`On 28-jun-09, at 02:25, Stefan de Konink wrote: > Michiel van Es wrote: > >> - I have for example a webroot : /var/www/*website*/docroot which >> is a >> php application (wordpress) but I also got a PHP application >> outside the >> documentroot: /var/www/*website*/torrentflux/html . >> I can create this torrenflux directory with FCGI php app settings and >> can open it at http://*website*/torrentflux/html/index.php but not as >> http://*website*/torrentflux/html - I have to specify the index.php >> it >> seems it doesn't use the Directory Index option. >> How can I fix this? > > Move the php rule up, as non-final.
You have to be use you are a regular "Extension PHP" rule on the top of the list marked as non-final. If there isn't one, there's a Wizard that will add it for you. Then, you'll have to add a new rule with the document root. "Directory /torrentflux" should define the special local path, and it should be set to use the "List & Send" handler (so it takes directory indexes into account). Finally, check that the 'directory index' includes index.php. Remember that the property is defined on each virtual server. >> - How secure is cherokee in regards to nginx, lighttpd and apache? > > I think you should never trust an audit of the creators of a > product :) > They will always say it is better ;) Google helps to clarity things at this regard. Check this out: http://webapp.iss.net/Search.do?searchType=keywd&keyword=Cherokee The last security issue was found in Cherokee 0.5.4, which was release in July 2006. That makes 3 whole years without a single tiny security problem. (I cross my fingers we continue like this much longer..) >> - If I want to run cherokee chrooted, what are the requirements for >> the >> chroot folder (for example /var/www) besided the permissions on the >> folder? > > As far as I know there is an internal chroot function for the > documentroot, or are you talking about running cherokee itself > within a > chroot? The server can chroot itself. There is an option in the server configuration that you can set from cherokee-admin. However, that's something I wouldn't recommend you, actually. If you use fairly complex software like TorrentFlux, a chroot'ed version of the server would require a hell of an installation. Keep in mind that you'd have to copy a whole lot of binaries and libraries to the chroot in order to that software to run. -- Octality http://www.octality.com/ _______________________________________________ Cherokee mailing list [email protected] http://lists.octality.com/listinfo/cherokee
