The CSL supports a number of department web services:
- http://www.cs.wisc.edu : Serves department and project web spaces
:Computer Sciences Department personal web pages. Serves personal web pages located in each user’s
- Customized web hosting site available on request. Send email to firstname.lastname@example.org to initiate your request.
- https://csl.cs.wisc.edu : The CSL’s home page and self-service site
- https://www-auth.cs.wisc.edu : CS Department Authenticated Services - Room reservations, Web Forms and List Archives
In addition, the CSL can assist with hosting web sites using DoIT web hosting or other solutions, and hosting web applications.
The computer sciences department uses the Apache web server. Apache documentation is available at http://httpd.apache.org/docs .
Scripts are allowed on all department webservers except pages.cs.wisc.edu. We currently support:
Send email to email@example.com if you have any questions about web site scripts and CSL Web Site policies .
~/public/html directories where persons affiliated with the department can maintain a web presence. Files residing in that directory will be hosted at
~/public/html is created by default for new users with the proper AFS ACLs.
Project Websites on research.cs.wisc.edu
In order to get your project’s website on
research.cs.wisc.edu, please email
. We can set up the server to any directory inside your project pages. It may also be best to create a separate webserver for your project. We can discuss both of these options.
SSL is available on
research.cs.wisc.edu. By default, each project page directory is available both as
https. If you need these to be separate directories, please email
. If you want to force a page to be loaded as https, please read the SSL help below.
Website Statistics for pages.cs.wisc.edu and research.cs.wisc.edu
Users can receive weekly statistics outlining how many times their World Wide Web pages were accessed and what other pages on the web contain links to theirs.
To receive a statistics report, a file called
.statinfo should be created in your WWW directory.
- On Linux systems:
- On Windows systems:
For projects that have their own aliases in the server’s configuration files, put the
.statinfo files in the directory pointed to by the alias. A
.statinfo file will also work in internal directories, such as
.statinfo file should contain a list of email addresses, one per line, to whom the statistics should be mailed. This is similar to a
.forward file, except that the address must be valid email address, not a program or file. The statistics will be set to each person on the list every Friday night, shortly after midnight.
HTML and Apache Help
Using Include in multiple HTML documents
You can use the
<--#include="file" --> directive in an HTML file to include HTML contents from another file available on the web server. When using such include directives you must make sure the document containing the
#include directive must have one of the following traits for the
#include directive to be processed:
- HTML file must end with a .shtml suffix
- Linux “execute” bit must be set (using
#includedirectives is expanded to
~username/public/htmlin the filesystem, much like URLs are translated (as discussed above).
Protecting Web Pages
Warning: The security offered by these measures is minimal. There is no way to prevent other CS users from exploiting the system and gaining access to your protected web pages.
This section explains how to restrict web page access by passwords or IP addresses. If you want to limit access, you probably want to limit AFS access to these files as well. Please also see the AFS Documentation .
Create a file called
.htaccess in the directory you want to secure. You can only secure an entire directory, not individual files. With a text editor, add the following:
AuthUserFile /path/to/.htpasswd AuthGroupFile /path/to/.htgroup AuthName "Foobar" AuthType Basic <Limit GET> require valid-user </Limit>
Be sure to substitute the correct paths and a more descriptive
AuthName. The text following
AuthName will be placed in the password prompt box. This
.htaccess file will only let people in the
.htpasswd file view the web pages - we’ll make this file in a moment. If you want to limit the pages to certain people in your
.htpasswd file you can specify them in the
<Limit GET> require user bbadger </Limit>
This will let only bbadger view the web pages, even if the
.htpasswd file contains other entries. You can also limit the web pages to groups of people by creating a
my-users: bbadger otheruser anotherperson
.htgroup file defines the group
my-users to contain
anotherperson. You then change the
Limit element in your
<Limit GET> require group my-users </Limit>
Now you create the
.htpasswd file. This file contains all valid usernames and their encrypted passwords. Create it with the
htpasswd -c </path/to/.htpasswd> bbadger
This will create the
.htpasswd file with an entry for
bbadger. It will also prompt you for a password. If and when you add additional users omit the
-c flag since the
.htpasswd file has already been created:
htpasswd </path/to/.htpasswd> otheruser
Restricting by IP Address
.htaccess file in the directory you want to secure. You can only secure an entire directory, not individual files. With a text editor, add the following:
<Limit GET> order deny,allow deny from all allow from 18.104.22.168/18 22.214.171.124/19 126.96.36.199/17 </Limit>
This will only allow computers in the Computer Sciences Department to read the web page.
You can also restrict by domain - the following example allows access from anywhere at the UW.
<Limit GET> order deny,allow deny from all allow from .wisc.edu </Limit>