I have my apache host under /var/www/html and I put few small git deploy scripts into /var/www directory for simplicity. Is www a public folder? Is it safe to store scripts in there? If so, are there any risks? If not, which directory is recommended?
It is Ubuntu 14.04 server.
If you configure your vhosts to use subdirectories within /var/www/html it is just as safe as to store htpasswd files in /var/www - no one using http will be able to read them.
A more common way is to bundle the scripts within a Webapps Folder, as shellscripts usually shouldnt contain sensitive information.
