The adjacent diagram depicts some of the relationships that exist
between various areas in multiple web sites. Although
relationships may exist between multiple domains, or multiple sites,
these are not shown.
Note: It may help to envision the various boundaries
if each WWW Site is considered as an individual domain name
such as child-abuse.com or
A single internet domain name may serve content on multiple ports. This
is especially true if secure areas exist which must protect data via
encryption while it is enroute. In this case, a virtual server appears
on port 80, the default, and another with the same name appears on port
443, the port used for SSL traffic. These are two, entirely different
web sites - or at least they should be configured this way so that links
and inlined images from the normal site do not appear in the SSL
encrypted pages. This condition would generate warnings to the user, giving
the impression that the site is not truly secure, after all.
Each virtual host may be further subdivided into areas which require
user authentication before access may be granted. Sensitive material
which must be protected in this manner should not be mixed with insecure
material. Otherwise, unintentional paths may be created to the secure
data which allow unauthorized access.
In order to prevent some of these problems, it can be seen that duplication
of some content may be required. Although symbolic links (aliases, or
shortcuts) may be used to reduce the duplication, this may confuse not only
site maintainers, but the web server or underlying server operating system.
When a single file or directory appears in multiple locations, it also
becomes more difficult to tune permissions since all methods of access must
be taken into account.
Executible content such as CGI scripts, SSI-enabled HTML pages, or pages
containing PHP code further complicates the issues of ownership and
permissions. Much more strict control must be exercised over these types
of files or they may themselves provide access to other, unrelated
areas on the web site. Quite often, these files must belong to an
account with elevated priveleges, such as root, so the same care applied
to system applications must be exercised when assigning ownership and
permissions to these files and directories.
Finally, interactions between global and local configurations may produce
unexpected results if careful attention is not paid to directory layout.
For example, suppose a file exists in the global DocumentRoot
directory that has the same name as a file in a virtual host's root
directory. Let's say that the file's name is top.html. One may find
that the wrong file is served by the seemingly unambiguous URL,
/top.html because the web server is forced to second-guess the
intentions of the system administrator.
Access Control Methods
Various factors influence the final location, ownership, and permissions
that are assigned to files and directories throughout the file system.
These include, but may not be limited to:
- System owner
- System group
- WWW server global configuration
- WWW virtual host configuration
- WWW directory or location configuration
- WWW domain name or IP address restrictions
- WWW authentication restrictions
- Executible, CGI, or scripting content
- SSL content
piece o' cake, eh?