How in Bitnami (Cloud) Drupal set up a secure private file system path / folder

A Drupal Module (Module: Filedepot) requires us to set up and configure a Private File system path to set up a directory to (safely) store private documents on our EC2 Bitnami Cloud Server. Files that can not be directly accessed by your web server but can be accessed by Drupal.

The private file system should be located outside of the website's public html directory to provide a far more secure file repository since the files can not be accessed directly by a URL and there is no need to use other filesystem security like .htaccess.

We read: "The default way to securely add a private directory for your files is to use a directory that can not be accessed directly by your web server, but can be accessed by Drupal. Ideally this directory should be located outside of your Drupal root folder."

Also: "Ideally this directory should be located outside of your Drupal root folder." "It's not for certain you can choose a directory located outside of your Drupal root folder (or actually outside your web root) if you are on a shared host. If you do have access though, you can choose a private directory which will be on the same level as your web root directory (often called public_html or www or similar)"

Some more explanation on Drupal files can be found at:

Our file route on EC2 Bitnami Drupal looks like: opt/bitnami/apps/drupal/htdocs/sites/ with sub-folders: and

So where on our server should we create this folder - confused as we are with the above and the Bitnami Cloud specifics - which folder/file ownership and folder/file permissions are necessary ?

What if we want to create a secure private folder(s) (1) only for a certain domainname site like / or (2) alternatively for two domainname sites / and / on our Drupal Multi site configuration ?

Or should we create one private folder directory with sub-domains etc ?

Which changes to .htaccess or other files are needed ?

Thanking you in advance for you assistance

P.S. I just came across the following weblink with instructions on private folder creation:

"In Drupal 7 create the "files" and "private" directories, set permissions and ownership:

sudo mkdir -p /var/www/ sudo chown root.www-data /var/www/ sudo chmod 775 /var/www/ sudo chown root.www-data /var/www/ sudo chmod 770 /var/www/

Question remains whether this creates the needed 'secure private folder" and how 'private folders' can be created for separate domainnames in the Drupal Multisite set up ?

If I understand you correctly, you can create a folder out of the htdocs one, for instance, /opt/bitnami/apps/drupal/data_site1 and set it with owner daemon:daemon:

sudo su
cd /opt/bitnami/apps/drupal
mkdir data_site1
chown -R daemon:daemon data_site1

Now, in filedepot, you should be able to use this folder being it private. I am not sure that you can set different folders for each site, it will depend on the configuration of filedepot.

I hope it helps you. Regards.

PS: The path to be set in filedepot will be /opt/bitnami/apps/drupal/data_site1