Restricting Access to ITS Web server pages
It is possible to restrict access to a directory and all files and directories below it. They can be restricted to access from a particular Internet domain (such as mun.ca). They can also be restricted by password for particular users or groups of users, which you define. Note that the files must be under /info/www/docs, with a URL under www.mun.ca.
Setup is not trivial, so please only request this if you really need it. You will need to be certain you know what you are doing with respect to UNIX file permissions, and you will need to know exactly which accounts will need read or write permission on the directory and the files in it. Here is the technical step by step:
- Find the URL and path name of your site. Assuming you where assigned a short name of xyz, your URL would be http://www.mun.ca/xyz/ and your file system path to the page would be /info/www/docs/xyz/
- Find the system username and groupname that have directory ownership. Typically this is the requested username and groupname from your web hosting access request. To find out the username and groupname of a file type :
ls -al /info/www/docs | grep 'xyx'
at the 'plato >' prompt. You should see the following output:
drwxrwxr-x 24 xyzuser xyzgroup 1024 May 23 15:49 xyz
where xyzuser and xyzgroup are your username and groupname respectively.
- Make sure access permissions are correct. All directories and files associated with your web page must be generally readable, and directories must be generally searchable. The easiest way to ensure this is to go to your web directory (/info/www/docs/xyz as an example) and type:
chmod -R a+rX
If a number of people are maintaining these files using a special-purpose UNIX group, this may generate errors for the files you don't own. You will also want to be sure that your files and directories are writable by the group. In this case it is best to deal with the files on a one-one basis using the chmod command. Type man chmod at the UNIX prompt for detailed information, but in general you will want to use chmod g+w,a+rX on your files and directories.
Once you've done all that, you'll need to send the URL , pathname, username, and groupname to the Technical Support Group along with your request for restricting access to the directory. Then read up on HT Password security mechanism that you'll be using to control your user accounts, groups, and passwords.