Hi all. I’m looking to make a backend in my NGINX server, for a website that only gets a few views. Right now I’m managing the files of the site using Git, with /var/www/ as the folder on github. I’m looking to create an ip logger to plot onto a map, and I’m wondering if there are any problems with hosting it on /var/www. My main concerns are if it’s accessible to other users or if it’ll slow down NGINX. I’m absolutely able to do it in another folder, but I am wondering if there are any problems with keeping any files in /var/www. To my knowledge, only past /var/www/html is viewable by a connection.

Thanks!

    • SteveTech
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      You’re right, unless there’s some vulnerability, /var/www isn’t accessible by visitors when /var/www/html is configured as the web root in nginx. However if they are files that visitors shouldn’t access I probably wouldn’t put them in /var/www, but I guess at least you could chmod them like the previous commenter said, so that nginx can’t read them.

    • msage
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      If you have a git folder anywhere, always put files accessible to public to /var/www/project/public and have document root point to the public directory.

      nginx won’t let users traverse upwards. Even if you only have static files, exposing /var/www/project as document root makes .git folder accessible.

      If you have any server side processing, you put only the barest minimum in the project/public, as the server can load dependencies from project/src, but nginx won’t let outsiders access those files.