By default, a few web based applications/interfaces all install to the /var/www directory. Of course, if you have an outside facing website (which also defaults to /var/www) this means that all those other directories are potentially exposed. Either that or I just missed the ability to configure these differently when I installed them (which has been a bit, admittedly).
For example... If I have nextcloud and pihole installed, and I also wanted to host my own basic website, it would all default to /var/www.
/var/www contains /var/www/nextcloud and /var/www/admin <--pihole.
There's no need for this, since they can all be installed to separate directories (/var/nextcloud, /var/admin, and /var/www for instance) using virtual hosts. This presents much less of a security issue.
I suspect it was done this way due to the fact that this way works for ngix, lightt, and apache, but I strongly suspect that it presents some potentially scary security issues.
Is there any way to set it up using virtual hosts by default if the user chooses apache?
Suggestions for features and software you would like to see in DietPi, goes here.
2 posts • Page 1 of 1
I don't understand completely your question but based on your description seems you want some kind of software/application isolation.Is there any way to set it up using virtual hosts by default if the user chooses apache?
This can be accomplished with docker containers.
If I understood right you need three different docker containers: one with nextcloud, another one with pi hole and the third with your web server.
This settings could be easily implemented because DietPi have option to install docker in its software apps.
If you find a solution for your request it will be nice to post here.