Outside of document root

jws2bay
jws2bay used Ask the Experts™
on
I am trying to install Phpki on a SME-Server.   In the initial Setup screen I is asking the following.

"Storage Directory *
Enter the location where PHPki will store its files. This should be a directory where the web server has full read/write access (chown phpki ; chmod 700), and is preferably outside of DOCUMENT_ROOT (/opt/phpki/html). You may have to manually create the directory before completing this form. "

It gives the example of :

"/opt/phpki/phpki-store"

The server's Primary Dir has three  folders

Primary -  cgi-bin
               -  html
               -  folder  -  phpki-store


I was thinking  about putting  phpki-store under folder which is at the same level as the html folder,   I'm not sure what they are asking for.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Top Expert 2004
Commented:
I can't really elaborate on the request, since its directions are pretty self-explanatory.  Perhaps you need more information on what the document root is, and why it is important to place/remove assets from that area?

https://httpd.apache.org/docs/2.4/en/mod/core.html#documentroot
https://httpd.apache.org/docs/2.4/en/urlmapping.html#documentroot
https://httpd.apache.org/docs/2.4/en/urlmapping.html#outside

The idea is that Apache will serve assets from the configured document root - a directory being recognized as the top level of your website's folders.  In terms of the website, the document root is "/" - the literal root of the site's directory structure.  While there are ways for Apache to access assets outside that document root, it would require additional configuration to make that possible.  This means that, by default, anything in the document root is "serve-able", and anything not in the document root is not.

This request is telling you to create a folder outside the document root, but still owned by the web server.  This does two things: makes sure any assets in these directories are not able to be served by default, and allows the web server and its processes to read or write whatever it wants without restriction.  This folder is probably slated to be the data directory for this software - not meant for public view and possibly sensitive, but still requiring full access to maintain.

Author

Commented:
I'm not sure what they wanted me to do.  The example they provide already exist.  I just left it alone and everything seem to work.  May be an old comment.  Thanks for the help.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial