Cookies

We use cookies to ensure that we give you the best experience on our website. You can change your cookie settings at any time. Otherwise, we'll assume you're OK to continue.

Durham University

Computing and Information Services

Restricting access to your pages

Restricted access to web pages on the University server can be done via the mechanisms described below.

The local directory

The public_html directory has a subdirectory called local. If you only want members of the University to access a document, put the document into this subdirectory. Suppose dxy3fab puts the file notes.pdf into this subdirectory. The file will be accessible from the WWW using the URL: http://community.dur.ac.uk/f.a.bloggs/local/notes.pdf

Because this file is in the local subdirectory, the WWW page will be accessible if a browser is running on a computer which is attached to the University's network. If the browser is running on a computer that is outside the University, a login box will appear and unless the user can provide a CIS username and password, they will be denied access.

The password directory

The password directory is really only of interest to those people who write PHP scripts. In such scripts, you may want to find out the CIS username of the person visiting the WWW page. The public_html directory has a subdirectory called password. If you put files (or subdirectories) into this subdirectory, a login box will appear when a person attempts to access one of these files. Unless the person can provide a CIS username and password, they will be denied access. If the WWW page is a PHP script, it can obtain the username by accessing the REMOTE_USER variable.

Only put files into the password directory if you really need a person to authenticate: if you just want to restrict access to a member of the University, put the file into the local subdirectory instead.


Access permissions on public_html

In a PHP script, you may need to provide a password in order to access some external system, e.g., a password to access a MySQL database. Unless the file containing the PHP script is permitted correctly, the password will be visible to anyone wandering around the CIS Unix filesystem. CIS has altered the permissions and group ownership of the public_html directory of most users so that the files in the public_html directory cannot be read (except by the webserver software and the owner of the files).