On Mon, 2005-03-14 at 19:48 -0500, Mark Weaver wrote: > Duncan Lithgow wrote: > > I *have* > > > > 1. I've edited /etc/httpd/conf/httpd.conf so it reads ... > > # DocumentRoot "/var/www/html" > > DocumentRoot "/mnt/SharedFiles/www" > > ... > > > > 2. I've commented out /etc/httpd/conf.d/welcome.conf > > > > 3. the /mnt/SharedFiles/www is owned by 'root' and the 'common' group of > > which apache is a member. > > > > But i still get the content from /var/www/error/noindex.html > > > > Something someone isn't working as I expected! > > > > Thanks for your patience guys. > > > > Duncan > > > > I would think you'd want ownership of the DocumentRoot to be that of Apache. > > i.e. apache.apache > > instead of > > root.apache > > Its been my experience having ownership for a web server's document root > can be rather problematic rather than a good thing to do. My DocumentRoot (containing only static pages) is owned by root.root. There is absolutely no need for the apache user to own the DocumentRoot - it just needs to be able to read static pages. In fact, having the apache user able to write these files is a security issue because a web server compromise could result in your content being overwritten. Paul. -- Paul Howarth <paul@xxxxxxxxxxxx>
