this post was submitted on 22 Jun 2023
4 points (100.0% liked)
Web Development
3441 readers
17 users here now
Welcome to the web development community! This is a place to post, discuss, get help about, etc. anything related to web development
What is web development?
Web development is the process of creating websites or web applications
Rules/Guidelines
- Follow the programming.dev site rules
- Keep content related to web development
- If what you're posting relates to one of the related communities, crosspost it into there to help them grow
- If youre posting an article older than two years put the year it was made in brackets after the title
Related Communities
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
Wormhole
Some webdev blogs
Not sure what to post in here? Want some web development related things to read?
Heres a couple blogs that have web development related content
- https://frontendfoc.us/ - [RSS]
- https://wesbos.com/blog
- https://davidwalsh.name/ - [RSS]
- https://www.nngroup.com/articles/
- https://sia.codes/posts/ - [RSS]
- https://www.smashingmagazine.com/ - [RSS]
- https://www.bennadel.com/ - [RSS]
- https://web.dev/ - [RSS]
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I don't see why it would, /var/www is exactly where I would put it.
By default /var/www should be owned by root, with read and execute permissions for the group and execute permissions for other users (so the webserver can run the files in there). You can tweak this with chmod, and mess with who's in the groups and who's not.
Sorry, by accessible to users I mean visitors. Some sort of example.com/../.git shouldn't be possible up to my knowledge.
You're right, unless there's some vulnerability,
/var/www
isn't accessible by visitors when/var/www/html
is configured as the web root in nginx. However if they are files that visitors shouldn't access I probably wouldn't put them in/var/www
, but I guess at least you could chmod them like the previous commenter said, so that nginx can't read them.Ahh I see. I never considered the config file. Thank you for the help!