Starting with PhotoPrism® Pro Build 1.2603.05, you can place static web content in the storage/web folder and serve it directly from the same public URL as your server or tenant path. This is useful for branded landing pages, welcome screens, help links, lightweight status pages, and other static assets that should live next to your deployment.
How It Works
When a storage/web directory exists, PhotoPrism automatically checks it for matching files before returning the default login redirect or a 404 response:
/servesstorage/web/index.html/about/servesstorage/web/about/index.html/img/logo.svgservesstorage/web/img/logo.svg
This means you can structure your files like a small static website:
storage/
web/
index.html
about/
index.html
css/
site.css
img/
logo.svgIf no index.html exists at the overlay root, requests to the server root continue to open the usual sign-in page instead.
Typical Use Cases
- Show a branded landing page before users sign in
- Provide links to support, legal notices, or onboarding resources
- Publish a tenant-specific start page on a shared Portal domain
- Serve static assets for an external login or registration flow
The overlay is intended for static files only. Dynamic requests, uploads, and API calls continue to be handled by the normal PhotoPrism application routes.
Shared Domains and Portal Routing
The overlay also works when instances are published below a path such as https://portal.example.com/i/acme/. In that case, your instance must use the same public base URL in its site configuration so that generated links, redirects, and browser storage remain isolated to the correct tenant path.
Examples:
- Root landing page:
https://portal.example.com/ - Tenant landing page:
https://portal.example.com/i/acme/
When a tenant path is used, the canonical public URL should include the trailing slash. Requests to /i/acme are redirected to /i/acme/, while deeper paths are forwarded as-is so that file access and WebDAV clients keep working correctly.
Important Behavior
- Static files are served only for
GETandHEADrequests - Paths without a filename extension are resolved to
index.htmlinside the requested folder - Missing root content falls back to the normal login redirect
- Missing files below other paths return the standard
404response - Hidden files, unsafe paths, and common secret or configuration files are never served
In practice, this means you should keep only public web assets in storage/web and continue storing keys, certificates, backups, and configuration files elsewhere under storage.
Recommendations
We recommend the following when using the web overlay in production:
- Keep your public server URL configured correctly, especially when using a reverse proxy or Portal tenant path
- Use HTTPS so landing pages, sign-in flows, and linked assets are delivered securely
- Keep the overlay small and focused on static content
- Use folder-based routes such as
/about/and/help/if you want clean URLs - Review release notes before upgrading shared-domain deployments