Department of Computing Imperial College London
Creating personal web pages

These notes explain how DoC staff and students can make their web pages visible from the Departmental server. It refers to commands which should be run on departmental Linux systems.

DoC runs the Apache web server, version 2.2.6.

All pages, and pages linked to, must be in the English language, non-political, legal, and must not bring the Department or the College into disrepute. Your home page must contain a link back to the Department's home page. Please make sure your page conforms to the usual computing regulations.

Editing your web pages from Windows systems

We don't advise editing web pages on Windows, as the line endings will become infected by the Windows convention for line endings (CR+LF). In particular, you must not edit CGI scripts on Windows, as the Windows line endings will confuse the web server and cause the dreaded "Internal Server Error".

If you must edit plain HTML web pages on Windows, proceed as follows:

Once you have a public_html folder you can save files to it from Windows systems with the correct permissions in the following way:

Note the drive letter that the folder is allocated to and always save web pages to this location.

The reason for this is that the user files saved to your home directory via the H: drive is private. Files saved directly to the public_html share are publically readable.

Restricting pages to DoC only using the secure server

If you have web pages which you think should only be seen by people within the Department of Computing, or even just particular groups of users within DoC, this can be done by using the secure web server.

Restricting access to DoC staff and students only

Variation: Restricting pages to within DoC or to DoC users

A convenient variation of the above is to allow users using a computer within the department (DoC IP addresses of the form 146.169.X.Y) straight in without authentication, while anyone using offsite computers will still be prompted for their DoC Linux username and password before they can gain access.


Varation: Restricting access to particular DoC users or groups of users

Pages can also be set to only be accessible to particular users, or to a Unix user group, by putting one or both of the following 'require' lines in .htaccess instead of the above:

	require user user1 user2 user3
	require group groupname1 groupname2

To restrict access to staff only:

	require group doc-staff

Web-specific passwords

Up to now, all the secure authentication has been using DoC usernames and DoC Linux (Kerberos) passwords. Frankly, we recommend this as it makes sense within DoC.

However, you can also protect files with password access with separate, web-specific, passwords that you set yourself. This might be useful to share secure access to a non-DoC person - because of course you should never tell anyone a real DoC password (but you knew that, didn't you?).

To do this, the .htaccess file should contain something like:

	AuthType basic 
	AuthName "Password Protected Area"
	AuthUserFile /homes/your-username/protected/list
	require user username
The AuthUserFile is a list of names and encrypted passwords. It should be stored outside your public_html directory, and be publically readable. To make a password file use the htpasswd program:
	shell1% htpasswd --help
	Usage: htpasswd [-c] passwordfile username
The -c flag creates a new file.

The program will prompt you for the password twice and will add it to the file (or create the file if you use -c).

You can link to the files using both http and https.

There is some more documentation at the Apache web site.

© CSG / Jan 2008 /