File Directory Structure
Posted by Joe Rebis (Import) on 16 September 2006 11:57 PM
Every EPhost has the same initial file structure. This document explains each directory in detail and offers recommendations for placing files into certain locations for security reasons. For the purpose of this document, the only web accessible directory (a directory that people on the Internet can view) is the wwwroot directory. This is the directory you will place your website files (see \db directory information below).
\ = This is the top level directory in your website and has three directories under it (sub-directories). While you can place files into this directory it is not recommended you do so for organizational purposes. This directory is not web accessible.
\db = This directory in not web accessible and was designed to store MS Access MDB files. This is an important distinction as you wouldn't want your database files "web accessible". Usually most people will place any very important files into this directory. If you use the Control Panel to create a MS Access database, it will be created here. This does not apply to MS SQL server as the actual database files are located on a different server.
\wwwroot = This is a web accessible directory and where you will place your website files. As with any directory, you may create new sub-directories under the wwwroot folder. Additionally, you can password protect these folders as well.
Note, we DO NOT recommend that you keep database files under the wwwroot folder - even if that folder is password protected. Should password protection fail on that server your database may be exposed. Naming the database something wild like "44ffeee5666t.mdb" is not truly an effective way of hiding a database either. Should Directory Browsing fail or be accidentally enabled through you Control Panel, your database would be exposed to the public.
If you are storing any sensitive information of a personal nature. e.g. credit card numbers, social security numbers ect... YOU ARE REQUIRED TO ENCRYPT THIS DATA AND ENSURE IT'S SAFETY. Not only is this our policy, companies like Visa and MasterCard are working to require such security measures by law.
Other Topics in FTP