What services does NBCS offer to departmental web developers?
- Web Servers (with SSL) / Virtual Hosts
- Password Validation
- CGI via PHP
- Searching
- Support/Development Services
Web Servers (with SSL) / Virtual Hosts
If you are running a webpage for a department, you have the option
of hosting your site on RCI. This approach has advantages:
you are not responsible for running your own webserver and
you have access to support from NBCS staff. The RCI web server also
has the SSL module so that your web-based transactions can be secure.
For information on using SSL with RCI, see
the SSL document.
Web developers who want to host their site on RCI should get a
departmental account, which can be made accessible by anyone who
is responsible for the department's site. You can also get a
virtual host name so that your department's site has a
URL that is easy to remember.
Additional software and support services are available from MSSG.
For more information see:
http://mssg.rutgers.edu/
Password Validation
Access to the content of departmental websites can be limited
through standard facilities of the Apache webserver.
You can combine the following options to restrict access
in a way that suits your needs:
- Restrict access to a list of IP's (e.g. only those within the
Rutgers network)
- Restrict access to those who have rci, eden, clam, crab,
andromeda, or pegasus accounts.
- Restrict access to a set of people who share a common password.
All of the above can be accomplished by using an .htaccess file,
which is a text file containing directives for the Apache
webserver to follow. The directives apply to all of the documents
in the directory (and its subdirectories) where the .htaccess
file is located. To get an idea of how a .htaccess file works, see the
FAQ on General use of .htacess, which explains how to
implement 3 from above.
To implement 2 from above see
this.
To see an example of combining the above examples see
this .htaccess file, which only allows
hosts from within the Rutgers network to access data, and prompts
hosts from outside the Rutgers network for their rci, ici, clam, crab,
andromeda, or pegasus account username and password.
For more information, see this
.htaccess tutorial, or search for "htaccess tutorial" on the Web.
Note:
Dec 2004 changes to htaccess.
CGI via PHP
CGI (Common Gateway Interface) is a set of standards (not a language)
for allowing a program to be executed over the web. Allowing anyone
on the internet to execute a program on your system is not always a
safe thing to do. Unless a CGI programmer is experienced, he/she
might unintentionally open security holes which could allow someone
to trick the system into executing commands or giving out sensitive
information. For more information on CGI security problems see the
W3 CGI FAQ.
There are a variety of languages available for implementing CGI
(Perl, C, any shell script, etc.), but NBCS encourages the use of
PHP, a server-side, HTML embedded scripting language.
We feel confident of its safety, and it has been installed
on RCI and Eden, where it can be run by all of our users.
To learn more about PHP, please
see
http://www.php.net/.
Before PHP was installed, RCI users (and not Eden users) only had
access to a few
pre-written scripts that implemented online forms, and nobody was
able to write their own CGI programs for security reasons.
With PHP the user is free to implement whatever CGI needs they have.
They are not just limited to forms which email results or write to a text
file. PHP
can be used to
automate giving your pages a standard look
and
also contains built-in functions for integration with MySQL.
MySQL
is an open source database that can be queried over the web via
PHP. If you have a large set of data that you want to share over the
web, or if you want to use the web to collect/store data that users input,
you should take advantage of PHP/MySQL.
For general information using MySQL on NBCS systems, see the appropriate
entries in the
NBCS FAQ Database.
Searching
Rutgers maintains a central web index. The software allows you to put a
search box on your web page, covering just your own pages or your
department's pages. For more information see
http://search.rutgers.edu/using_google_search.html
Support/Development Services
Affiliates of the University should send mail to
webmaster@nbcs.rutgers.edu for general Web support.
Additional support/development for web applications
is available from an in-house auxiliary team of developers.
For information see:
http://mssg.rutgers.edu/services/.
