Currently directories in the website, like html/assets/media, contain assets that are used both by the website itself (loading animation, banners for various parts of site, the favicon?, etc...) and by the content on the website (uploaded images used in blog posts and such). This makes it hard to know which assets are referenced by the codebase, as opposed to being referenced by the database. Perhaps even more importantly, it makes it difficult to apply different security measures to the different types of assets (ex: it'd be nice if the static assets were read-only for the apache user).
Related to issue #4: Replace hard-coded image asset paths with configuration that's accessed through method calls.
Currently directories in the website, like
html/assets/media, contain assets that are used both by the website itself (loading animation, banners for various parts of site, the favicon?, etc...) and by the content on the website (uploaded images used in blog posts and such). This makes it hard to know which assets are referenced by the codebase, as opposed to being referenced by the database. Perhaps even more importantly, it makes it difficult to apply different security measures to the different types of assets (ex: it'd be nice if the static assets were read-only for theapacheuser).Related to issue #4:
Replace hard-coded image asset paths with configuration that's accessed through method calls.