By default, a few web based applications/interfaces all install to the /var/www directory. Of course, if you have an outside facing website (which also defaults to /var/www) this means that all those other directories are potentially exposed. Either that or I just missed the ability to configure these differently when I installed them (which has been a bit, admittedly).
For example… If I have nextcloud and pihole installed, and I also wanted to host my own basic website, it would all default to /var/www.
Meaning
/var/www contains /var/www/nextcloud and /var/www/admin <–pihole.
There’s no need for this, since they can all be installed to separate directories (/var/nextcloud, /var/admin, and /var/www for instance) using virtual hosts. This presents much less of a security issue.
I suspect it was done this way due to the fact that this way works for ngix, lightt, and apache, but I strongly suspect that it presents some potentially scary security issues.
Is there any way to set it up using virtual hosts by default if the user chooses apache?