"Choosing a Directory to Host Your Site From" by David George.

Although you can almost pick a directory at random to host your site from, most people are unaware of the risks of choosing the same directory that the web server program runs in. But perhaps you would like an explanation?:

Issue 1: Access to config.exe and httpd.exe files which configure and run your site could be accessed quite easily. Not a problem until you think of denial of service attacks on your http daemon. Worse still, the files could be deleted by a hacker, which would easily bring your server to a halt.

Issue 2: Do you really want somebody looking at your log files?. No offense, but frequently sites fail to achieve a large audience, and you can imagine the embarrassment of people finding out about how few visitors you have been getting. It also raises privacy concerns about IP addresses and also more sensitive areas of your site.

When choosing a directory to host your site from, pick an empty directory with a bizzare name: it makes it harder for malicious users to guess!. How about theapplefiles? - Does it not grab your fancy?. Beware.