Stanford University School of Earth Science
 
Home
News
New Users
Policies
Email
Web Hosting
   Personal Setup
   Email Form
   Other Resources
Get Help
Net Connections
Macintosh
Windows PC
Unix/Linux System
Pangea Server
School Resources
Using Unix

Controlling access to web directories on pangea

Last revision July 20, 2004

Table of Contents:

  1. General style considerations for web pages
  2. Options for creating pages in HTML
  3. Graphics considerations
  4. Controlling access to web directories on pangea
  5. Using include files and templates on pangea
  6. Uniform Resource Locator (URL) syntax
 

The Apache web server that runs on pangea includes many features for customizing operation and controlling access to pages. On pangea, we have configured Apache to check each web directory that it serves for a "directives" file named .htaccess (the leading period (.) is part of the name). You are allowed to use certain directives in this file, as listed below, to control who can access the files contained within your personal or group directory. These restrictions that you specify apply to all files in the directory, so you may want to just apply restrictions to a sub-directory, which you must create.

You have four choices for the type of access restriction you can make:

  1. Limit access by computer: only let the viewer see the pages if he is using a computer that has a certain IP address or is part of a certain IP domain (for example, the "stanford.edu" domain).
  2. Limit access by password: require the viewer to provide a user name and password before he can see the pages.
  3. Limit access by computer and password: require the viewer to provide a user name and password and be using a computer with a certain IP address or domain.
  4. Limit access by computer or password: require the viewer to provide a user name and password or be using a computer with a certain IP address or domain.

In each case, you must create a .htaccess file in the directory that is being restricted. You can use your favorite text editor on pangea, such as pico or vi to make the file. Or you can make the file on your PC or Mac, saving it as Text Only with Line Breaks, and loading it up to pangea. A simple editor such as Notepad on Windows PCs or SimpleText on Macintosh works best if you want to make the file on your PC. The contents of the file will differ, depending upon which of the four access restrictions you want.

WARNING: the access control methods described here apply only to web browser access to the restricted files. Anyone with a login account on the web server (for example, anyone with an account on pangea) can still use normal Unix programs to look at the restricted files, because you must still set Unix file permissions on your directory and files to allow "world" read access. If you try to use the Unix chmod program to turn off world read access, to prevent this Unix snooping, then the web server will also not be able to see these files, and it will not be able to serve them to anyone. These access methods are useful for preventing any random person from examining a set of web pages using his browser, but it does not make them perfectly private.

 


Comments?

Stanford University    |