I'd like to run a web server to experiment with. I'm going to to use Mongoose because it looks lightweight and simple enough to understand everything that it is doing.
I have a Debian box to run it on.
My questions are
Is it advisable to run a web server as root? If not, why not? (How can a non-privileged accounts listen on ports 80,443?)
Is there a standard directory to put the "site root" to be served? Does it matter where this is as far as security considerations go?