Outside of document root

I am trying to install Phpki on a SME-Server.   In the initial Setup screen I is asking the following.

"Storage Directory *
Enter the location where PHPki will store its files. This should be a directory where the web server has full read/write access (chown phpki ; chmod 700), and is preferably outside of DOCUMENT_ROOT (/opt/phpki/html). You may have to manually create the directory before completing this form. "

It gives the example of :

"/opt/phpki/phpki-store"

The server's Primary Dir has three  folders

Primary -  cgi-bin
               -  html
               -  folder  -  phpki-store


I was thinking  about putting  phpki-store under folder which is at the same level as the html folder,   I'm not sure what they are asking for.
jws2bayAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Steve BinkCommented:
I can't really elaborate on the request, since its directions are pretty self-explanatory.  Perhaps you need more information on what the document root is, and why it is important to place/remove assets from that area?

https://httpd.apache.org/docs/2.4/en/mod/core.html#documentroot
https://httpd.apache.org/docs/2.4/en/urlmapping.html#documentroot
https://httpd.apache.org/docs/2.4/en/urlmapping.html#outside

The idea is that Apache will serve assets from the configured document root - a directory being recognized as the top level of your website's folders.  In terms of the website, the document root is "/" - the literal root of the site's directory structure.  While there are ways for Apache to access assets outside that document root, it would require additional configuration to make that possible.  This means that, by default, anything in the document root is "serve-able", and anything not in the document root is not.

This request is telling you to create a folder outside the document root, but still owned by the web server.  This does two things: makes sure any assets in these directories are not able to be served by default, and allows the web server and its processes to read or write whatever it wants without restriction.  This folder is probably slated to be the data directory for this software - not meant for public view and possibly sensitive, but still requiring full access to maintain.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jws2bayAuthor Commented:
I'm not sure what they wanted me to do.  The example they provide already exist.  I just left it alone and everything seem to work.  May be an old comment.  Thanks for the help.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Storage

From novice to tech pro — start learning today.