RE: ftp to webserver - not as rot

[John Stevenson <objectcore@yahoo.co.uk>]

If you have managed to set up all these servers, you could also try set 
up a CVS server.

A CVS server can be used for managing versions of you files and is also 
a standard way to deploy web pages and code to a live web environment.  

AFAIK it is very secure assuming that you run the CVS server on a 
seperate machine other than the web server.  Then you would allow the 
webserver (in the DMZ) to connect to the CVS server (on your local 
network), pulling any changes to the website that have been made.  This 
is secure in the fact that you only have to run apache and ssh services 
on the webserver.

The added bonus to using this system is that you get a version control 
system to help manage all the changes you make to you website.

More information about CVS can be viewed at http://www.cvshome.org/

If you need more details, please let me know (I may knock up a 
mini-howto if there is enough interest on this subject...)
Johnny.

> This may be a dumb question on the wrong list, but here goes.
>
> I'm learning to set up a server via remote.  We've got a mail server going
> and mailman as well.  We have apache going and have put some pages in
> /var/www.  There's a firewall on it and it is set so that we can send and
> receive mail, access the mail list, bring up pages in a browser, ssh in as
> users, and ftp in as users.  We set it up so that root cannot ftp or ssh in.
>
> A user can ftp in and work on pages in their own public_html, but those
> pages would appear in /~username. I want to be able to work on pages in
> /var/www, because those pages come up when the domain name is accessed via
> browser.  /var/www is root.root 
>
> Is there a way other than dropping the pages off as user via ftp, ssh and su
> to root and move them, to do this?  I'm thinking maybe there is a way using
> groups.  Or is there something wrong with my thinking about not allowing
> root ftp?
>
> Thanks.
> Anita
>