Personal Web Pages

Getting Started

The first step in creating a personal BSOE web page is to sign up for a BSOE account.

Once you have an account, you will need to log in to an interactive server create your site. In order to set the proper file permissions, you will need to log in to a Linux machine on the BSOE network. Unfortunately, the Windows file manager does not have a feature to allow you to set permissions on your home directory. If you are not familiar with how to log in to a Linux machine, please contact the support desk.

Once you are logged in to your Linux account, use the following commands to prepare your web page:

chmod 711 ~
mkdir ~/.html
chmod 755 ~/.html
touch ~/.html/index.html
chmod 644 ~/.html/index.html

These commands:

  • Permit the web server to access your home directory
  • Create a .html directory where you will put your web content
  • Permit the web server to access your .html directory
  • Create an empty home page (index.html)
  • Permit the web server to access index.html

Viewing Your Web Pages

Once you have your .html folder created and the permissions properly set, you can access your personal web page at the following URL:

http://users.soe.ucsc.edu/~<Your User Name>/

Note that initially, you will get a blank page. As long as you don't see an error message, you've done these steps correctly.

Updating Your Web Pages

Once your site has been created, there are several ways that you can update content, depending on which type of computer you are using.

Windows Users

To access your personal web page from a Windows machine, you will need to be logged in to a machine that it located on the BSOE network. Once you are logged in to a BSOE machine, you can click "Start", "Run" and then enter:

\\samba-01.soe.ucsc.edu\homepage

and then click "Ok". An explorer window should appear with the contents of your personal home page. You must be connected to the BSOE network to use this method to access your web page.

Macintosh Users

Macintosh users can connect to their home page share by opening a finder window, clicking "Go", "Connect to Server", and entering:

smb://samba-01.soe.ucsc.edu

and then clicking "Connect". Then select "homepage" out of the list of available shares. A finder window should appear with the contents of your personal home page. You must be connected to the BSOE network to use this method to access your web page.

Linux Users

Linux users can access their web directory when logged into any interactive server. To access your web directory, use the following command:

cd ~/.html

Anything you put in this folder will be published on the web. Remember that in order for your files to be published, they must be world-readable. You can achieve this by using the following command:

chmod 644 <Your File Name>

Similarly, any sub-directories that you have in your web page need to be world-readable as well. You can accomplish this by using the following command:

chmod 755 <Directory Name>

If you're getting 403 Access Denied errors when you view your web page in a web browser, then you probably haven't set your file permissions correctly.

SFTP

When you are not connected directly to the BSOE network, you may need to use an SFTP program to get access to your files. For Windows users, you might try BitKinex's free client. For Macintosh, you might try using Fugu. The server information you needs is as follows:

Server Name: riverdance.soe.ucsc.edu
Login Name: Your BSOE Login Name
Password: Your BSOE Password

You should also set your "file mask" or "umask" to 022 when transferring files via SFTP.

PHP and CGI Scripts

Our web servers support PHP and CGI scripts for personal web pages. Please note that the BSOE does NOT generally offer script debugging services for personal web space. If you decide to use PHP or CGI scripts on your personal web page, you need to make sure that you have the proper expertise to do so. The PHP Web Site is an excellent place to get started. We strongly recommend PHP over CGI for everyone.

Running CGI and PHP scripts from your home directory can lead to your personal or BSOE web files being compromised. PHP and CGI scripts that you create run with your permissions and ownership. These programs could potentially expose any files or information in your home directory to the outside world.

Before writing and running PHP or CGI script, please make yourself familiar with the risks involved, and take the necessary precautions to protect yourself and BSOE's properties. The "Open Web Application Security Project" is a good source of information on web application security. Their "Ten Most Critical Web Application Security Vulnerabilities" paper is a good place to start.

PHP

To use PHP, simply create PHP scripts directly in your .html folder (or any subfolder). If you would like to see what PHP modules are installed, simply create a PHP script that calls the phpinfo(); function. As an example, create an hello.php file in your ~/.html/ folder and place the following code in it:

<?php

Header("Content-Type: text/plain");

echo "Hello!\n";

?>

Then, point your web browser to a URL like this one:

http://users.soe.ucsc.edu/~<Your User Name>/hello.php

You should see the word Hello! printed back to you.

CGI

Using CGI is significantly more complicated and requires more knowledge than this document can provide. However, there is some important information and tips that we can give you to help you get started. We STRONGLY recommend that you become familiar with logging in to a interactive server before attempting to create any CGI scripts.

Before you can use any CGI scripts, you need to create a special folder where all your CGI scripts will go. To do so, use the following commands from any interactive server:

mkdir ~/.html/cgi-bin
chmod 755 ~/.html/cgi-bin

Once you have your cgi-bin folder created, you can place scripts into it. As an example, we'll use a hello.pl script. To create the script, use your favorite Linux text editor to create a file called hello.pl in your ~/.html/cgi-bin/ folder. Place the following text into this file:

#!/usr/bin/perl

print "Content-Type: text/plain\n";

print "\n";

print "Hello!\n";

Once you have created the file, use the following command to make it executable:

chmod 755 ~/.html/cgi-bin/hello.pl

Then, open your web browser and point it to a URL like this one:

http://users.soe.ucsc.edu/~<Your User Name>/cgi-bin/hello.pl

You should see the word Hello! printed back to you.

If you have problems with your CGI scripts, there is a special debugging URL that you can use to see the errors that your CGI script is producing. The format of the URL is:

http://users.soe.ucsc.edu/cgi-bin/cgiwrapd/<Your User Name>/hello.pl

Note that you put just your user name and the script name in this URL. You do not need to include the tilda (~) or the cgi-bin folder name. When you use this URL to access your script, instead of getting just the output of the script on the screen, you will get a full debug screen that will tell you exactly what went wrong with your script.

Unfortunately, that's all the support we can provide for CGI scripts. There is no additional debugging information or log files that we can give you.

Password Protection for Personal Web Pages

You can password-protect your personal web pages using the following procedure. This procedure assume that you want to protect a folder called http://users.soe.ucsc.edu/~username/SECURE/ - if you wish to protect a different folder, change SECURE to whatever the name of the folder is.

  1. Create a password file using htpasswd, like this:

    htpasswd -c ~/.htpasswd username1

    This will prompt you for the password that you would like username1 to use when visiting your secure pages. Once you have added your first user, you should use htpassword without the -c option, like this:

    htpasswd ~/.htpasswd username2

    This will prompt you for the password for username 2. NOTE: If you use the -c option on the second user name, the first user name will be deleted! The -c option is only for use when first creating your .htpasswd file!

    Then make sure that ther permissions on your .htpasswd file are correct:

    chmod 644 ~/.htpasswd
  2. If you haven't already done so, create your secure folder, like this:

    mkdir ~/.html/SECURE
    chmod 755 ~/.html/SECURE
    cd ~/.html/SECURE
  3. Create a .htaccess file using your favorite text editor. This example assumes you're using pico to edit your .htaccess file; be sure to replace pico with whatever editor you prefer to use:

    pico ~/.html/SECURE/.htaccess

    Add the following to your .htaccess file:

    AuthName "My Secure Stuff"
    AuthType Basic
    AuthBasicProvider file
    AuthUserFile /soe/username/.htpasswd
    require valid-user

    Be sure to replace /soe/username/ with the actual path to your home directory.

    Make sure .htaccess is readable by the web server:

    chmod 644 ~/.html/SECURE/.htaccess

That should be all there is to it! If you have any problems with this procedure, please e-mail webmaster@soe.ucsc.edu for help.