Some security concerns


#1

I understand that my website is served from /mydomain.com/, which is unavoidably must be visible to the world.

But what about the other directories under the user’s root? Are they only visible to myself?

Thank you.


#2

That’s not necessarily true, as you can use an htaccess to control access to particular files or particular file types.

Also, you might be worried about the directory listing, which can easily be turned off

Those are definitely only visible and accessible to you unless you explicitly create some kind of operating system soft link to them from your web directory.

Use the [color=#CC0000]3DOM50[/color] promo code for 3 extra lifetime domains and $50 off
More Dreamhost coupons here!


#3

This isn’t always the truth. you can lock out people through simple .htaccess, deny them with a login script of sort. If you really wanted to, and i’ve never tried this so i cant say for a fact, you could force mydomain.com to link to the myotherdomain.com with a soft link from shell. as i’ve only done this on my home server, i have no guarantee that it works here.

by default, yes. you can usually call from other folders in your user root through most languages, such as php, or by a simple soft link as mentioned in the last part. but by default, only you can access them unless you specify otherwise.


#4

To be extra sure about blocking access to other directories in root, make sure you turn on Enhanced Security for your user. Go to the panel, Users -> Manage Users -> Edit that user
http://wiki.dreamhost.com/Enhanced_User_Security

-Scott


#5

Thank you guys for all the information.

Now I know how to lay out my files.

Thank you all DreamMaster :slight_smile: