Vous n'êtes pas identifié(e).
13 février 2024 Sortie de Dotclear 2.29
Pages : 1
Hello,
I got familiar with http://dotclear.org/documentation/2.0/admin/install and http://dotclear.org/documentation/2.0/admin/multiblog, but I'm still not sure how to install DC as secure as it gets. Can you please guide me a bit?
I'd like to serve DC from a domain root directory. I have write and read access below it. I'm going to use SQLite and I'll keep my db file below the domain root.
Which DC 2.6.2 directories can be moved out of the domain root, and linked to? Which dirs and files require only read access and which have to be writeable for the server process, and what are the dirs/files that also need to be readable or writeable for Others?
Sorry if the question seems lame, but I haven't seen this fully adressed anywhere around. I'd love to sum up what you guys would share, and put it nicely edited on your WiKi, if you think other users would also find it handy.
Maciek
Hors ligne
If you want a minimal list of files under your root, here is what I did on my site :
* dotclear is installed somewhere (not in domain root), for instance : /var/share/dotclear
* on the domain root : a directory themes/ containing the blog theme (duplicated from /var/share/dotclear/theme/[thetheme]), a directory public/ which will contain all the media, and an index.php including "/var/share/dotclear/inc/public/prepend.php"
* I also have a domain dedicated for admin, with documentroot set to /var/share/dotclear/admin (and enforcing SSL)
Dyslexics have more fnu!
Hors ligne
Dsls,
Thanks.
I only have a limited, ftp access to my web server.
I installed Dotclear in a dir below the http root and created there relative symlinks to themes, public and index.php. My https root is in a different dir, parallel to the http root, and I created a link to admin there.
Everything seems to work fine. The remaining question is what DC files and dirs are fine with only read access for the web server process, and which really need read (or write) access for other users?
Dernière modification par czk (2014-01-26 08:59:11)
Hors ligne
You may set almost every file read-only.
The only directory which may have read-write permissions is the cache dir, where dotclear puts compiled templates (ie. generates php files from theme templates), and of course the public directory.
Dyslexics have more fnu!
Hors ligne
Pages : 1
Vous n'êtes pas identifié(e).
