Question : Configure directory on linux server to block access to public, but allow access from web application.

I am quite new to linux server administration (ubuntu specifically) and am pretty clueless as to how I would set this up. My web application allows users to upload and download documents to a directory through its interface. The application will also write documents to this directory itself.

This seems to work if I place the directory inside my application's directory (a ruby on rails app), but this brings up a number of issues. I'm using subversion, so every time I deploy a new version of the application I'm going to write over everything in this directory. I suppose I could come up with some sort of convoluted add scheme and unnecessarily download everything in this directory with each checkout, but there's got to be a better way.

I'd like to create a directory elsewhere on my server that the application can access for reading and writing, but that is not accessible to the public. I really don't know where to start, so any ideas or references would be greatly appreciated.

Thanks,

Peter

Answer : Configure directory on linux server to block access to public, but allow access from web application.

Another idea would be to do the subversion checkout to your home directory, and then write a deployment script that deploys the web site to the web root, but doesn't over-write the documents directory.  This is pretty common in bigger sites, especially when the same code is checked out for both production and staging - in those cases the deployment script can also set config files with database server addresses, etc.