Personal Web Pages
This policy addresses acceptable uses of personal web pages by students, faculty, and staff on the Geneseo campus web server (http://www.geneseo.edu). Personal web pages are web files (e.g. *.html, *.css, *.js, *.php) accessible via a personal web account URL (e.g. http://www.geneseo.edu/~bobsmith, http://www.geneseo.edu/~admissions).
In the past, Geneseo supported web pages exclusively via personal web accounts on the campus's production web server. The pages in those spaces were accessed via "~" URLS (e.g. http://www.geneseo.edu/~athletics) or via Virtual URLs which were mapped to the tilde URLs (e.g. http://athletics.geneseo.edu). Files were maintained manually via tools such as DreamWeaver and FTP. The files were stored within a file space (i.e. public_html folder) associated with an account.
These type of personal web page accounts have been used by students, faculty, staff, departments, and organizations to create their web pages.
New tools and technologies such as Web Content Management Systems and WIKIs have become available to support the development of web pages in a more secure and efficient manner. Personal web spaces are no longer the recommended alternative for the campus. We will continue to support personal web spaces for existing accounts and for exceptions where warranted.
This policy provides:
- Recommended web content solutions.
- Policies for personal web spaces.
Recommended Web Content Solutions:
The following list provides recommended web content solutions:
- Web Content Management System (CMS)
- Departments, Organizations, and Faculty web sites.
- Campus WIKI - http://wiki.geneseo.edu
- Student web sites.
- Collaborative course projects
Personal Web Page Policies:
The campus will continue to support existing personal web page accounts, but we strongly encourage people to transition their web pages to the new solutions as soon as practical. We will add new personal web page accounts by exception and only when the warranted based on business needs.
The following policies apply to personal web page accounts. Those people responsible for personal web page accounts must abide by these policies and contact CIT when exceptions are required. In general, these policies are listed in "priority" order. Web authors should notify CIT for each specific policy exception that is required for their account:
- Accounts must be requested from CIT (via link tbd. Try to sell them on alternatives).
- No PHP files or code should be used without prior approval.
- No 3rd party software packages can be installed without prior approval (e.g. bulletin board, databases, content management systems, bloggers, etc.) without prior approval.
- No client server socket programs can be utilized without prior approval.
- No files may be uploaded to the web server without prior approval.
- If PHP programs are approved and utilized the author is responsible for ensuring that all code is secure.
- The entire web server can be compromised by a single security bug!
- The work required to ensure secure PHP code should not be underestimated.
- Security Links:
- No file system access outside web folder of account.
Assistant Director for Information Systems, Computing & Information Technology
CIO & Director, Computing & Information Technology