Store files without exposing them to the web?


Hi, I’m a brand new DH customer, and I noticed that when I FTP in, my document root is the same as my web root. I’d like to be able to create a folder that web users can’t access directly but that I can use as a resource for server-side functions. Is there something I’m missing?

Also irking me is that the support request option from my panel doesn’t work at all, after step 1 it just fizzles.


That depends upon how you have your FTP client configured. By default, with no other “directory configuration” you should find yourself in your user directory (one level above your “web root”/“Doument root”), and from there you can descend into your various domain(s) directory.

Probably just what I mentioned above - you can make as many directories as you want above your web space, in you user directory (which is where you should put many server-side things).

That sounds very much like a known issue with the Web control panel and FireFox 3 - you should not have the problem with FireFox 2 , IE, Opera, safari, etc.



Thanks for your informative responses. I saw that the support feature worked in IE. (and yes I am u sing firefox 3).

Allow me to clarify something. When I echo my $_SERVER[“DOCUMENT_ROOT”] in php the root directory is the same as the web directory. Is there a way to change this? Like could I make a public_html folder etc. and have apache use that as the webroot but have my document root be a step higher?

I realize I may be able to store files above my directory but it appears as though server-side scripts wouldn’t have access to those folders so that doesn’t help me.

Thanks again for your help.


That is correct (and accurate), and that is how it is supposed to work:" 'DOCUMENT_ROOT’
The document root directory under which the current script is executing, as defined in the server’s configuration file."

IF you were to compile your own php, or otherwise manipulate you php.ini file (see the DH wiki), I suppose you could modify it, but there is certainly no need to do so in order to reference other paths in your script(s). It’s not apache that will be doing the “using” in this case anyway - it is PHP :wink:

You can always refer to your “outside of webspace” resources with absolute path references, or possibly by manipulating (truncating) other system “path” variables to “walk up” the directory tree (see the output of phpinfo() for likely candidates).

Sure they will (I do it all the time). If you set your permissions properly (DreamHost makes that easy, and secure, for you via the use of suexec) and refer to them properly, you can (and should) use them even if they are “outside” your “webroot”! :wink:



Sorry, I’m an idiot - it took me a bit but I realized playing around that I could reference documents above the webroot. THANKS AND SORRY!


There’s no reason to apologize! You are most welcome, and I’m glad you are getting things sorted. Good Luck!



Also, if you don’t want somebody to see inside your folder without knowing the file name, then with notepad make a blank file named .htaccess and put it in the folder you want to keep hidden.