Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 12 Next »


Personal Web Pages

Scope

This policy addresses acceptable uses of personal web pages by students, faculty, and staff on the Geneseo campus web server (http://www.geneseo.edu).   Personal web pages are web files (e.g. *.html, *.css, *.js, *.php) accessible via a personal web account URL (e.g. http://www.geneseo.edu/~bobsmith, http://www.geneseo.edu/~admissions).

Summary

In the past, Geneseo supported web pages exclusively via personal web accounts on the campus's production web server.   The pages in those spaces were accessed via "~" URLS (e.g. http://www.geneseo.edu/~athletics) or via Virtual URLs which were mapped to the tilde URLs (e.g. http://athletics.geneseo.edu).   Files were maintained manually via tools such as DreamWeaver and FTP.   The files were stored within a file space (i.e. public_html folder) associated with an account.  

These type of personal web page accounts have been used by students, faculty, staff, departments, and organizations to create their web pages.

New tools and technologies such as Web Content Management Systems and WIKIs have become available to support the development of web pages in a more secure and efficient manner.  Personal web spaces are no longer the recommended alternative for the campus.  We will continue to support personal web spaces for existing accounts and for exceptions where warranted.

This policy provides:

  • Recommended web content solutions.
  • Policies for personal web spaces.

Policy

Recommended Web Content Solutions:

The following list provides recommended web content solutions:

 Personal Web Page Policies:

The campus will continue to support existing personal web page accounts, but we strongly encourage people to transition their web pages to the new solutions as soon as practical.   We will add new personal web page accounts by exception and only when the warranted based on business needs.

The following policies apply to personal web page accounts.   Those people responsible for personal web page accounts must abide by these policies and contact CIT when exceptions are required.   In general, these policies are listed in "priority" order.   Web authors should notify CIT for each specific policy exception that is required for their account:

  • Accounts must be requested from CIT (via link tbd.   Try to sell them on alternatives).
  • No PHP files or code should be used without prior approval.
  • No 3rd party software packages can be installed without prior approval (e.g. bulletin board, databases, content management systems, bloggers, etc.) without prior approval.
  • No client server socket programs can be utilized without prior approval.
  • No files may be uploaded to the web server without prior approval.
  • If PHP programs are approved and utilized the author is responsible for ensuring that all code is secure.  
    • The entire web server can be compromised by a single security bug!
    • The work required to ensure secure PHP code should not be underestimated.
    • Security Links:
      •  
  • No file system access outside web folder of account.

Contact

Paul Jackson
Assistant Director for Information Systems,  Computing & Information Technology
jackson@geneseo.edu

Sue Chichester
CIO & Director, Computing & Information Technology
sue@geneseo.edu


Effective Date:
Last Updated: 1/6/2009

TBD:

  • What solution do we recommend (in the short term) for people who need the following:
    • Forms (we hope new CMS will support forms)
    • Complete flexibility in design/skin of site (CMS & Wiki both have limitations)
  • Do/how we speak of new CMS?
  • Need notes on students who need to do programming - notes to CS
  • No labels