carrotJun 22, 2023

Is there a problem with keeping the backend of an NGINX server in /var/www ?

https://sh.itjust.works/post/313343

Is there a problem with keeping the backend of an NGINX server in /var/www ? - sh.itjust.works

Hi all. I’m looking to make a backend in my NGINX server, for a website that only gets a few views. Right now I’m managing the files of the site using Git, with /var/www/ as the folder on github. I’m looking to create an ip logger to plot onto a map, and I’m wondering if there are any problems with hosting it on /var/www. My main concerns are if it’s accessible to other users or if it’ll slow down NGINX. I’m absolutely able to do it in another folder, but I am wondering if there are any problems with keeping any files in /var/www. To my knowledge, only past /var/www/html is viewable by a connection. Thanks!

Show threadThe Bard in GreenJun 22, 2023

Slow down NginX

I don't see why it would, /var/www is exactly where I would put it.

Accessible to other users.

By default /var/www should be owned by root, with read and execute permissions for other users. If you want to be extra secure, change the group ownership to www-data (or whatever your nginx user is on that machine), then set

root rwx www-data (group) r-w all ---

Show threadcarrotJun 22, 2023
Sorry, by accessible to users I mean visitors. Some sort of example.com/../.git shouldn't be possible up to my knowledge.
Show threadSteveTechJun 22, 2023
You're right, unless there's some vulnerability, /var/www isn't accessible by visitors when /var/www/html is configured as the web root in nginx. However if they are files that visitors shouldn't access I probably wouldn't put them in /var/www, but I guess at least you could chmod them like the previous commenter said, so that nginx can't read them.
Show threadcarrot
Ahh I see. I never considered the config file. Thank you for the help!
Jun 22, 2023 at 4:28amWeb