Beginner web dev question - does NFO web hosting allow you to access 'httpd.conf' config file of apache? I'm wanting to install this web interface to test a web interface out, which contains sensitive database info. It looks like NFO installs Apache by default as well as keeping all pre-installed packages up to date, but when I FTP to the web server I only see a folder called public, and two inaccessable folders called access_log / error_log
It looks like the DB info is in a .txt file and not the php file, which is why I want to be sure that the public can't access / see this:
https://github.com/R1KO/Chat-Logging/tree/master/Web
I'm only using this plugin/ webscript as a test. In the future I plan to code my own stuff.
Anternative question:
From ordering a new web server via NFO - what's the best way to install this stand-alone PHP script and ensure the .txt file is kept private?
Beginner PHP question
-
- A semi-regular
- Posts: 22
- https://www.youtube.com/channel/UC40BgXanDqOYoVCYFDSTfHA
- Joined: Mon Oct 05, 2015 7:38 pm
-
- A semi-regular
- Posts: 22
- Joined: Mon Oct 05, 2015 7:38 pm
Re: Beginner PHP question
Uh... I'm not 100% sure but are these other people's web folder names I'm looking at?
https://imgur.com/eY9zXDq
I simply SFTP'd to the server and enabled hidden files, to see if I needed to manually create a .htaccess file or it was just hidden. I accidentally went back a directory from my folder and noticed all these folders under /usr/www
At first I thought this was a newly created virtual server just for my website (perhaps a lot of library include files for python, php, etc), but then I noticed strange names like 'analbeads'. Furthermore I can't access most the files and tried changing the file permissions on one (was going to change it back - it was a test to see if this virtual server belongs to me and I just needed file permissions or it belongs to multiple users).
You can even access the "/" directory of the linux machine (before root folder).
Seems like a security breach but I don't know what I am looking at here. I'm 100% new to anything web related.
https://imgur.com/eY9zXDq
I simply SFTP'd to the server and enabled hidden files, to see if I needed to manually create a .htaccess file or it was just hidden. I accidentally went back a directory from my folder and noticed all these folders under /usr/www
At first I thought this was a newly created virtual server just for my website (perhaps a lot of library include files for python, php, etc), but then I noticed strange names like 'analbeads'. Furthermore I can't access most the files and tried changing the file permissions on one (was going to change it back - it was a test to see if this virtual server belongs to me and I just needed file permissions or it belongs to multiple users).
You can even access the "/" directory of the linux machine (before root folder).
Seems like a security breach but I don't know what I am looking at here. I'm 100% new to anything web related.
-
- A semi-regular
- Posts: 22
- Joined: Mon Oct 05, 2015 7:38 pm
Re: Beginner PHP question
Nevermind I should've used google translate to see that the .txt file was just a read me.
Facepalm moment right there.
Facepalm moment right there.
Re: Beginner PHP question
To clarify, the reason you're able to see other customer folders in the /usr/www/ folder or system folders within the root (/) folder, is that your user account must be able to see shared folders on the system in order for components like SFTP or SSH to function properly. Customer files within each folder are not able to be seen or written to by default, and other customers can't access your files.
The http.conf file isn't able to be altered by any customer individually, as changes to this file effect all customers on a web hosting machine. You can instead use a ".htaccess" file within your "public" folder to apply changes to your site, specifically. Apache allows many things to be altered using this configuration file approach. Apache's site offers an introduction to htaccess files here: https://httpd.apache.org/docs/current/h ... ccess.html
The http.conf file isn't able to be altered by any customer individually, as changes to this file effect all customers on a web hosting machine. You can instead use a ".htaccess" file within your "public" folder to apply changes to your site, specifically. Apache allows many things to be altered using this configuration file approach. Apache's site offers an introduction to htaccess files here: https://httpd.apache.org/docs/current/h ... ccess.html
Re: Beginner PHP question
No. We maintain this file ourselves.dustinandband wrote: ↑Tue Oct 30, 2018 9:57 pm Beginner web dev question - does NFO web hosting allow you to access 'httpd.conf' config file of apache?
If you need to change PHP settings, you can change many of them through .htaccess or with php_ini at runtime.
That sounds correct.I'm wanting to install this web interface to test a web interface out, which contains sensitive database info. It looks like NFO installs Apache by default as well as keeping all pre-installed packages up to date, but when I FTP to the web server I only see a folder called public, and two inaccessable folders called access_log / error_log
There are multiple ways to prevent the public from being able to read a file that you place on the hosting. For instance, the file could be stored outside of the site's root folder, access to it could be denied through the .htaccess file, or it could be integrated into a script (such as a PHP script). The last of these is most common. The software package itself should generally pick one of the methods for you.It looks like the DB info is in a .txt file and not the php file, which is why I want to be sure that the public can't access / see this:
https://github.com/R1KO/Chat-Logging/tree/master/Web
Yes: viewtopic.php?f=19&t=5690Uh... I'm not 100% sure but are these other people's web folder names I'm looking at