The remainder of this document describes issues you may encounter when getting started. For more advanced features, go to this page.
Your home directory must be set for world execute access, using a command such as this:
chmod 711 ~
If the permissions on your home directory are not set properly, then the server cannot access your "public_html" page. If you set the permissions correctly, the command
ls -ld ~
Should show something like this:
drwx--x--x 11 jdoe easdue 512 Mar 6 10:11 /eng/home/jdoe
Your "public_html" directory must be world-readable and world-executable so that the web server software can access files in it. To do this, use a command such as this:
chmod 755 public_html
If you did this correctly, permissions should look something like this:
drwxr-xr-x 11 jdoe easdue 512 Apr 25 09:12 /eng/home/jdoe/public_html
Finally, all files under your "public_html directory must be world-readable; typing "ls -l" inside your "public_html" directory should show something like this:
-rw-r--r-- 1 jdoe easdue 11345 Apr 25 09:12 index.html
Please note that we do not allow execution of CGI scripts from personal web pages, for various security reasons. A personal web page is one that has a tilde character in it, eg. "www.nsm.buffalo.edu/UBITName", even if the site is being used for class or research uses. We do allow CGI scripts to be run from departmental, research, and other organizational sites on a request basis; these sites require special access to our web server, which can be set up by sending a request to firstname.lastname@example.org.
Processing of SSI "#exec" directives follow the same rules described above.
If you have a web page that you would like to only be accessible to certain people, or to a certain group of computers, you may do so through the use of a hidden file named ".htaccess". This file can contain a variety of access directives, as explained on this page. There is also a tutorial on using .htaccess files available from the Apache group.
This is the easier form of restricting access. It is a simple matter of putting a ".htaccess" in the top-level directory for which you want to restrict access, and which contains directives such as in this sample file:
Deny from all Allow from 128.205 Allow from .buffalo.edu ErrorDocument 403 /.error/403_forbidden_ubonly.shtml
Note that we have several error message pages that can be displayed if the user gets a 403 (access forbidden) error:
You may click on each of the above to see what they display. Note that the last one is more appropriate for user-based access restrictions, as described below.
This is slightly more complex, as it involves creating two files,but allows access to be restricted based on names and passwords (these do not have to be UBITName login names and passwords; you are free to create your own).
The first file is a ".htaccess" with directives such as in this sample file:
AuthName "My Restricted Page Name" AuthType Basic AuthUserFile /eng/home/jdoe/public_html/secretstuff/.htpasswd Order deny,allow Allow from .eng.buffalo.edu Require valid-user
Note that this file defines where the user/password list is kept, and also puts a restriction on it so that only people within the ".eng.buffalo.edu" domain can see the page (as described above). If you want to potentially allow anyone to see the page, change the "Allow from" line to read "Allow from all".
Next, a file named ".htpasswd" is created using a command like this, and which is run in the same directory as the ".htaccess" file:
htpasswd -c .htpasswd joe
In this example, a password file was created with information for the user "joe". To add other users, run this form of the command:
htpasswd .htpasswd michelle
Note the absence of the "-c" parameter, which would otherwise have caused existing entries to be deleted. This command can be run repeatedly for any other users for which access permission is required.
The staff of SENS can not provide help or consultation with respect to creating personal web pages; this service is being provided only as a courtesy. We will, however, support issues related to the web server itself.
Finally, there are some fine tools on the Internet that can be used to create and maintain web pages.