httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Terbush <ra...@zyzzyva.com>
Subject Re: Let's get rid of .htaccess files :-)
Date Thu, 18 Jul 1996 19:14:31 GMT
> Here's my 2 cents worth (although given my level of contribution it
> may only be worth 1/2 cents).
> 
> Randy Terbush writes:
> > One of my goals in this was to move the .htaccess files out of the
> > webspace to improve security and prevent corruption of these files.
> > Secondly, by creating a standard format like this, it would make it
> > very easy to write configuration interfaces. By creating a separate
> > conf/ tree, we reduce the depth of directories we need to search.
> 
> But, this is exactly the problem.  There are at least two general
> philosophies to 'webspace': the web as a filesystem, and the web
> as an interface to files in the underlying file system.  For the
> internet, the first view is prevelant, but for intranets, I suspect
> the second is.  I've worked on a couple of servers where almost
> nothing is in the htodcs directories.  Most (if not all) of the
> data is accessed through ~user.  (Many of which are actually automounted
> from somewhere else.)

~user is tricky, but every server running on the system has a 
DocumentRoot, no? What I have done so far is to map the conf/
relative to a servername and beginning with the DocumentRoot
of that server.

I have always run the ~user area of our system under it's own
Vhost, and have mounted the webspace for those users under
that Vhost's DocumentRoot. Still easily mappable. Works great
for running chroot'ed as well.

I seem to remember that it was Roy that pointed out that the
'~' is evil, and I have since heeded that advice.

[design suggestions deleted]

Good suggestions Howard. Thanks



Mime
View raw message