reg Posted October 29, 2007 Report Share Posted October 29, 2007 i find myself confused about the phylosophies involvedin uniform server's directory structure and the scopeof its htpasswd and htaccess files. for example, whyare there 2 .htpasswd files? which w: directories arerestricted from the user? what differs in usage are therebetween w:\home\admin\www~ and w:\www~, andso on. i'd like to ask if someone would spend a few minutesexplaining the why's and wherefores involved. i think its quite a bit to ask, but i've not found such anarrative elsewere, and i think it may be useful to otheralso. i've included line numbered directory names for boththe uniform server residency directories and its w:working directories thinking that that may be of someservice. tia alan madsen 1. \udrive\htpasswd\home\admin\www\.htpasswd2. \udrive\htpasswd\www\.htpasswd3. \udrive\home\admin\www\.htaccess ** Uniform Server resident directories* d:\... ~\udrive 01 udrive 02 udrive\home 03 udrive\home\admin 04 udrive\home\admin\www 05 udrive\home\admin\www\phpMyAdmin 06 udrive\home\admin\www\phpMyBackupPro 07 udrive\home\admin\www\images 08 udrive\home\admin\www\includes 09 udrive\home\admin\www\css 10 udrive\home\admin\www\cgi-bin 11 udrive\home\admin\www\js 12 udrive\home\admin\program 13 14 udrive\usr 15 udrive\usr\lib 16 udrive\usr\local 17 udrive\usr\local\apache2 18 udrive\usr\local\mysql 19 udrive\usr\local\php 20 udrive\usr\bin 21 22 udrive\www 23 udrive\www\images 24 25 udrive\docs 26 27 udrive\plugins 28 udrive\htpasswd 29 udrive\htpasswd\home 30 udrive\htpasswd\home\admin 31 udrive\htpasswd\home\admin\www 32 udrive\htpasswd\www 33 34 udrive\tmp 35 36 udrive\etc 37 udrive\etc\phpmyadmin 38 39 udrive\cgi-bin ** W: Directories with Uniform Server running* 40 W:\ 41 W:\home 42 W:\home\admin 43 W:\home\admin\www 44 W:\home\admin\www\phpMyAdmin 45 W:\home\admin\www\images 46 W:\home\admin\www\includes 47 W:\home\admin\www\css 48 W:\home\admin\www\cgi-bin 49 W:\home\admin\www\cgi-bin\includes 50 W:\home\admin\www\cgi-bin\includes\lang 51 W:\home\admin\www\cgi-bin\includes\lang\en 52 W:\home\admin\www\js 53 W:\home\admin\www\plugins 54 W:\home\admin\www\plugins\eaccelerator 55 W:\home\admin\www\plugins\pear 56 W:\home\admin\program 57 58 W:\usr 59 W:\usr\lib 60 W:\usr\lib\CGI 61 W:\usr\lib\CGI\eg 62 W:\usr\lib\CPAN 63 W:\usr\lib\File 64 W:\usr\lib\File\Spec 65 W:\usr\lib\Time 66 W:\usr\lib\Exporter 67 W:\usr\lib\Carp 68 W:\usr\lib\warnings 69 W:\usr\lib\auto 70 71 W:\usr\local 72 W:\usr\local\apache2 73 W:\usr\local\mysql 74 W:\usr\local\mysql\share 75 W:\usr\local\mysql\data 76 W:\usr\local\mysql\data\mysql 77 W:\usr\local\mysql\data\phpmyadmin 78 W:\usr\local\mysql\bin 79 W:\usr\local\php 80 W:\usr\local\php\extensions 81 W:\usr\local\php\logs 82 83 W:\usr\bin 84 85 W:\www 86 W:\www\images 87 88 W:\docs 89 W:\docs\SRC 90 91 W:\plugins 92 W:\plugins\Services 93 W:\plugins\Services\files 94 95 W:\htpasswd 96 W:\htpasswd\home 97 W:\htpasswd\home\admin 98 W:\htpasswd\home\admin\www 99 W:\htpasswd\www100 W:\tmp101 W:\tmp\eaccelerator102 W:\etc103 W:\etc\phpmyadmin104 W:\cgi-bin Quote Link to comment Share on other sites More sharing options...
Ric Posted October 29, 2007 Report Share Posted October 29, 2007 Um! It all looks complicated let’s start with protection, htaccess files and passwords this will help in understanding some of the structure. There are only three server areas that are protected. 1) Admin --- Apanel2) Web root --- (www)3) Passwords. To understand the structure it’s best to start with passwords. 3) Passwords: These are text files each file contains a name/password pair (note you can have more than a single name/password pair in these files). Password files are referenced from an authentication section within an htaccess file. An htaccess file is placed in a folder to be protected this file also protects any sub-folders. The authentication section has this format: #AuthName "Uniform Server - Server Access"#AuthType Basic#AuthUserFile /htpasswd/www/.htpasswd#Require valid-user For Apache to find a password file you define it’s full path and file name for example /htpasswd/www/.htpasswd there is only one restriction, it must be a full path starting from Apahe’s root directory. The folder and file names can be anything you like! Security: You can place your password files in any folder and that includes the web root (www) or any sub-folder, Apache imposes no restrictions. However the last place you want to place password files is in the web root (www) or any of its sub-folders. Remember this is a public area where files are severed from and that includes password files. Files are also severed from the cgi-bin folder hence not a good place to put the password files. All password files SHALL be located outside of the web root and cgi folders. UniServer places all password files in the folder htpasswd, which conforms to the above. You will notice this folder contains sub-folders and not just a set of password files or even a single password file. It looks confusing until you understand it’s a map! Look at the folder structure, if you ignore the main folder itself (\htpasswd) the paths directly map onto the server root \htpasswd \htpasswd\home\admin\www\htpasswd \htpasswd\www (note each folder www contains a password file named .htpasswd) Follow the root path \home\admin\www in this folder you will find an htaccess file it contains the following line: #AuthUserFile /htpasswd/home/admin/www/.htpasswdLikewise follow the root path \wwwThis leads to the htaccess file containing #AuthUserFile /htpasswd/www/.htpasswd To sum up:a) The folder structure in htpasswd maps to htaccess files. A password file is found only at the end of the folder chain in htpasswd.c) All password files have an identical name. 1) Admin --- Apanel A single htaccess file protects the folder home/admin/www and its sub-folders.The default protection is for local access only however should you wish to access apanel from the Internet you can put this on line by commenting out the lines shown in the file. (Not recommended for a live server, use only for testing if required.) If you do put admin online, enable authentication and remember to set a new user name and password. 2) Web root --- (www)A single htaccess file protects the folder /www and its sub-folders.The default protection is for local access only making it an ideal test server. To put your servers online (production server) comment out the lines shown in the file. If you want to restrict access online enable authentication and remember to set a new user name and password. Note: 1) and 2) are independent. Flexibility:If you have read 3) you may be wondering why the complexity, I would agree for protecting two areas with authentication it probably is. Consider the case where you have several virtual servers and protecting certain areas within these. Using the map structure makes it a whole lot easier to administer. File naming and structure:I could be wrong on this but if you think about it the main components Apache MySQL and PHP are ported from Unix. These dictate to some extent structure and naming. The w: drive (40-105) in reality does not exits it is a mapping to the real folders (1-39) that said Apache thinks Apache’s root is w: (or any other drive letter you select at start-up) The drive letter w: has been assigned to the folder udrive, if you create or delete folders or files on w: you are working on the contents of folder udrive wherever it is located on your hard drive or USB memory stick. I am not sure if any of that makes sense trust its not made you even more confused. All the bestRic Quote Link to comment Share on other sites More sharing options...
olajideolaolorun Posted October 29, 2007 Report Share Posted October 29, 2007 Check the STRUCTURE.txt in the doc folder.... Quote Best Regards Olajide Olaolorun The Uniform Server Development Team Link to comment Share on other sites More sharing options...
reg Posted October 30, 2007 Author Report Share Posted October 30, 2007 I am not sure if any of that makes sense trust its not made you even more confused. All the bestRic Thank you Ric. Lots of stuff to mull on there, and I will. I've 3+ decades in the IBM and Windows worlds, and while that helps me quite a bit in 'tools to approach with', it helps not at all in the details of structure and its practices such as you've here addressed. Certain that the more I know/learn about Unix, the more I'll see in them, I am going to put your notes into my notebook for regular review. Best regards, Alan Quote Link to comment Share on other sites More sharing options...
reg Posted October 30, 2007 Author Report Share Posted October 30, 2007 Check the STRUCTURE.txt in the doc folder.... Hello Olajide, Thank you for your reply. I have, for a short time, been quite busy in preparation for entery into the Unix world so I've not seen as widely or as deeply as I will, but I did look at STRUCTURE.txt and gained from it what I could. Naturally that led to other questions, such as why are these directories named "www"? Certainly there is a reason, but what? W:\htpasswd\home\admin\wwwW:\home\admin\wwwW:\htpasswd\wwwW:\www Also, why is w:\home noted as "Users home page."? Who is the 'user'? Apache? The sysadmin? Someone or something else? Also (and this seems particular to the Uniform Server), why does W: exist at all when, except for 'tmp', it seems to be a substituted alias for ~\udrive ? Alas, I think I'm going to be asking a lot of dumb questions. Looking on the bright side, I know that well-asked, I'd be dumber not to ask. Best regards, Alan Quote Link to comment Share on other sites More sharing options...
olajideolaolorun Posted October 30, 2007 Report Share Posted October 30, 2007 Are you doing a research, report or soemthing? lol. Quote Best Regards Olajide Olaolorun The Uniform Server Development Team Link to comment Share on other sites More sharing options...
reg Posted October 30, 2007 Author Report Share Posted October 30, 2007 Are you doing a research, report or soemthing? lol. No, i want to build a website. I could probably do that easire and faster with an approach that dos not involve technical detail, but I am drawn to this approach and i am willing to take it, at least for now. My thought is that having a basic functional familiarity with Linux, Apache, MySql, and HTML (along with a bit of Java Script and PHP), I will be free to focus on website content while at the same time being able to cope with technical issues, at least to some degree. LAMP packages are a natural for this approach, and Uniform Server was the first I encountered. So, here I am. Ready, willing, and able to ask dumb questions. Best regards, Quote Link to comment Share on other sites More sharing options...
olajideolaolorun Posted October 30, 2007 Report Share Posted October 30, 2007 lol, i see... well the server is kind of modeled like a linux server so you would be familiar with it when you are uploading to a live server online, if you chose or to use Uniform Server as a production server. Quote Best Regards Olajide Olaolorun The Uniform Server Development Team Link to comment Share on other sites More sharing options...
reg Posted October 30, 2007 Author Report Share Posted October 30, 2007 lol, i see... well the server is kind of modeled like a linux server so you would be familiar with it when you are uploading to a live server online, if you chose or to use Uniform Server as a production server. I hadn't really considered using Uniform Server for production, but that might happen. Anyhow, on with the studying. Again, thank you both. Best regards, Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.