SCS Computing
 Services and Solutions
  links to the SCS and CMU home pages Carnegie Mellon School of Computer Science Carnegie Mellon University
 » How to… 
 » Accounts & passwords 
 » AFS 
 » AV help 
 » Backups & restores 
 » Calendaring 
 » E-mail 
 » Networking 
 » Printing 
 » Purchasing 
 » Resource management 
 » Security 
 » Software licensing 
 » Support charges 
 » Support lifecycle 
 » Web publishing 
 » Mac support 
 » Linux support 
 » Windows PC support 

Web publishing

SCS maintains several web servers that serve the School's official web pages (i.e., provide a web presence for SCS projects, and also serve personal pages for members of the SCS community. Most project and personal pages are served directly out of project and individual AFS space.

Setting up a web site

Projects and individuals can set up their own web sites in AFS that can then be served by our web servers. See the How to section below for details on how to do various web-related tasks.

Privacy & access issues

You should not rely on .htaccess-based protections to restrict access to especially sensitive information (SSNs, credit card numbers, etc), since there are ways around the protections given by .htaccess files. Such sensitive information should not be made available via the SCS web servers in any way.

Files in AFS directories are accessible to SCS web servers if they satisfy both of the following conditions:

  1. Have an ACL setting that makes them accessible to the special AFS group "wwwsrv:http-ftp" or a group such as "system:anyuser" that allows even greater access
  2. Contain an .htaccess file that grants access permission (but see note at beginning of this section)

Dynamic content & CGI scripts

For security and other reasons, we cannot serve project and individual pages that use PHP or most other dynamic content generation methods from our main web servers. We will not install custom CGI scripts on those servers unless the scripts perform a function that is of utility to the School as a whole. The Web servers do support server-side includes for all pages with .shtml and .html extensions, though they do not support SSI execs since they are a large security risk.

Virtual hosting

We can provide virtual web hosting for projects in some cases. See our network use policy for details on virtual hosting.

Running your own web server

Facilitized Hosts (Unix/Linux):

If you need to run your own web server on a Facilitized host, we provide an apache2 software collection that allows one to easily install a web server on Unix/Linux hosts that run a supported Facilitized Operating System. Please see the Apache2 Collection page for further details.

Even if you do not use this collection, please read our documentation on web server configuration issues before setting up your server, since there are some specific issues with running web servers in our environment.

Getting an SSL certificate

To generate a certificate-signing request (CSR) and request a signed certificate, see our instructions for generating a CSR.

How to