Computer Systems Lab
Connecting & Supporting the Computer Sciences Department


The CSL supports a number of department web services:

Server information

The computer sciences department uses the Apache web server. Apache documentation is available at .


Scripts are allowed on all department webservers except We currently support:

  • CGI/perl
  • PHP
  • Python

Send email to if you have any questions about web site scripts and CSL Web Site policies .

Using hosts users’ ~/public/html directories where persons affiliated with the department can maintain a web presence. Files residing in that directory will be hosted at<username>/.

~/public/html is created by default for new users with the proper AFS ACLs.

Project Websites on

In order to get your project’s website on, please email . We can set up the server to any directory inside your project pages. It may also be best to create a separate webserver for your project. We can discuss both of these options.

SSL is available on By default, each project page directory is available both as http and https. If you need these to be separate directories, please email . If you want to force a page to be loaded as https, please read the SSL help below.

CSL Environment Web Hosting

If you need the webserver to write to files inside your home directory (ex: wiki, blog, feedback form), you need to request your own Web Hosting Site. Please email so that we can initialize your directory, create the DNS address, and load up the webserver. These sites are hosted separately and run as different users to reduce possible security hazards involved with allowing write access to AFS.

Location and ACLs

Your website URL will be based completely on your user name. The website name is http://<username> For example:


The location of the files is very similar to your existing website area. Files need to be placed in ~/public/html-www instead of ~/public/html. The webserver will run all webpages as your Linux user and the AFS user <username>.www.

For example, the minimum ACLs you need on your html-www directory for the webserver to be able to read it are:

% fs la ~bbadger/public/html-www
Access list for /u/b/b/bbadger/public/html-www is
Normal rights:
  system:administrators rlidwka
  bbadger rlidwka
  bbadger.www rl

Note: In order for the webserver to write to a directory, you must add <username>.www write ACLs.

Please also see the AFS Documentation for help regarding AFS ACLs.

General Environment

The CSL Environment Web Hosting is otherwise set up exactly the same as It has the same modules (including php and perl) with the same default config. You will be able to use .htaccess files and connect to postgresql through kerberos.

Redirecting pages

If you install an .htaccess that redirects all traffic, you must create an exception for /status. All webservers in the department require that http://<hostname> returns necessary monitoring information. If you create a RewriteRule, you must make sure that the following line is present below the RewriteEngine On and above the RewriteRule definition:

RewriteCond %{REQUEST_URI} !^/status


SSL (https) is also available as a self-signed certificate. The source directory for https://<username> is the same directory as the http site (~/public/html-www). If you want to force users to the https site, you can put the following data into an .htaccess file:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/status
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Website Statistics for and

Users can receive weekly statistics outlining how many times their World Wide Web pages were accessed and what other pages on the web contain links to theirs.

To receive a statistics report, a file called .statinfo should be created in your WWW directory.

  • On Linux systems: ~/public/html/.statinfo
  • On Windows systems: U:\public\html\.statinfo

For projects that have their own aliases in the server’s configuration files, put the .statinfo files in the directory pointed to by the alias. A .statinfo file will also work in internal directories, such as ~/public/html/test/.statinfo.

The .statinfo file should contain a list of email addresses, one per line, to whom the statistics should be mailed. This is similar to a .forward file, except that the address must be valid email address, not a program or file. The statistics will be set to each person on the list every Friday night, shortly after midnight.

HTML and Apache Help

Using Include in multiple HTML documents

You can use the <--#include="file" --> directive in an HTML file to include HTML contents from another file available on the web server. When using such include directives you must make sure the document containing the #include directive must have one of the following traits for the #include directive to be processed:

  • HTML file must end with a .shtml suffix
  • Linux “execute” bit must be set (using chmod +x)
Note: using ~/username constructs in #include directives is expanded to ~username/public/html in the filesystem, much like URLs are translated (as discussed above).

Protecting Web Pages

Warning: The security offered by these measures is minimal. There is no way to prevent other CS users from exploiting the system and gaining access to your protected web pages.

This section explains how to restrict web page access by passwords or IP addresses. If you want to limit access, you probably want to limit AFS access to these files as well. Please also see the AFS Documentation .

Password Protection

Create a file called .htaccess in the directory you want to secure. You can only secure an entire directory, not individual files. With a text editor, add the following:

AuthUserFile /path/to/.htpasswd
AuthGroupFile /path/to/.htgroup
AuthName "Foobar"
AuthType Basic
<Limit GET>
require valid-user

Be sure to substitute the correct paths and a more descriptive AuthName. The text following AuthName will be placed in the password prompt box. This .htaccess file will only let people in the .htpasswd file view the web pages - we’ll make this file in a moment. If you want to limit the pages to certain people in your .htpasswd file you can specify them in the Limit element:

<Limit GET>
require user bbadger

This will let only bbadger view the web pages, even if the .htpasswd file contains other entries. You can also limit the web pages to groups of people by creating a .htgroup file:

my-users: bbadger otheruser anotherperson

This .htgroup file defines the group my-users to contain bbadger, otheruser, and anotherperson. You then change the Limit element in your .htaccess file:

<Limit GET>
require group my-users

Now you create the .htpasswd file. This file contains all valid usernames and their encrypted passwords. Create it with the htpasswd program:

htpasswd -c </path/to/.htpasswd> bbadger

This will create the .htpasswd file with an entry for bbadger. It will also prompt you for a password. If and when you add additional users omit the -c flag since the .htpasswd file has already been created:

htpasswd </path/to/.htpasswd> otheruser

Restricting by IP Address

Create a .htaccess file in the directory you want to secure. You can only secure an entire directory, not individual files. With a text editor, add the following:

<Limit GET>
order deny,allow
deny from all
allow from

This will only allow computers in the Computer Sciences Department to read the web page.

You can also restrict by domain - the following example allows access from anywhere at the UW.

<Limit GET>
order deny,allow
deny from all
allow from