Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
I have a PHP script running on my LAMP server that requires certain files in order to produce HTML content. The script is publicly accessible (i.e. http://example.com/script.php) but the files required by the script must secured. I could probably place the files in any directory other than /var/www and they would be relatively safe, but I'm trying to learn the Linux filesystem and I'd like to use the most appropriate place (according to FHS). Any help would be great.
After a bit of research, I think I've answered my question. The most appropriate location seems to be /srv (with the addition of sub-directories which properly categorize the data).
/srv contains site-specific data which is served by this system.
http://www.pathname.com/fhs/pub/fhs-2.3.html#SRVDATAFORSERVICESPROVIDEDBYSYSTEM
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 1 hour ago.
Improve this question
In shared hosting, I installed all laravel application files in the root folder (public_html). But also I deny the .env file via htaccess.
So is denying the .env file via htaccess enough for application security?
Do I have to install the app at the same directory level of public_html and do i have to create a symlink?
Thanks!
So is denying the .env file via htaccess enough for application security?
No.
Examples of where this would not be sufficient:
Someone could access files like storage/logs/laravel.log and see potentially sensitive information.
Misconfiguring/breaking PHP on the server would permit users to browse your PHP files as plain text, potentially revealing the entirety of your source code.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 1 year ago.
Improve this question
I've been working on making an RMS (Record Management System) a web based application that has a functionality of CRUD and it is intended to run via localhost that is operated only by one person (admin). The main question is that, is SECURITY necessary on the web app even though it is run via localhost only? If so, what scope should I look into and apply?
Well no not really, if it is just one person. But if you're talking about a localhost which can be accessed remotely through passwords then obviously you would need some sort of security to prevent bypassing of some sort.
But if you want to stay on the safe side of things then maybe just do it anyway because there's never a 0% risk of attack
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 2 years ago.
Improve this question
I'm looking for advice, I'm trying to enable multiple users to upload files to a location and allow admin to download/view these files. I'm wondering what would be the best way to approach this. I have not been able to find much online so I'm reaching out here. If anyone could advise I'd appreciate it.
Thanks
If you haven't done so already, you will want to read the documentation on File Storage
https://laravel.com/docs/7.x/filesystem
This will explain the principles of disks and the various storage facades that are available.
If you want a way of assocaiting different files with specific users, I would suggest the MediaLibrary package by Spatie.
https://docs.spatie.be/laravel-medialibrary/v8/introduction/
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 9 years ago.
Improve this question
I have a LAMP configuration set up in a VM WARE. I am going to transfer files via FTP using transmit client.
Currently I have my files in the following directory
192.133.323.122/website/project/home.php
Do I create a folder in a specific directory?
Usually it'll go in your
your_user_here/var/www
but it doesn't matter really, as long as you know where it is and you know how to reach it.
I would suggest creating a folder with the name of the site, so you can find it easily, so it'll be something:
your_user_root/var/www/project_name
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 9 years ago.
Improve this question
I am interested now a little bit fin drupal and I saw it saves many configuration options to db like BLOB (I think they are serialized php variables like array).
Why drupal don't use saving conf. options to php file and then simple include it?
What do you think is better approach for saving conf. data: DB or file and then simple include?
Maybe filesystem is faster then socket and db?
Storing configuration information in a central location like a database allows load balancing on the front end. If you were using conf files and had 2 load balanced web servers, you would need to make sure the conf files on each server stay in sync. A database is an easy way to centralize the configuration, and replicate it if needed.