I just upgraded my server and saw that the default.conf file in sites-available was now pointing to /var/www/html instead of /var/www. What was the reason for this change?
Asked
Active
Viewed 3.9k times
47
f.ardelian
- 5,632
- 7
- 33
- 49
-
I think u mean the httpd.conf ? – Bobby Feb 09 '14 at 15:24
-
2What did you upgrade from? What did you upgrade to? Check the bug tracker of whoevers package you're using. – covener Feb 10 '14 at 00:02
3 Answers
56
I found the bug report: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730372
The report was filed after this mailing list discussion: https://lists.debian.org/debian-devel/2012/04/msg00301.html
Summary: Site admins usually place sites in /var/www/site.com and there may be sensitive data in /var/www that should not be made available via a web server. All web servers on Debian have been updated to use /var/www/html as default instead of /var/www.
f.ardelian
- 5,632
- 7
- 33
- 49
-
1Love it, no need to read a novel, it is straight to the point, instructive, and explains very well why html is the new default path! Thanks @f.ardelian – Jonathan Gagne Oct 31 '18 at 16:21
28
I edited /etc/apache2/sites-enabled/000-default.conf to fix this (changed the DocumentRoot line).
The reason given for this breaking change is nonsense. Why would a site administrator put sensitive files that aren't supposed to be served to the web in /var/www , of all places? I'm just a developer and I know what that directory does.
If an administrator is lazy or incompetent enough to put sensitive files in /var/www, nothing will stop them from putting those files in /var/www/html now. And since when does Linux break backward compatibility in a useless attempt to prevent administrators from doing really dumb things?
Andrew Koster
- 987
- 1
- 14
- 23
-
3Because it's common for developers to use a path like /var/www/
and to put config files one level above that so they are out of the webroot. A developer following that pattern may not realise that in this environment there's a gotcha. – braks Apr 05 '16 at 00:09
2
I went with the don't fight the power philosophy and just moved all my files from the /var/www to the /var/www/html folder. It all worked fine including the mySQL services. Also keep in mind web hosting services will probably force you to use the html directory.
Peter
- 21
- 1