What permissions does DocumentRoot directory of Apache Server requies, if its outside /var/www

I’m using Ubuntu version 18.04.

I installed apache2 and tried to set DocumentRoot of a VirtualHost to be /home/username/Desktop/work/wp and it gives error permission forbidden.

But if I set DocumentRoot from /var/www, it works fine.

In both these directories, user and group are same. I don’t understand this. Can somebody help me understand these permissions or direct me to related documentation? Thanks.

inside /var/www

outside /var/www

Apache vhost using wrong DocumentRoot

I am configuring a webmail on my Apache/2.4.25 server, and I’m having problems with redirecting to one of the subdomains. I’m currently unsing (probably in the most inelegant way) one .conf file for every vhost.

The content of this .conf is:

<VirtualHost *:80>     ServerName webmail.vignati.eu     DocumentRoot /var/www/vhosts/webmail.vignati.eu     DirectoryIndex index.htm index.html index.php     ServerAlias vignati.eu     ErrorDocument 404 /404.html     ErrorDocument 500 /50x.html     ErrorDocument 502 /50x.html     ErrorDocument 503 /50x.html     ErrorDocument 504 /50x.html     ErrorLog /var/log/apache2/webmail.vignati-eu_error_log     CustomLog /var/log/apache2/webmail.vignati.eu_access_log combined     <Directory /(README.md|INSTALL|LICENSE|CHANGELOG|UPGRADING)$  >             Order Deny,Allow             Deny from all     </Directory>     <Directory /(bin|SQL|config|temp|logs)/>             Order Deny,Allow             Deny from all     </Directory> </VirtualHost>  <VirtualHost *:80>     ServerName mail.vignati.eu     DocumentRoot /var/www/vhosts/mail.vignati.eu/public-html     DirectoryIndex index.htm index.html index.php     ServerAlias vignati.eu     ErrorDocument 404 /story.php     ErrorLog /var/log/apache2/mail.vignati-eu_error_log     CustomLog /var/log/apache2/mail.vignati.eu_access_log combined     Redirect permanent / https://mail.vignati.eu/ </VirtualHost> [...] 

The file goes on with the configuration of www. and the https configurations for www. and mail. (which all work fine)

My problem is that when I try to navigate to webmail.vignati.eu, I get redirected to the index.html file that is in

DocumentRoot /var/www/vhosts/mail.vignati.eu/public-html 

But the correct DocumentRoot, as specified in the vhost is

DocumentRoot /var/www/vhosts/webmail.vignati.eu 

Could anyone help me find what I’m getting wrong?

(The server is switched-off at the moment, so if anyone wanted to check by themselves, sorry, but it’s not possible)

Apache2.4 on RPi forces wrong DocumentRoot

I want to set the Main DocumentRoot of my Apache2.4 webserver running on Raspbian to /var/www/apache. So I set it in /etc/apache2/sites-available/000-default.conf which is the only enabled site. I restarted apache2 and the DocumentRoot is still /vaw/www/html. So I searched with sudo grep -iRl "/var/www/html" / the whole filesystem for this configuration, but with no results. Then I searched for DocumentRoot in /etc/apache2 and the only result is the one in my vhost. apache2ctl -S says: Main DocumentRoot: "/var/www/html", but this can only be the hate of the server against me. This DocumentRoot is never configured and the server forces it because it wants to without any reason. How can I fix this bullshit bug?

Magento 2 : After changing DocumentRoot Magento 2.1.16 is not installing

I have face some issue How can i resolve it ?

I have try to use multiple xampp for use multiple versions of php

like php5.6, php7.0., php7.1., php7.2., php7.3.

So i have install portable versions of xampp

  • D:\xampp56
  • D:\xampp70
  • D:\xampp71
  • D:\xampp72

I have change DocumentRoot inside

httpd.conf from the location D:/xampp*/apache/conf

form

D:/xampp*/htdocs

to

E:/Projects

But i have facing some Error in Magento 2 installation

http://127.0.0.1/mage231/setup/index.php/session/prolong‘ return ‘success:false’

Now how can i resolve it ?

Apache – Adding Redirect to sub-directory V/S changing DocumentRoot

I want to understand security implications of changing DocumentRoot in Apache to an installed website versus adding a RewriteRule.

The reason I ask this, I have a website that is installed under /var/www/html/website/. I initially changed the DocumentRoot to /var/www/html/website in the 000-default-le-ssl.conf file. This however, exposed certain elements during an NMAP scan. Specifically JS and CSS files. Examples:

https://ipaddress/nextcloud/core/js/contactsmenu.js?v=6e38f86c-7 https://IPaddress/nextcloud/core/css/guest.css?v=6e38f86c-7

and few more.

I considered this insecure behavior and hence added the following as part of the 000-default-le-ssl.conf configuration file.

I changed DocumentRoot to /var/www/html and added:

RewriteEngine on RewriteCond %{REQUEST_URI} ^/$   RewriteRule (.*) /nextcloud/ [R=301] 

Hence my question, is there any security benifit of changing DocumentRoot to default and adding a redirect or is the end result the same?

Also, I know this is product specific (nextcloud), but should such files be visible?