NotionCommotion Posted October 27, 2017 Share Posted October 27, 2017 I am building a small web application which has little database requirements and will use SQLite. It will typically run on IIS which I don't have much experience with. I am concerned that someone will download the scripts to their PC and upload them to the webserver using FTP, and overwrite their database. Is there any recommended directory structure to lessen the chance of this from occurring? Thank you Quote Link to comment Share on other sites More sharing options...
kicken Posted October 27, 2017 Share Posted October 27, 2017 Outside of the webroot and in a directory separate from the source is all you can really do if you don't have full control over the hosting environment. What you name the directory isn't too important, I've used various terms over the years, these days usually private or data. Just make sure in your instructions you include plenty of warnings about not overwriting the database. If you do have full control over the hosting, then put it somewhere that they can't access it via FTP and/or deny permissions to the FTP user account. Quote Link to comment Share on other sites More sharing options...
NotionCommotion Posted October 28, 2017 Author Share Posted October 28, 2017 Thanks Kicken, Related to this is the best location for the public endpoint. I've never needed to do this under a Linux environment either, but I would consider one the following. Any recommendations? Option A1. Private data in the non-public root directory /var/www/someApplication/sqlite.db /var/www/someApplication/config.ini /var/www/someApplication/readmeWithInstructionsNotToOverwrite.txt Option A2. Private data in their own directory /var/www/someApplication/appData/sqlite.db /var/www/someApplication/appData/config.ini /var/www/someApplication/readmeWithInstructionsNotToOverwrite.txt Option B1. Individual folders for index.php and src. Maybe simpler from a webserver configuration perspective but more difficult from a git perspective /var/www/someApplication/public/index.php /var/www/someApplication/src/config/configWhichIsCopiedByUserToFinalLocation.ini /var/www/someApplication/src/scriptsGoHere.php Option B2. Common folder for index.php and src. Maybe simpler from a git perspective but more difficult from a webserver configuration perspective /var/www/someApplication/app/public/index.php /var/www/someApplication/app/config/configWhichIsCopiedByUserToFinalLocation.ini /var/www/someApplication/app/src/scriptsGoHere.php Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.