Web publishingSCS maintains several web servers that serve the School's official web pages (i.e. http://www.cs.cmu.edu), provide a web presence for SCS projects, and also serve personal pages for members of the SCS community. Most project and personal pages are served directly out of project and individual AFS space. In addition to serving web pages via HTTP, some of these servers also function as the SCS anonymous FTP servers (ftp.cs.cmu.edu).
Setting up a web siteProjects and individuals can set up their own web sites and anonymous FTP areas in AFS that can then be served by our web/FTP servers. See the How to section below for details on how to do various web/FTP-related tasks.
Privacy & access issues
You should not rely on .htaccess-based protections to restrict access to especially sensitive information (SSNs, credit card numbers, etc), since there are ways around the protections given by .htaccess files. Such sensitive information should not be made available via the SCS web servers in any way.
Files in AFS directories are accessible to SCS web/FTP servers if they satisfy both of the following conditions:
- Have an ACL setting that makes them accessible to the special AFS group "wwwsrv:http-ftp" or a group such as "system:anyuser" that allows even greater access
- Contain an .htaccess file that grants access permission (but see note at beginning of this section)
Dynamic content & CGI scriptsFor security and other reasons, we cannot serve project and individual pages that use PHP or most other dynamic content generation methods from our main web servers. We will not install custom CGI scripts on those servers unless the scripts perform a function that is of utility to the School as a whole. The Web servers do support server-side includes for all pages with .shtml and .html extensions, though they do not support SSI execs since they are a large security risk.
Virtual hostingWe can provide virtual web hosting for projects in some cases. See our network use policy for details on virtual hosting.
Running your own web serverFacilitized Hosts (Unix/Linux):
If you need to run your own web server on a Facilitized host, we provide an apache2 software collection that allows one to easily install a web server on Unix/Linux hosts that run a supported Facilitized Operating System. Please see the Apache2 Collection page for further details.
Even if you do not use this collection, please read our documentation on web server configuration issues before setting up your server, since there are some specific issues with running web servers in our environment.
Getting an SSL certificateTo generate a certificate-signing request (CSR) and request a signed certificate, see our instructions for generating a CSR.
- Set up a personal web page in AFS [introduction]
- Use .htaccess files
- Restrict FTP and AFS access to web pages
- Password protect web pages using Apache basic authentication
- Password protect web pages using Shibboleth
- Generate a certificate-signing request (CSR) and get a web server certificate
- Password-protect web pages using WebISO
- Set up your own web server using the SCS apache2 collection
- Set up your own web server using the SCS httpd collection [deprecated]
- Set up your own web server using the wwwsrv collection [deprecated]
- Make files available via anonymous FTP