Hi all. I’m looking to make a backend in my NGINX server, for a website that only gets a few views. Right now I’m managing the files of the site using Git, with /var/www/ as the folder on github. I’m looking to create an ip logger to plot onto a map, and I’m wondering if there are any problems with hosting it on /var/www. My main concerns are if it’s accessible to other users or if it’ll slow down NGINX. I’m absolutely able to do it in another folder, but I am wondering if there are any problems with keeping any files in /var/www. To my knowledge, only past /var/www/html is viewable by a connection.

Thanks!

  • The Bard in Green@lemmy.starlightkel.xyz
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    2 years ago

    Slow down NginX

    I don’t see why it would, /var/www is exactly where I would put it.

    Accessible to other users.

    By default /var/www should be owned by root, with read and execute permissions for the group and execute permissions for other users (so the webserver can run the files in there). You can tweak this with chmod, and mess with who’s in the groups and who’s not.

    • carrotOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 years ago

      Sorry, by accessible to users I mean visitors. Some sort of example.com/../.git shouldn’t be possible up to my knowledge.

      • SteveTech@programming.dev
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 years ago

        You’re right, unless there’s some vulnerability, /var/www isn’t accessible by visitors when /var/www/html is configured as the web root in nginx. However if they are files that visitors shouldn’t access I probably wouldn’t put them in /var/www, but I guess at least you could chmod them like the previous commenter said, so that nginx can’t read them.

        • carrotOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          2 years ago

          Ahh I see. I never considered the config file. Thank you for the help!

      • msage@programming.dev
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 years ago

        If you have a git folder anywhere, always put files accessible to public to /var/www/project/public and have document root point to the public directory.

        nginx won’t let users traverse upwards. Even if you only have static files, exposing /var/www/project as document root makes .git folder accessible.

        If you have any server side processing, you put only the barest minimum in the project/public, as the server can load dependencies from project/src, but nginx won’t let outsiders access those files.