Web Server FAQ

Last Reviewed 2023-03-03

 

Who is responsible for the department's web server?
Computer services maintains the hardware, operating system, and web server software. For problems and questions not answered in this document, please email help@cs.unc.edu or use the contact button on this site. The overall design and content is maintained by the department's publications staff. Please email the publications staff at er@cs.unc.edu about content questions not answered in this document.

 

Why can't I log onto the WWW server?
It is not a good idea to have your main web server used as a general purpose login server. This can cause performance and security related problems for the web server.

 

How do I access the WWW file space?
The web server is configured to access files and documents in two ways: Some document are served from the WordPress content management system. Other documents are stored in AFS. AFS space can be accessed from a Linux machine configured with the AFS client.

 

How do I create my own personal home page?
Please see How to Create a Personal Home Page to set up your own page. You must have a valid Computer Science login account.

 

How can I tell who has been accessing my pages?  Where are the server logs kept?
Please see the Web Server Reports and Statistics.

 

Where can I run CGI or PHP scripts?
CGI scripts, (Common Gateway Interface) and PHP scripts are programs that are accessed via web pages and run on the department's web server. Such programs can have serious security and performance implications. CGI or PHP programs in your personal web pages will not run on the www server. The main reason for running CGI or PHP programs on www is for securing sensitive data that needs to be accessed by CGI/PHP programs and the data is only accessible on the www server. Web pages that need to run CGI programs on www need to be approved by Computer Services. Please email help@cs.unc.edu with a detailed request and information about the CGI scripts you want to implement on the department's web server. Note that you can run CGI scripts on the department's wwwx web server; see the next topic below.

 

What is the wwwx.cs.unc.edu web server?
The wwwx.cs.unc.edu web server allows anyone with an account to run CGI or PHP scripts. The web server uses the same document root as the official www server. The main purpose of this system is to let users run PHP and CGI scripts. The wwwx server runs the same software as the www server. The server has been set up to allow users to run CGI and PHP programs out of their personal web space located under "wwwx.cs.unc.edu/~user_name/. See the CGI Program Information page for more information and how to debug your cgi scripts.

 

NOTE: If you have sensitive data that you need to protect, you should not use wwwx.

 

How do I enable directory listings for one of my directories?
If your web directory contains an index.html, index.htm, or index.shtml page, the server will automatically display those pages.  If you would like instead for a listing of files to show up for a particular directory, then you must create a file called ".htaccess" that contains the option entry "Options +Indexes" in the directory you want to be listed.  Note: any sub-directory under this directory will also have directory listings turned on!  To turn off directory listings in these directories use "Options -Indexes" in the .htaccess file.  Directory listings are turned off at the server level by default for security reasons, so a listing of files will not show up unless you explicitly allow this to happen.

 

How can I redirect a page to wwwx or to a secure server?
There are times when you want to redirect a web page to the wwwx server from the www server.  There are also times when you want to redirect your page to a secure https server if it is being accessed by the non secure http server. 

 

For example, you may want to run an index.php page out of your home directory.  As described in question 6, you can only run PHP on the wwwx server.  You want to advertise your home page as www.cs.unc.edu/~login_name, and you need to redirect to wwwx.cs.unc.edu/~login_name which will allow you to run PHP.  Add the following to the .htaccess file in your public_html directory:

 

<IFDefine !WWWX>
    RedirectMatch (.*)$ http://wwwx.cs.unc.edu$1
</IFDefine>

 

Redirect to https://www.cs.unc.edu:

 

<IFDefine !WWWS>
    RedirectMatch (.*)$ https://www.cs.unc.edu$1
</IFDefine>

 

Redirect to https://wwwx.cs.unc.edu:

 

<IFDefine !WWWXS>
    RedirectMatch (.*)$ https://wwwx.cs.unc.edu$1
</IFDefine>

 

How can I limit access to my web pages?
The Apache web server software provides several methods for limiting access to your web pages: You can limit access by domain names, internet addresses, or passwords. You can also combine these methods.

 

NOTE: If you use passwords, you should use our secure SSL https://www.cs.unc.edu/ server when specifying links to protected pages. This way users' passwords will be encrypted when entering their password information.

 

With each of the methods, the first step is to create a file in the web directory you want protected and call the file ".htaccess".  The web server will process this file if it exists in any directory that is being accessed.  All directories and files under the protected directory will be protected using the directives you specify in your .htaccess file.

 

Important note: To protect your documents so only the www web server can read your files, you need to configure your AFS file permissions appropriately.  Otherwise someone can read your files in the AFS filesystem or write a CGI or PHP program on the wwwx server to read your files.  You must give the special "web-server" AFS group access to your directory with the following afs command:

 

fs setacl your_web_dir web-server rl

 

This gives the special group "web-server" read/list access to your files.  The web-server group is the www.cs.unc.edu web server only.  Make sure you do not give permissions to the special groups "system:anyuser", "system:authuser", "cs-machines" or any other users you do not want to view your files.  Use "fs listacl your_web_dir" to see who has permissions on your directory. 

 

The special "web-server" group allows only the www server, (not the wwwx server), to read your files.  If you wish to give the wwwx server permissions to read or write files use the special afs group "wwwx-server". You can give the wwwx-server afs write permissions to a directory so cgi programs that are executed can write to a particular directory. Note this can be a security issue since others can write cgi scripts to write or delete in your directory. See AFS file security for more info on AFS permissions. Also, if someone in the department is running a web server and pointing to our web document root in AFS, your pages may be accessed via their web server. In that case, web crawlers, like Google, will catalog them from someone else's web server, which could be problematic. Please email help@cs.unc.edu for assistance with AFS permsissions.

 

Limit by user name

The following will limit web pages to all users who have a Computer Science Windows account. Make sure you limit access to the www and optionally the wwwx server as described above. Otherwise, if someone is running a web server and pointing to our web document root in AFS, your pages may be accessed via their web server! In this case, web crawlers, like Google, will catalog them from someone else's web server!

 

<IFDefine !WWWS>
    RedirectMatch (.*)$ https://www.cs.unc.edu$1
</IFDefine>

 

<IFDefine WWWS>
    AuthName 'Computer Science Login:'
    AuthType Kerberos
    require valid-user
</IFDefine>

 

The "<IFDefine !WWWS>" directive will cause your page to be sent over to our secure www https/ssl server so that passwords are encrypted.  The "RedirectMatch" directive will replace the current page being accessed with the same page using the secure server if the page was accessed with our non-secure server.

 

To limit access to only certain users replace the "require valid-user" line with line(s) like

 

require user joe@CS.UNC.EDU
require user mary@CS.UNC.EDU

 

This will limit access to joe and mary. Joe and Mary must have valid Computer Science Windows user ids and passwords!  You must use capital letters for CS.UNC.EDU!

 

Here is what you would put in your .htaccess if you wanted to redirect to our wwwx.cs.unc.edu server and only allow user joe access:

 

<IFDefine !WWWXS>
    RedirectMatch (.*)$ https://wwwx.cs.unc.edu$1
</IFDefine>

 

<IFDefine WWWXS>
    AuthName 'Computer Science Login:'
    AuthType Kerberos
    require user joe@CS.UNC.EDU
</IFDefine>

 

To find out more information about Apache directives (keywords) specified in the .htaccess file, see the Apache online reference manual.

 

How can I redirect my home page to another site?
If you would like to redirect your home page to another web server, create a .htaccess file in your ~user/public_html directory that contains the following entry:

 

RedirectMatch permanent (.*)$ http://www.othersite.edu$1

 

Replace the web server name with the othersite.  Note the "$1" is required.  All content will no be redirected to the other site.

 

Contact Our Team

If you still can't find an answer to what you're looking for, or you have a specific question, open a new ticket and we'd be happy to help!

Contact Us