to all this work to make it easy for anyone to hack my server. Thanks very much, but I prefer to dance to the beat of a different drummer. I agree... rigid conformity at these levels is not necessarily a good thing. Thanks. -----Original Message----- From: Lester Caine [mailto:lester@xxxxxxxxxxx] Sent: Tuesday, September 02, 2008 11:15 PM To: users@xxxxxxxxxxxxxxxx Subject: Re: Why do I need /var/www as DocumentRoot & www-data as www owner? Greg Platt - Platt Consultants wrote: > I'm not arguing for or against what Debian did. One thing I can say is their > approach provides an individual VirtualHost file for each domain. It thus > tends to isolate any damage that might be done in editing httpd.conf to a > single domain. It also makes it easy to disable one domain using their > a2dissite utility without any risk of affecting other domains. > > Other than that, I honestly don't care. I was actually quite comfortable > with the httpd.conf approach too. I wasted several hours when I first got > involved with Debian trying to figure out exactly how their setup differed. > > Indeed, it was just after I'd gone through the struggle of figuring all that > out and had gotten my 3 test sites working under the Debian paradigm that > another Debian user remarked about my "unusual" directory structure and > expressed the opinion that the entire web structure "should be" owned by > www-data and all sites should be under /var/www. It was at that point that I > began to worry I had somehow misinterpreted Apache and Debian's intent here. > > That's what eventually lead to my first post here today. I think that there is a little too much 'THIS is the right way!' on some of the DISTRIBUTIONS of Apache ( and PHP ), but now that I've got used to the /etc/apache2/ layout ( on SUSE in my case ) I do think it's easier than Mandrivas /etc/httpd/ . Having to bounce between Windows and Linux, trying to emulate some of the Linux ideas in Windows is fun, but worth the effort. Splitting the .conf up does make sense. As for the LOCATION of the target files, I think this is more a case of how each distribution partitions the disk by default. Having /var on the 8Gb root partition means that logging and large sites very quickly fill up the partition, so one almost HAS to move to the 'other' partition which on Mandriva is /home .... Alternatively I dropped a 500Gb disk into one of the servers and partitioned that as /var - I think that will take a time to fill .... At the end of the day the 'target' users of a distribution determine it's preferred default and many of them are targeting 'desktop' over 'server' so NOT providing the most practical layouts for running Apache. -- Lester Caine - G8HFL ----------------------------- Contact - http://lsces.co.uk/lsces/wiki/?page=contact L.S.Caine Electronic Services - http://lsces.co.uk EnquirySolve - http://enquirysolve.com/ Model Engineers Digital Workshop - http://medw.co.uk// Firebird - http://www.firebirdsql.org/index.php --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx