Hello, I have the same problem as many users. I cannot upload or create anything in the ftp root's directory. After searching in the forum about my problem, I found these topic : http://www.howtoforge.com/forums/showthread.php?t=61560 To test, I created a new website but I still have the problem I used resync tool too, my server server was rebooted too, but I still have the problem. Any suggestion? Thanks for support, Whax
Thats correct and the intended behaviour. FTP users may not upload anything to the website root directory. Website files have to be uploaded to the "web" directory and thats possible with the ftp user. If you want to upload files by FTP that shall not be visible in the website, then they have to be uploaded into the private folder of the site.
That's not correct. Moderns frameworks like laravel, fuelphp or symfony example need to put some data outside the document root. Is there a way to prevent this? Thanks for support. WhaX
You can put data outside of the docroot into the private folder if your framework requires that. If the web root folder would be writable by the ftp user, then your clients would be able to make apache fail by renaming folders like web.
If I do that I must hack the framework to work with the private directory by changing all paths. This is not the good way if I choose to update the framework later. This limitation wasn't on previous ispconfig versions :/ Clients can be stupid I know, but there is not the case most of times, and I'm here to fix that
There was a bug in previous versions which allowed uploads to the web root and thats fixed now. A client which is able to rename the web folder is not only able to bring down his own site, apache is not fault tolerant regarding vhost paths so the whole server with all sites and the ispconfig controlpsnel will be down in that case. I will consider to add a option in future versions to allow modifications in the web root folder but everyone should be aware that this option can not be used on servers that allow ftp access by clients.
Thanks for you reply. So If i don't want to hack the framework could it be a good way to move the vhost root directory to web/public? Thanks. WhaX
Thats one option that I considered for the next release to allow a subfolder for web as vhost docroot on the options tab. But it will bring back the issue that I described above, as soon as someone renames the public folder on the server, all websites on that server will fail. So if we add such a config options, then thats nothing that a ISP which hosts clients on the serverw ill be able to use. There is no real solution for the issue, as long as apache has no function to exclude a single vhost when a docroot directory does not exist instead of the current behaviour which stops all sites in such a case.
Hi I was just wondering, tll, can't you just deny rename/delete on sensitive directories such as 'web' etc ? Although the 'private' directory idea is fine to my view, everybody is forced to be more tidy from now on. by the way, congratulations for the new version, it brought some features I always wanted. keep it up guys.
The only way that i found till now to deny the rename and delete of folders by the web user that are owned by the web user is to use the immutable attribute on the root folder. If someone knows a trick how to achieve that without blocking the web root, please let mo know
Hello, I just had this problem in a development VM, where I need to symlink my dev directory to the docroot directory (to keep my dev machine mostly like my production server). I fixed it using chattr on the clientN/webN directory, created the symlink and applied chattr again to keep everything as designed. This technique can be used to create the directories for any frameworks you want to. Just a hint.
The website is in the "web" folder and there you can create directories by FTP. For directories that shall not be accessible by http, use the "private" folder. You can also wite into the cgi-bin folder, other places are not and shall not be writable by FTP.
I've uploaded some files in the /web via FTP. But, I cannot see them in the panel ISPConfig3.. where can I find that..?
