Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updated Review Date

...

Scope

...


Excerpt

This policy

...

lists the services that are available to websites and policies specific to each service. Service availability is dependent on the website categories as defined in the Website Hosting Policy.

 


Summary

In the past, Geneseo supported web pages exclusively via personal web accounts on the campus's production web server.    The pages in those spaces were accessed via "~" URLS (e.g. http://www.geneseo.edu/~athletics, http://www.geneseo.edu/~bsmith) or via Virtual URLs which were mapped to the tilde URLs (e.g. http://athletics.geneseo.edu).   Files . Web files of various types (e.g. HTML, CSS, JS, PHP) were maintained manually via tools such as DreamWeaver and FTP.    The files were stored within a file space (i.e. public_html folder) associated with an account.  

These type of personal web page accounts have been used by students, faculty, staff, departments, and organizations to create their web pages.

New tools and technologies such as Web Content Management Systems and WIKIs (e.g. Drupal) and Wikis have become available to support the development of web pages in a more secure and efficient manner.   Personal web spaces are no longer the recommended alternative for the campus.  We will continue to support personal web spaces Geneseo's technology direction for websites is moving away from the use of personal Apache personal websites in favor of these alternative services.   We are currently supporting personal Apache websites for existing accounts and for exceptions where warranted.

This policy provides:

...

It is our campus goal to eliminate the use of most personal Apache websites by the start of the Fall 2012 semester.

Policy

...

Geneseo Website Services:

The following list provides recommended web content solutions:services are available to the campus community for creating websites. Restrictions are listed with each service.

...

 Personal Web Page Policies:

...

    • Available to all departments, organizations, faculty, staff, and students.
    • Wiki Spaces can be requested for organizations and groups.
    • Individuals can have their own personal wiki space.
  • Google Sites are available to any organization or individual.
  • Geneseo-hosted WordPress sites may be used for:
    • Academic department or professional office blogs
    • Faculty or staff blogs (provided they relate to their position at the College or area of expertise)
    • Academic course blogs
    • Research project websites
    • Professional websites for faculty or staff (for information beyond what is on their faculty page on the Geneseo website, not to replace it)
    • Website for a recognized student organization
  • Personal Apache sites will no longer be provided unless warranted by an exception that strongly supports the college's mission.
    • Existing personal sites will be supported at this time.  We strongly encourage people to transition their web pages to the new solutions

...

    • .
    • Sites that are granted an exception must have a compelling case to demonstrate the need based on college mission and inadequacy of alternative hosting solutions to support their purpose.
    • Anchor
      accountrequest
      accountrequest
      Requests for Personal Apache sites can be submitted to the CIT Web Development team via phone at 585-245-5577 or via email at webdev@geneseo.edu.

It should be noted that many excellent free web hosting alternatives are available to campus community members.  Computing and Information Technology is always willing to help provide ideas and guidance to help you get started. 

Personal Apache Website Policies:

Personal Apache websites will only be provided on an exception basis as described above. The following policies apply to personal web page accounts.   Those all personal Apache websites (i.e. ~ sites). The people responsible for personal web page accounts each personal Apache website account must abide by these policies and contact CIT when exceptions are required.    In general, these policies are listed in "priority" order.   Web authors Account owners should notify CIT for each specific policy exception that is required for their account:

  • Accounts must be requested from CIT (via link tbd.   Try to sell them on alternatives).
  • No PHP files or code should can not be used without prior approval.
  • If PHP programs are approved for a site, the author is responsible for ensuring that all code is secure.
    • CIT may monitor or review code at their discretion to ensure it is secure.
  • No 3rd party software packages can be installed without prior approval (e.g. bulletin board
    • Examples: bulletin boards, databases, content management systems, blogging systems,
    bloggers
    • web based shells, etc
    .) without prior approval
    • .
  • No client server socket programs can be utilized without prior approval.No files may be uploaded
  • Web pages and applications may not upload files to the web server without prior approval.No file system access outside web folder of account
    • If PHP programs are approved and utilized the author is responsible for ensuring that all code is secure.  
      • The entire web server can be compromised by a single security bug!
      • The work required to ensure secure PHP code should not be underestimated.
      • Security Links:
        •  
      • This item specifically refers to dynamic web pages that allow your web page visitors to upload files onto the web server. There are significant security issues with such uploads. Extreme caution and diligence it required to ensure that it is done in a secure fashion.
      • This statement does not apply to the use of ftp by the web master to upload their web files to their web account.
    • No files may be accessed on the web server outside the account's personal public_html web folder without prior approval.
    • No security exploits should be targeted at the web server, the campus network or any other campus servers (i.e. no experimenting with hacking tools).

    Contact

    Paul Jackson
    Assistant Director for Information Systems,   Computing & Information Technology
    jackson@geneseo.edu

    Sue Chichester
    CIO & Director, Computing & Information Technology
    sue@geneseo.edu

     

    Panel
    Effective Date: March 2011
    Last Updated: 1/6/2009

    TBD:

  • What solution do we recommend (in the short term) for people who need the following:
    • Forms (we hope new CMS will support forms)
    • Complete flexibility in design/skin of site (CMS & Wiki both have limitations)
  • Do/how we speak of new CMS?
  • Need notes on students who need to do programming - notes to CS November 2012


    Page properties
    hiddentrue

    Owner (area)Information Systems
    Reviewed by
    Review Date