Skip to content

DocumentRoot

Publish

In order for a website to be accessible to visitors, it must be published to the correct directory. Upload your files via SFTP and place them in /var/www/virtual/<username>/html. We also create a symlink ~/www in your home directory that points to /var/www/virtual/<username>.

Additional DocumentRoots

Warning:

We strongly suggest to use different accounts for different projects due to security reasons. If one of the DocumentRoots gets compromised (e.g. because of a CVE), all other files within all other DocumentRoots can be compromised as well.

You can create folders (and symlinks) in the form of /var/www/virtual/<username>/<domain>.

Make sure your domain is setup and configured correctly.

To use RewriteRules, you have to create a .htaccess file within the DocumentRoot with the following content:

RewriteBase /

Tip:

The DOCUMENT_ROOT variable set by Apache always points to the one and only DocumentRoot /var/www/virtual/<username>/html, so you will get a misleading value. There is no way to change that behaviour.

Warning:

Symlinking to folders in /home will not work here because the Apache web server does not have access rights to anything in /home.

Warning:

Do not delete /var/www/virtual/<username>/html. If this folder doesn't exist, the RewriteRules implementing the additional DocumentRoots don't work, so all your domains will be inaccessible.

Example: Change DocumentRoot location

Many PHP apps like Symfony provide their own public webfolder within their folder structure. It is recommended to only make this folder accessible by the webserver. This can be done like this:

# in /var/www/virtual/$USER
[isabell@moondust isabell]$ rm -f html/nocontent.html
[isabell@moondust isabell]$ rmdir html
[isabell@moondust isabell]$ mkdir -p my_project/public
[isabell@moondust isabell]$ ln -s my_project/public html

This results in the following structure:

[isabell@moondust]$ tree /var/www/virtual/$USER
.
├── html -> my_project/public
└── my_project
    └── public

Because my_project is not a domain name that can be reached by the webserver, the source code will never be reachable from the outside.

Permissions

Since the webserver runs with a different user, you need to make sure your files have the right permissions. The folder /var/www/virtual/<username>/html and all additional DocumentRoots need to have mode 0755, the files within 0644. To fix this for all files and folders, use:

[isabell@moondust ~]$ chmod -R u=rwX,go=rX ~/html

Tip:

Since the folder /var/www/virtual/<username> has mode 0750, other users on the same server can't access your files.

Configuration

Provided configuration

We provide the following configuration:

DirectoryIndex index.html index.htm index.php nocontent.html
TypesConfig conf/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType application/wasm .wasm .wasm.gz .wat .wat.gz

The full configuration is in /etc/httpd/conf/httpd.conf, which is readable by every user.

Own configuration

You can provide your own configuration with .htaccess files. Check the Directive Quick Reference for valid directives. The third column must contain h for it to be allowed in .htaccess.