httpd.conf in fedora
Paul Howarth
paul at city-fan.org
Tue Mar 15 08:03:30 UTC 2005
On Mon, 2005-03-14 at 19:48 -0500, Mark Weaver wrote:
> Duncan Lithgow wrote:
> > I *have*
> >
> > 1. I've edited /etc/httpd/conf/httpd.conf so it reads ...
> > # DocumentRoot "/var/www/html"
> > DocumentRoot "/mnt/SharedFiles/www"
> > ...
> >
> > 2. I've commented out /etc/httpd/conf.d/welcome.conf
> >
> > 3. the /mnt/SharedFiles/www is owned by 'root' and the 'common' group of
> > which apache is a member.
> >
> > But i still get the content from /var/www/error/noindex.html
> >
> > Something someone isn't working as I expected!
> >
> > Thanks for your patience guys.
> >
> > Duncan
> >
>
> I would think you'd want ownership of the DocumentRoot to be that of Apache.
>
> i.e. apache.apache
>
> instead of
>
> root.apache
>
> Its been my experience having ownership for a web server's document root
> can be rather problematic rather than a good thing to do.
My DocumentRoot (containing only static pages) is owned by root.root.
There is absolutely no need for the apache user to own the DocumentRoot
- it just needs to be able to read static pages. In fact, having the
apache user able to write these files is a security issue because a web
server compromise could result in your content being overwritten.
Paul.
--
Paul Howarth <paul at city-fan.org>
More information about the fedora-list
mailing list