Bug#340947: apache2-common: standard path to virtual host document roots under /var/www?
Package: apache2-common
Severity: wishlist
Hi,
suexec's default configuration forces cgi-scripts to be in /var/www,
even for virtual hosts. otoh, /etc/apache2/sites-available/default has
a quite liberal access policy and would allow access to
/var/www/www.foo.example/htdocs via the default virtual host, which
might not be desireable.
Please consider having a default definition for a "virtual host
directory" like /var/www/virtual-hosts, which has "deny from all" set
in /etc/apache2/sites-available/default in the package version of the
conffile:
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
# This directive allows us to have apache2's default start page
# in /apache2-default/, but still have / go to the right place
RedirectMatch ^/$ /apache2-default/
</Directory>
<Directory /var/www/virtual-hosts>
Order allow,deny
deny from all
</Directory>
Then, /var/www/virtual-hosts/www.foo.example could be used as document
root for a virtual host without having it accessible from the default
virtual host, and suexec could be used.
Greetings
Marc
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14.2-zgsrv
Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1)
Reply to: