Recommended directory for website data?

Checked hier(7) and didn't see mentioning it. Internet says /usr/local/www is the one. I'd used /srv/domain.com in Linux. I'd like to know the proper and recommended directory for website data in FreeBSD. I'll install www/wordpress with www/nginx on my server. Thanks.
 
As always it depends on context, there really isn't a "best" solution here.

For a server you could opt for moving it into the homedirectory of users so that it'll be easier for them to access and easier for the administration to safeguard ("backup") said data.

For personal use you could consider the same approach, or perhaps use the default of /usr/local/www. Of course this could be considered a minor security concern because if you're using default locations and/or settings you're also providing possible attackers with some basic options to try out. For example: pretty much everyone knows about /tmp and thus attackers often try to dump their scripts there in order to try and exploit local root glitches. Obvious solution: don't use /tmp or make sure it doesn't allow file execution.

But I digress.

In the end anything will do, as long as you don't start messing things up by using obviously bizarre locations such as, for example, /usr/src/www or such. When in doubt I often resort to a location in /opt to move things outside of the regular hierarchy, I also often use this to store my jails.

Your milage may vary of course.

Hope this can give you some ideas.
 
If your system is using ZFS, create a new dataset to hold it. Sets you up for good security practices and backing up the data.
 
When in doubt I often resort to a location in /opt
Where in hier(7) can we find /opt? Used to Linux?


If your system is using ZFS, create a new dataset to hold it. Sets you up for good security practices and backing up the data.
Exactly. Security is especially important here because PHP/Wordpress will be targeted by script kids. You can find a recent example of it here. Make sure you pay attention to file permissions and use non-standard directory names whenever possible. Most of all, keep your software up-to-date. Scripted attacks mostly use known vulnerabilities, with up-to-date software you don't have to worry.
 
/var/www and /var/apache2 are also terrible options I have seen as defaults.

/usr/local/www is pretty good, but if you do the ZFS dataset thing, I did some poking about and the suggestion was to mount it in /media
 
/usr/local/www/<sitename>/ or, less common, /home/<sitename>/ are all fine with me.
 
There is no genuine "recommended place". You can use the entire namespace to add whatever you like as your own stuff, as long as you don't mess up the existing paths.

I usually prefer to build a third tree at one place: we have / where the OS tree begins, with /usr, /lib, /share, /etc, and so on, and we have another tree below /usr/local for all things managed via pkg, so that these are already at one common place. Now decide for another place where all the local additions go (/opt would be a traditional choice), and you can have /opt/sbin for the self-written admin scripts, /opt/etc for local configuration files (you could even use /opt/etc/rc.d and /opt/etc/periodic by simply adding them to the main config files), and then probably /opt/www for the server root.

Advantage: you have completely separated this from the OS upgrades and the ports upgrades, you can glance through it for the local additions, you can configure these accordingly in backup tools and always know what it is, you can move the whole tree to a different machine when needed, you may need to share parts of it between different systems, and this is all out of the way for everything else.

Hi msplsh I wonder why are those paths considered "terrible"? At least, under OpenBSD, "/var/www" is even the default one for httpd.
/var is traditionally for data written by the applications themselves: locks, logfiles, databases.Usually short-life, may run full on errors, and not need longterm retention in the backup.
 
I normally use /www/<sitename> but I agree /usr/local/www/<sitename> sounds better with regards to FreeBSD standards.
 
Only terrible in that locating the web server documents is such a pain across different types of systems and applications and the FHS didn't seem to really help, but just created new ways to validate people's preferences as arguments. I prefer /usr/local/www because it creates the broadest "rules": Not required for boot, specific to this machine, used by the webserver.

Is the WWW root state? Or is it just variable? What if it's static? How often can it change before it becomes not-static? What if only part of it is static, and then we put the other part that is not-static-enough somewhere else on the filesystem for consistency! 😩 Wait, wait, is it application data or "system" data!? 😵‍💫
 
Back
Top