DocumentRoot

Network administrators are lazy. In building up web servers, they tend to use the default Document Root. In IIS, it is c:\inetpub\wwwroot\ and in Apache, it is /var/www/html. In case a web server is comppromised, hackers can build bogus web sites by following the Document Root to put the source files. This can be properly circumvented if the Document Root of a web server is different from the default settings.