What are the risks in putting website files in the "root" folder of a shared web hosting server?
Posted
by
Obay Ouano
on Server Fault
See other posts from Server Fault
or by Obay Ouano
Published on 2012-11-11T10:48:32Z
Indexed on
2012/11/11
11:06 UTC
Read the original article
Hit count: 215
A site I've been asked to manage is hosted (shared) on GoDaddy, with this folder structure:
/
public_html
public_ftp
mail
stats
logs
- etc...
However, the website files are stored in the /
folder, and NOT in public_html
.
I'm not sure if this is how GoDaddy sets up their customers' accounts, or if the old web developer accidentally changed it from public_html to root. But when we call up GoDaddy to tell them to correct this (move files to public_html
), they won't change it and insist that there is no security risk unless someone gets a hold of the FTP password. Is this true? (I have always read that website files should be inside public_html.) If not, where could this setting be changed? The .htaccess
is empty.
© Server Fault or respective owner