tags:

views:

35

answers:

1
Q: 

Which directories are writable by web server on shared web-hosting?

Currently I'm using shared webhost (Linux) to host my site. I know that anything inside '~/home/my_user_name/www' directory is writable by server. What are the other locations? Basically I want to change default session storage location and probably I shouldn't put it inside www directory.

Edit

Does session saving location has to be web server writable, since session is saved by PHP process?

EDIT 2

How could I give read+write privilege to Apache on /home/my_user_name/tmp directory (tmp dir is outside www directory)?

+2  A: 

There is no real "standard" for directories that could be writable by the httpd server : it all depends on which access-rights have been given by the user who owns the directories.

Temporary session files are generally stored in the /tmp directory, which is generally writable by anyone -- but this means your sessions files will be in a directory accessible by other applications and users that are using the same server as you.


As you are running your application from the /home/my_user_name/www directory, a solution might be to create another directory, such as /home/my_user_name/tmp, and give read+write privilege to Apache on this directory -- and, then, configure your application/php so that session files are stored there.

Another solution would be to store the session data in a database : chances are you have a database that other users and applications on your server can't access.

Pascal MARTIN  2010-02-17 11:57:16
@pascal: how would I give read+write privilege to Apache on tmp directory? Apache would come under user/group/others? Probably it would come under group, right?
understack  2010-02-17 12:08:00
It depends what directory is considered as "root" by Apache : if it's the `www` one, the `tmp` one that is not "under" the `www` one will not be served by Apache ;;; else, yes, you could use a `.htaccess` file containing something like `Deny from All` to prevent Apache from serving it ;;; to answer your edit : when pages are served by Apache+PHP, there is no real "PHP process" : Apache is the one serving the page, even if it's using PHP to do that.
Pascal MARTIN  2010-02-17 12:08:01

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases