Any views expressed within media held on this service are those of the contributors, should not be taken as approved or endorsed by the University, and do not necessarily reflect the views of the University in respect of any particular issue.

Computing Systems

Computing Systems

Informatics Computing Staff jottings

Another web server (with a bit more security)

The web-page hosting services homepages.inf and groups.inf have been complemented by a new service, sweb.inf, which allows users to publish AFS-based web pages that have a greater degree of protection than the mechanism currently employed on existing services.

The new server, sweb.inf, uses AFS space that is accessible from anywhere (as normal) and is editable by the user (also as normal), but when accessed via the web using Apache it is constrained to a separate, user-specific ID, of the form “sweb.<user>” (not the generic <apache> ID as is normal on our other web servers). The resulting filespace should benefit from the resilience and availability of AFS, and be better-protected from any server-side issues (such as another user’s mis-configured script).

The URL of this more-secure web server is https://sweb.inf.ed.ac.uk, and user pages sit below the user ID at that site, so that the “test.html” page of user “fred” would be “https://sweb.inf.ed.ac.uk/~fred/test.html”.

The corresponding filespace is within the AFS file-structure, and accessible in the “web” sub-directory below the user directory in /afs/inf.ed.ac.uk/web/securepages (thus the path corresponding to the example URL above would be /afs/inf.ed.ac.uk/web/securepages/fred/web/test.html).

For related files that are not intended to be web-visible (README and other house-keeping files, intermediate or temporary files
used by scripts and suchlike) there is a data directory (for example, /afs/inf.ed.ac.uk/web/securepages/fred/data), which is a sibling of the web directory. These “data” files are only accessible via the filesystem, not via the web.

Files within the /afs/inf.ed.ac.uk/web/securepages structure need specific permissions if the mechanism is to work correctly. This allows web access as the restricted user-specific ID (such as “sweb.fred”, for example), but full access via the filesystem as user “fred”.

More information can be found on the relevant computing.help web page, http://computing.help.inf.ed.ac.uk/using-secure-afs-web-server.

To make use of this service, a request should be made via the Support Form.

Another web server (with a bit more security) / Computing Systems by is licensed under a

Posted by

Categories

Uncategorized

Tags

No tags have been added to this post.

Previous post

Next post

Leave a reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Another web server (with a bit more security) / Computing Systems by is licensed under a
css.php

Report this page

To report inappropriate content on this page, please use the form below. Upon receiving your report, we will be in touch as per the Take Down Policy of the service.

Please note that personal data collected through this form is used and stored for the purposes of processing this report and communication with you.

If you are unable to report a concern about content via this form please contact the Service Owner.

Please enter an email address you wish to be contacted on. Please describe the unacceptable content in sufficient detail to allow us to locate it, and why you consider it to be unacceptable.
By submitting this report, you accept that it is accurate and that fraudulent or nuisance complaints may result in action by the University.

  Cancel