I just upgraded my server and saw that the default.conf
file in sites-available was now pointing to /var/www/html
instead of /var/www
.
I found the bug report: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730372
The report was filed after this mailing list discussion: https://lists.debian.org/debian-devel/2012/04/msg00301.html
Summary: Site admins usually place sites in /var/www/site.com
and there may be sensitive data in /var/www
that should not be made available via a web server. All web servers on Debian have been updated to use /var/www/html
as default instead of /var/www
.
I edited /etc/apache2/sites-enabled/000-default.conf to fix this (changed the DocumentRoot line).
The reason given for this breaking change is nonsense. Why would a site administrator put sensitive files that aren't supposed to be served to the web in /var/www , of all places? I'm just a developer and I know what that directory does.
If an administrator is lazy or incompetent enough to put sensitive files in /var/www, nothing will stop them from putting those files in /var/www/html now. And since when does Linux break backward compatibility in a useless attempt to prevent administrators from doing really dumb things?
I went with the don't fight the power philosophy and just moved all my files from the /var/www to the /var/www/html folder. It all worked fine including the mySQL services. Also keep in mind web hosting services will probably force you to use the html directory.