Computer Systems Lab
Connecting & Supporting the Computer Sciences Department
Web

Web

The CSL supports a number of department web services:

In addition, the CSL can assist with hosting web sites using DoIT web hosting or other solutions, and hosting web applications.

Server information

The computer sciences department uses the Apache web server. Apache documentation is available at http://httpd.apache.org/docs .

Scripts

Scripts are allowed on all department webservers except pages.cs.wisc.edu. We currently support:

  • CGI/perl
  • PHP
  • Python

Send email to lab@cs.wisc.edu if you have any questions about web site scripts and CSL Web Site policies .

Using pages.cs.wisc.edu

pages.cs.wisc.edu hosts users’ ~/public/html directories where persons affiliated with the department can maintain a web presence. Files residing in that directory will be hosted at https://pages.cs.wisc.edu/~<username>/.

~/public/html is created by default for new users with the proper AFS ACLs.

Project Websites on research.cs.wisc.edu

In order to get your project’s website on research.cs.wisc.edu, please email lab@cs.wisc.edu . We can set up the server to any directory inside your project pages. It may also be best to create a separate webserver for your project. We can discuss both of these options.

SSL is available on research.cs.wisc.edu. By default, each project page directory is available both as http and https. If you need these to be separate directories, please email lab@cs.wisc.edu . If you want to force a page to be loaded as https, please read the SSL help below.

Website Statistics for pages.cs.wisc.edu and research.cs.wisc.edu

Users can receive weekly statistics outlining how many times their World Wide Web pages were accessed and what other pages on the web contain links to theirs.

To receive a statistics report, a file called .statinfo should be created in your WWW directory.

  • On Linux systems: ~/public/html/.statinfo
  • On Windows systems: U:\public\html\.statinfo

For projects that have their own aliases in the server’s configuration files, put the .statinfo files in the directory pointed to by the alias. A .statinfo file will also work in internal directories, such as ~/public/html/test/.statinfo.

The .statinfo file should contain a list of email addresses, one per line, to whom the statistics should be mailed. This is similar to a .forward file, except that the address must be valid email address, not a program or file. The statistics will be set to each person on the list every Friday night, shortly after midnight.

HTML and Apache Help

Using Include in multiple HTML documents

You can use the <--#include="file" --> directive in an HTML file to include HTML contents from another file available on the web server. When using such include directives you must make sure the document containing the #include directive must have one of the following traits for the #include directive to be processed:

  • HTML file must end with a .shtml suffix
  • Linux “execute” bit must be set (using chmod +x)
Note: using ~/username constructs in #include directives is expanded to ~username/public/html in the filesystem, much like URLs are translated (as discussed above).

Protecting Web Pages

Warning: The security offered by these measures is minimal. There is no way to prevent other CS users from exploiting the system and gaining access to your protected web pages.

This section explains how to restrict web page access by passwords or IP addresses. If you want to limit access, you probably want to limit AFS access to these files as well. Please also see the AFS Documentation .

Password Protection

Create a file called .htaccess in the directory you want to secure. You can only secure an entire directory, not individual files. With a text editor, add the following:

AuthUserFile /path/to/.htpasswd
AuthGroupFile /path/to/.htgroup
AuthName "Foobar"
AuthType Basic
<Limit GET>
require valid-user
</Limit>

Be sure to substitute the correct paths and a more descriptive AuthName. The text following AuthName will be placed in the password prompt box. This .htaccess file will only let people in the .htpasswd file view the web pages - we’ll make this file in a moment. If you want to limit the pages to certain people in your .htpasswd file you can specify them in the Limit element:

<Limit GET>
require user bbadger
</Limit>

This will let only bbadger view the web pages, even if the .htpasswd file contains other entries. You can also limit the web pages to groups of people by creating a .htgroup file:

my-users: bbadger otheruser anotherperson

This .htgroup file defines the group my-users to contain bbadger, otheruser, and anotherperson. You then change the Limit element in your .htaccess file:

<Limit GET>
require group my-users
</Limit>

Now you create the .htpasswd file. This file contains all valid usernames and their encrypted passwords. Create it with the htpasswd program:

htpasswd -c </path/to/.htpasswd> bbadger

This will create the .htpasswd file with an entry for bbadger. It will also prompt you for a password. If and when you add additional users omit the -c flag since the .htpasswd file has already been created:

htpasswd </path/to/.htpasswd> otheruser

Restricting by IP Address

Create a .htaccess file in the directory you want to secure. You can only secure an entire directory, not individual files. With a text editor, add the following:

<Limit GET>
order deny,allow
deny from all
allow from 128.105.0.0/18 128.105.96.0/19 128.105.128.0/17
</Limit>

This will only allow computers in the Computer Sciences Department to read the web page.

You can also restrict by domain - the following example allows access from anywhere at the UW.

<Limit GET>
order deny,allow
deny from all
allow from .wisc.edu
</Limit>