glFusion Wiki

Site Tools


glfusion:install:pathsetting

Path Settings

glFusion takes security very seriously. Because of our commitment to security, we have designed glFusion so that files that are not directly accessed via the web can be stored outside the web root in the private/ directory. This minimizes the attack surface a hacker can use to attempt to exploit your site.

We understand that not all hosting providers allow you to store files outside the web root, so you can install the private/ files inside your web directory, but you should take a few extra steps to better safeguard those files.

Installing the private/ directory in the public web space

  • Create an inconspicuous directory (i.e. don't name it “glfusion” or “private”) in your root web directory.
  • Place these system files (everything within the private/ directory) in that new directory.
  • Password protect it using an .htaccess file or similar. For help creating an .htaccess file, contact your hosting provider.

If you need assistance in securing this directory, check with your hosting provider first. If they are unable to assist you, feel free to post a call for help in the glFusion support forums.

Also, if your hosting provider has enabled open_basedir restrictions, you may want to consider following the directions above and store the private/ files inside the public web directory.

Settings

glFusion must know where you have installed the private/ directory. This is the directory that contains the db-config.php.dist file. Please enter the full, absolute path to this directory.

The absolute path is the full path on the server (not your site's web address). If you don't know the absolute path, check with your hosting provider to obtain this information.

Generally, the installer can find the path to your public_html/ folder automatically. In the right panel of this screen we display the absolute path to your current public_html/ directory. This might help you determine the correct path to your private/ directory.

Advanced Settings

Normally, you should not need to enter this information, as the glFusion installer will automatically set these paths based on what you enter for the private/ directory. But, if there is a conflict with an existing directory, or you simply want to move the logs, language, backup, or data paths to a non-standard location, enter the absolute path to each of the locations you wish to override the default setting.

Logs Path

This is the location where glFusion will create and store its log files.

Language Path

This is the location where glFusion will look for the core language files.

Backups Path

This is the location where glFusion will create and store database backups.

Data Path

This is the location where glFusion will create its cache files and also create temporary directories for various system functions.

Absolute Path Definition

Also known as the full path, the absolute path is a path that contains the root directory and all other sub directories required to get into the directory you're currently in or wish to get to. Below is a basic example of a generic path and an absolute path.

Absolute path:
/home/users/c/computerhope/public_html/cgi-bin
Non absolute path (relative path):
public_html/cgi-bin

As can be seen from the above example, the absolute path contains the full path instead of a few directories contained within the absolute path.

glfusion/install/pathsetting.txt · Last modified: 2017/04/12 21:11 (external edit)

Page Tools