Printer Friendly

Please note:   These advanced features are for people who have some experience with writing HTML code (raw html using an editor), writing programs or scripts, and controlling file access with Unix.  Use these features with care and be aware of the potential security implications that arise from their use (and misuse).

If you are not careful, you run the risk of your account being erased or accessed by unauthorized users.

The information contained on this page discusses:

• CGI programs
• Access Control/Authentication
• Handlers
• Java
• Links to sites with additional HTML/CGI/Form/Security information
• PHP/MySQL
• Permissions

CGI programs - CGI (Common Gateway Interface) programs outside of the system-wide cgi-bin directory are no longer supported as of March 14, 2008. PHP is the supported method for scripting/programming for individual web sites.

Access Control/Authentication - you can restrict access to your public_html directory, or any directory under public_html, based on numerous criteria:

hostname/ip number - you can restrict access to your web page based on the ip number or hostname of the computer a person is using to browse your site, by creating an  ".htaccess" file in your web area.  For example:

.htaccess:

<Limit GET> 
order deny,allow
deny from all
allow from 128.6.99.99
</Limit>

Another example:

.htaccess:

<Limit GET> 
order deny,allow
deny from all
allow from .rutgers.edu
</Limit>

username/password authentication - UPDATED: MARCH 14, 2008
Access controls via the Radius module for Apache are undergoing some changes starting March 14, 2008. If your site already uses this form of authentication, OIT-Camden staff will be converting your .htaccess file for you.

If you would like to restrict access to your site to individuals with a valid Rutgers NetID, please contact the OIT-Camden Help Desk at help@camden.rutgers.edu.

Handlers - handlers help the web server send and/or process data contained in different types of files.  The following handlers are enabled on our web servers, and by using the appropriate extension, the web server will be able to identify which handler should be used.

filename.cgi          a cgi program
filename.shmtl      a server side include file
filename.map        an  image map file
filename.asis        an asis file
 

Java -  Java is supported by our web servers as a client-side tool.  This means that Java code can not be run by the server itself, but it can be transmitted via the server to the browser.  You can make your web pages interact with the person viewing them by writing programs in Java called applets.   We have Java and the Java Development Toolkit (JDK) available on our systems.  For more information on using Java, see:

http://www.camden.rutgers.edu/HELP/Documentation/Java/index.html
 

Links to site with additional HTML/CGI/Form/Security information

How to write HTML code (web programming)...

   http://www.ncsa.uiuc.edu/General/Internet/WWW/HTMLPrimer.html

   http://www.cc.ukans.edu/~acs/docs/other/HTML_quick.shtml
 

How to write CGI programs and forms...

   http://www.cc.ukans.edu/~acs/docs/other/forms-intro.shtml

   http://www.cgi-resources.com/
 

Security issues...

   http://cgi.resourceindex.com/Documentation/Security/

   http://www.w3.org/Security/Faq/wwwsf4.html#Q31

   http://www.csclub.uwaterloo.ca/u/mlvanbie/cgisec/
 

I would also recommend books on C, CGI, Perl, and other types of web programming and web server topics that are published by Oreilly and Associates.  See  http://www.ora.com
 

PHP/MySQL - UPDATED: March 14, 2008
As of March 14, 2008 - some shad sites will be operating under PHP 5 and MySQL 5.
PHP (The Hypertext Preprocessor) is a server-side, cross-platform, HTML embedded scripting language used to build dynamic web pages.  It combines the power of Perl and C with the embedded nature of JavaScript.  PHP can access databases, generate image files, and do much much more. We strongly encourage anyone interested in running web-based applications out of their server account to learn and use PHP.  Camden Computing Services supports PHP 4.2.x on clam, crab, and shad. For more information on PHP programming see:

   http://www.php.net/manual/

MySQL is a free relational database management system that utilizes Structured Query Language - a common standardized language - to access databases. Anyone with a clam, crab, or shad account can request a database on one of those systems by emailing help@camden.rutgers.edu and requesting database for their account. Camden's servers are currently using version 3.23.x of MySQL. For more information on MySQL see:

   http://camden-www.rutgers.edu/HELP/Internet/mysql/manual.html
 
 

Permissions - For web pages to be readable to the public, all of the files and folders must have the correct permissions. This can be adjusted by logging in directly to the web servers via ssh, and using the "chmod" command. This can be more easily done via an available web tool. Faculty/Staff can go to:

   http://crab.rutgers.edu/account_tools.html    

and students can go to:

   http://clam.rutgers.edu/account_tools.html
 
 

and then click on the link "Web Directory Permissions". This will allow you to make sure your permissions on all of your files in your web area are set to readable.

If your permissions are not set correctly, the system will automatically attempt to fix them so that your files are readable. There is a system script that runs several times a day to handle this. If for some reason you dont want this script making changes to the permissions of your files/folders in your web area, then simply sign on to your account and create the following file in your home directory: .dont-update-web-permissions (there is a leading period) This file can be created easily by running the following command at the unix prompt:

   touch .dont-update-web-permissions

When this file exists in your home directory, the script will not check the permissions on your web area and will leave them as is.