Personal Web Pages

Getting Started

The first step in creating a personal BSOE web page is to sign up for a BSOE account.

Once you have an account, you will need to log in to an interactive server create your site. In order to set the proper file permissions, you will need to log in to a Linux machine on the BSOE network. Unfortunately, the Windows file manager does not have a feature to allow you to set permissions on your home directory. If you are not familiar with how to log in to a Linux machine, please contact the support desk.

Once you are logged in to your Linux account, use the following commands to prepare your web page:

chmod 711 ~
mkdir ~/.html
chmod 755 ~/.html
touch ~/.html/index.html
chmod 644 ~/.html/index.html

These commands:

  • Permit the web server to access your home directory
  • Create a .html directory where you will put your web content
  • Permit the web server to access your .html directory
  • Create an empty home page (index.html)
  • Permit the web server to access index.html

Viewing Your Web Pages

Once you have your .html folder created and the permissions properly set, you can access your personal web page at the following URL:

http://users.soe.ucsc.edu/~<Your User Name>/

Note that initially, you will get a blank page. As long as you don't see an error message, you've done these steps correctly.

Updating Your Web Pages

Once your site has been created, there are two basic ways that you can update content; SMB or SFTP.  Note that in order to connect via SMB, you must be on a UCSC wired network or the Eduroam wireless network.  If you are on a restricted network at UCSC or are off campus, you must connect to the UCSC VPN service before you will be able to contact our servers.

While UCSC currently allows inbound SSH access, which allows SFTP to work without first connecting to the VPN, this may change in the future.

SMB

Your BSOE personal web page directory, ~/.html, is made available via the special "homepage" network share on our SMB server, samba.soe.ucsc.edu.  Updating your page content via this network share will automatically set new file and directory permissions so that the web server will display them.  Interfacing with these shares is also relatively user-friendly because Windows and macOS both have native support for connecting to them.

Windows Users

To access your personal web page from a Windows machine, you will need to be logged in to a machine that it located on the BSOE network. Once you are logged in to a BSOE machine, you can click "Start", "Run" and then enter:

\\samba.soe.ucsc.edu\homepage

and then click "Ok". An explorer window should appear with the contents of your personal home page. You must be connected to the BSOE network or the UCSC VPN service in order to use this method to access your web page.

Macintosh Users

Macintosh users can connect to their home page share by opening a finder window, clicking "Go", "Connect to Server", and entering:

smb://samba.soe.ucsc.edu

and then clicking "Connect". Then select "homepage" out of the list of available shares. A finder window should appear with the contents of your personal home page. You must be connected to the BSOE network or the UCSC VPN service in order to use this method to access your web page.

Linux Users

Linux users have many options for SMB, including the smbclient command line program, mounting the SMB share with the mount command, or a variety of other command line and graphical applications.

Linux users can also access their web directory when logged into any supported system on the BSOE network.  To access your web directory, use the following command:

cd ~/.html

Anything you put in this folder will be published on the web. Remember that in order for your files to be published, they must be world-readable. You can achieve this by using the following command:

chmod 644 <Your File Name>

Similarly, any sub-directories that you have in your web page need to be world-readable as well. You can accomplish this by using the following command:

chmod 755 <Directory Name>

If you're getting 403 Access Denied errors when you view your web page in a web browser, then you probably haven't set your file permissions correctly.

SFTP

When you are not connected directly to the BSOE network, you may wish to use an SFTP program to get access to your files.  FileZilla is one option; it is a free, open source application that supports SFTP and is available for Windows, macOS, and Linux.

The server information you need is as follows:

Server Name: riverdance.soe.ucsc.edu (any of the dance servers would work)
Login Name: Your BSOE Login Name
Password: Your BSOE Password

You should also set your "file mask" or "umask" to 022 when transferring files via SFTP so that you do not have to correct permissions after transfer.

PHP and CGI Scripts

Our web servers support PHP and CGI scripts for personal web pages. Please note that the BSOE does NOT generally offer script debugging services for personal web space. If you decide to use PHP or CGI scripts on your personal web page, you need to make sure that you have the proper expertise to do so. The PHP Web Site is an excellent place to get started. We strongly recommend PHP over CGI for everyone.

Running CGI and PHP scripts from your home directory can lead to your personal or BSOE web files being compromised. PHP and CGI scripts that you create run with your permissions and ownership. These programs could potentially expose any files or information in your home directory to the outside world.

Before writing and running PHP or CGI script, please make yourself familiar with the risks involved, and take the necessary precautions to protect yourself and BSOE's properties. The "Open Web Application Security Project" is a good source of information on web application security. Their "Ten Most Critical Web Application Security Vulnerabilities" paper is a good place to start.

PHP

To use PHP, simply create PHP scripts directly in your .html folder (or any subfolder). If you would like to see what PHP modules are installed, simply create a PHP script that calls the phpinfo(); function. As an example, create an hello.php file in your ~/.html/ folder and place the following code in it:

<?php

Header("Content-Type: text/plain");

echo "Hello!\n";

?>

Then, point your web browser to a URL like this one:

http://users.soe.ucsc.edu/~<Your User Name>/hello.php

You should see the word Hello! printed back to you.

CGI

Using CGI is significantly more complicated and requires more knowledge than this document can provide. However, there is some important information and tips that we can give you to help you get started. We STRONGLY recommend that you become familiar with logging in to a interactive server before attempting to create any CGI scripts.

Before you can use any CGI scripts, you need to create a special folder where all your CGI scripts will go. To do so, use the following commands from any interactive server:

mkdir ~/.html/cgi-bin
chmod 755 ~/.html/cgi-bin

Once you have your cgi-bin folder created, you can place scripts into it. As an example, we'll use a hello.pl script. To create the script, use your favorite Linux text editor to create a file called hello.pl in your ~/.html/cgi-bin/ folder. Place the following text into this file:

#!/usr/bin/perl

print "Content-Type: text/plain\n";

print "\n";

print "Hello!\n";

Once you have created the file, use the following command to make it executable:

chmod 755 ~/.html/cgi-bin/hello.pl

Then, open your web browser and point it to a URL like this one:

http://users.soe.ucsc.edu/~<Your User Name>/cgi-bin/hello.pl

You should see the word Hello! printed back to you.

If you have problems with your CGI scripts, there is a special debugging URL that you can use to see the errors that your CGI script is producing. The format of the URL is:

http://users.soe.ucsc.edu/cgi-bin/cgiwrapd/<Your User Name>/hello.pl

Note that you put just your user name and the script name in this URL. You do not need to include the tilda (~) or the cgi-bin folder name. When you use this URL to access your script, instead of getting just the output of the script on the screen, you will get a full debug screen that will tell you exactly what went wrong with your script.

Unfortunately, that's all the support we can provide for CGI scripts. There is no additional debugging information or log files that we can give you.

Password Protection for Personal Web Pages

You can password-protect your personal web pages using the following procedure. This procedure assume that you want to protect a folder called http://users.soe.ucsc.edu/~username/SECURE/ - if you wish to protect a different folder, change SECURE to whatever the name of the folder is.

  1. Create a password file using htpasswd, like this:

    htpasswd -c ~/.htpasswd username1

    This will prompt you for the password that you would like username1 to use when visiting your secure pages. Once you have added your first user, you should use htpassword without the -c option, like this:

    htpasswd ~/.htpasswd username2

    This will prompt you for the password for username 2. NOTE: If you use the -c option on the second user name, the first user name will be deleted! The -c option is only for use when first creating your .htpasswd file!

    Then make sure that ther permissions on your .htpasswd file are correct:

    chmod 644 ~/.htpasswd
  2. If you haven't already done so, create your secure folder, like this:

    mkdir ~/.html/SECURE
    chmod 755 ~/.html/SECURE
    cd ~/.html/SECURE
  3. Create a .htaccess file using your favorite text editor. This example assumes you're using pico to edit your .htaccess file; be sure to replace pico with whatever editor you prefer to use:

    pico ~/.html/SECURE/.htaccess

    Add the following to your .htaccess file:

    AuthName "My Secure Stuff"
    AuthType Basic
    AuthBasicProvider file
    AuthUserFile /soe/username/.htpasswd
    require valid-user

    Be sure to replace /soe/username/ with the actual path to your home directory.

    Make sure .htaccess is readable by the web server:

    chmod 644 ~/.html/SECURE/.htaccess

That should be all there is to it! If you have any problems with this procedure, please e-mail webmaster@soe.ucsc.edu for help.