0

I've just added new VirtualHost on my server. (below config..) How can I forbit browsing top directory (for example: opendir('../../public_html/another_site/') ) ? What I should add to config? I want separete diretories of sites. Maybe it's wrong way? php / apache config?

<VirtualHost *:80>
    ServerName mysite.pl
    ServerAlias www.mysite
    DocumentRoot /var/www/public_html/mysite

    <Directory /var/www/public_html/mysite>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    <IfModule mod_dir.c>
        DirectoryIndex index.php index.pl index.cgi index.html index.xhtml index.htm index.php5
    </IfModule>

</VirtualHost>
Blazej Kita
  • 99
  • 1
  • 1
  • 10
  • You cannot control what people do in their browser, but you can control what is being displayed, or redirect, once people get to your top directory. Would that be good enough? – KIKO Software Sep 30 '22 at 07:09
  • Ok but what's happend if someone inject bad code to my website? I want separate wordpress site and other site on my server. You know.. I don't trust wordpress... – Blazej Kita Sep 30 '22 at 07:18
  • 2
    If security is a high priority for a website, do not install Wordpress alongside it. Use two separate servers, one for your secure site, and the other for Wordpress. You can still use a single domain. For instance, by [configuring its DNS records](https://stackoverflow.com/questions/30542389/how-to-have-different-servers-with-same-domain) to point to those two different servers. – KIKO Software Sep 30 '22 at 07:25

1 Answers1

0

I've just found a good solution. According to site "https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=115522526" i added php_admin_value open_basedir /srv/web/domain.tld/:/usr/share/pear/

<VirtualHost *:80>
        ServerAdmin admin@domain.tld
        
        DocumentRoot /srv/web/domain.tld/htdocs
        ServerName domain.tld

        php_admin_value open_basedir /srv/web/domain.tld/:/usr/share/pear/
        php_admin_value upload_tmp_dir /srv/web/domain.tld/
        php_admin_value session.safe_path /srv/web/domain.tld/sessions/
        
        <Directory /srv/web/domain.tld/htdocs>
                php_admin_flag engine on
                AllowOverride AuthConfig FileInfo
                Order allow,deny
                allow from all
        </Directory>
</VirtualHost>
Blazej Kita
  • 99
  • 1
  • 1
  • 10