Personal Web Sites
Geneseo has provided "personal web sites" on it's Apache web server to individuals and organizations. These sites are sometimes referred to as tilde sites due to the "~" character in the URL. This policy addresses acceptable uses of personal web pages by students, faculty, and staff on the Geneseo campus web server (http://www.geneseo.edu). Personal web pages are web files (e.g. *.html, *.css, *.js, *.php) accessible via a personal web account URL (e.g. http://www.geneseo.edu/~bobsmith, http://www.geneseo.edu/~admissions).
Geneseo's technology direction for web sites is moving away from the use of personal Apache web sites in favor of other technologies which give the campus increased security and reduced maintenance costs. In addition to proper usage of personal web sites, this policy will also specify situations when personal web sites will or will not be provided as well as the alternative technologies being made available to the campus community.
In the past, Geneseo supported web pages exclusively via personal web accounts on the campus's production web server. The pages in those spaces were accessed via "~" URLS (e.g. http://www.geneseo.edu/~athletics) or via Virtual URLs which were mapped to the tilde URLs (e.g. http://athletics.geneseo.edu). Files were maintained manually via tools such as DreamWeaver and FTP. The files were stored within a file space (i.e. public_html folder) associated with an account.
These type of personal web page accounts have been used by students, faculty, staff, departments, and organizations to create their web pages.
New tools and technologies such as Web Content Management Systems (e.g. Drupal) and Wikis have become available to support the development of web pages in a more secure and efficient manner. Personal web spaces are no longer the recommended alternative for the campus. We are currently supporting personal web spaces for existing accounts and for exceptions where warranted. It is our campus goal to eliminate the use of most personal web sites by 2013.
This policy provides:
- Recommended web content solutions.
- Policies for personal web spaces.
Geneseo Web Hosting Solutions:
The following web hosting solutions are available to the campus community:
- Drupal Web Content Management System (CMS)
- Available to all departments, department sponsored organizations, and official student organizations.
- Available to all faculty and staff for personal web sites.
- Campus Wiki - http://wiki.geneseo.edu
- Available to all departments, organizations, faculty, staff, and students.
- Wiki Spaces can be requested for organizations and groups.
- Individuals can have their own personal wiki space.
- Google Sites are available to any organization or individual.
- Personal Apache sites will no longer be provided unless warranted by an exception that strongly supports the college's mission.
- Existing personal sites will be supported at this time. Our goal is to eliminate most of them by 2013. We strongly encourage people to transition their web pages to the new solutions as soon as practical.
- Sites that are granted an exception must have a compelling case to demonstrate the need based on college mission and inadequacy of alternative hosting solutions to support their purpose.
It should be noted that many excellent free web hosting alternatives are available to campus community members. Computing and Information Technology is always willing to help provide ideas and guidance to help you get started.
- Many excellent free Open Source software packages are available that can be run on your own computer to support web site initiatives.
- Several excellent free web hosting solutions exist including:
Personal Web Page Policies:
The following policies apply to personal web sites. The people responsible for personal web site accounts must abide by these policies and contact CIT when exceptions are required. Account owners should notify CIT for each specific policy exception that is required for their account:
- Accounts must be requested from CIT (via link TBD. Try to sell them on alternatives).
- No PHP files or code should be used without prior approval.
- If PHP programs are approved and utilized the author is responsible for ensuring that all code is secure.
- The entire web server can be compromised by a single security bug!
- The work required to ensure secure PHP code should not be underestimated.
- Security Links:
- No 3rd party software packages can be installed without prior approval (e.g. bulletin board, databases, content management systems, bloggers, web based shells, etc.).
- No client server socket programs can be utilized without prior approval.
- Web pages and applications may not upload files to the web server without prior approval.
- This item specifically refers to dynamic web pages that allow your web page visitors to upload files onto the web server. There are significant security issues with such uploads. Extreme caution and diligence it required to ensure that it is done in a secure fasion.
- This statement does not apply to the use of ftp by the web master to upload their web files to their web account.
- No files may be accessed on the web server outside the account's personal public_html web folder without prior approval.
- No security exploits should be targeted at the web server, the campus network or any other campus servers (i.e. no experimenting with hacking tools).
Assistant Director for Information Systems, Computing & Information Technology firstname.lastname@example.org
CIO & Director, Computing & Information Technology email@example.com
Last Updated: 1/6/2009
- Is Personal Web Pages the correct title (i.e. it applies to all ~ web accounts)?
- Need to find out if any courses specify use of student personal web accounts.
- What standard should we use for the basic url for faculty? Should we continue mapping http://www.genseo.edu/~bobsmith to their CMS pages?