Campus Web Hosting Policies
A. Purpose of Public Central Web Server (WINGS)
Web Hosting services are available to UB students, faculty and staff either through central computing resources or, when applicable, department or school resources. Service offerings differ depending on client status, and purpose of the website.
The following table summarizes the web hosting services available for use by the UB community. Inquire within your department or node about other web servers that may be available to you.
| Client/Need | Service | Features |
| Divisions, Departments, Schools, Faculty group websites | Department/School Web Server | Ask Node or Dept. |
| Divisions, Departments, Schools, Faculty group websites | Central Campus Web Hosting Server | Apache web server Campus Web Hosting groups Search engine WingsMail Programming CGI / Perl PHP Access Restriction Custom Error Pages Hit Statistics Virtual host Customized Hit statistics Database Access Media Services |
| Faculty, staff and student Individual home pages | Personal Home Page directory space available on UBFS. | HTML, Dreamweaver, and other website creation programs can be used |
| Administrative or research collaborative projects, committees, etc. | UBLearns | Requires Exception accounts for non-UB participants. Contact UBLearns@buffalo.edu for details. |
| UB Course Web pages | UBLearns | Can be used to restrict access to students in class |
| UB Course Web pages, when world access is a requirement | Central Campus Web Hosting |
Apache web server Campus Web Hosting groups Search engine Wingsmail Programming CGI / Perl PHP Access Restriction Custom Error Pages Hit Statistics Virtual host Customized Hit statistics Database Access Media Services |
| Graduate Student Organizations | Department Web Server or GSA | Ask GSA or Dept. |
| Student Organizations | Central Campus Web Hosting with permission of Student Affairs staff or faculty advisor; annual registration using the Webmaster Service Request Form |
Apache web server Campus Web Hosting groups Search engine WingsMail Access Restriction Custom Error Pages Hit Statistics |
B. Public Central Web Server Services and Policies
Index of services and expected time to complete request:
- Websites: Accounts, Ownership, and Quotas (3 business days)
- Virtual Hosts and Redirects (10 business days)
- Statistics and Log Files (3 business days)
- Oracle Accounts and Database (10 business days)
- Web Application Policy and Registration (10 business days)
- Access Restriction (10 business days)
- Search Engine (3 business days)
- Central Campus Web Hosting Team Responsibilities
- Other Restrictions (Media Files, FTP...)
1. Websites: Accounts, Ownership, and Quotas
Any UB organization, department or faculty group may be eligible for web hosting services on the Central Campus Web Hosting Server. When requesting space for a new website, webmasters must register the following information at the New Website Request Form:
- Webmaster name. (The webmaster will be accountable for the upkeep and security of the site.)
- UBIT Name or Adminitrative account. See the UBIT Name policy for details on accounts. (Administrative accounts are recommended for departments, otherwise Campus Web Hosting groups should be used.)
- Administrator/authority responsible for assigning webmasters and associated site permissions
- Expected life of the site
This will be completed within 3 business days.
Transferring ownership / adding editors - If you are currently a registered webmaster on the Central Campus Web Hosting and wish to transfer ownership to another individual or add editors to your site, complete the Transfer Ownership Request Form. An Email address and name from the head of your department is required. If the site belongs to a student club, this form needs to be completed by the Student Affairs or Student Association clubs coordinator or designated faculty advisor. This will be completed within 3 business days.
Disk quota - Initial quota of 100 Meg is provided for an individual UB IT Name (webmaster /site owner). It may be increased by 10% per semester by completing the Disk Quota Increase Request Form. The new quota increase will be completed within 3 business days. Requests for increase above 10% will require approval by the CIT Directors and may take up to four weeks for approval.
Return to Index
2. Virtual Hosts and Redirects
A single web server may respond to several different hostnames in addition to its given name. This practice is referred to as "virtual hosting". A virtual host may point to a website on wings.buffalo.edu, or it might point to another web server on campus. If a virtual host points to a site on a campus server other than wings.buffalo.edu, that server must be capable of resolving virtual host requests.
Any department, division or faculty group of the University may request a virtual host name for a website on wings.buffalo.edu by using the Virtual Host Request Form. Requests for a virtual host in the form of name.buffalo.edu will be considered. Requests for a virtual host in the form of name.division.buffalo.edu or name.entity.buffalo.edu will be more appropriate in most situations. The University at Buffalo hostmaster reserves the right to review and approve the requested names.
Required information includes:
If approved, the virtual host will be created within 10 business days.
- the requested name
- an explanation of the need or purpose of the name
- the location of the actual (existing) site for which the virtual name is requested
- the name and address of the Webmaster or Administrator responsible for the site.
Redirects - Automatic redirects are used for system purposes and not for website relocation. For URL changes (moved/new pages/sites), users should put in place an informative HTML document that announces the new location. A "Meta Refresh" to the new page is also recommended.
Return to Index
3. Statistics and Log Files
All virtual hosts have web statistics available at http://wings.bufalo.edu/webalizer. A non-virtual host site web master may request that statistics be generated from log files by going to the Campus Web Hosting Request Statistics Form. Requests concerning log files and statistics will be completed within 3 business days.
Return to Index
4. Oracle Accounts and Database
Webmasters requiring a database for their website work can request an Oracle account and database space on the Central Campus Web Hosting Server using the Oracle Request Form. Permission from a department head or node director is required via email or signature on the form. If application is approved, within a two week timeframe, two Oracle accounts will be created as follows:
One is a reader account, which has only read permissions. This is the account that should be used in all web based programs. The second account is an admin account, which has create, insert, modify, and delete privileges. Both of these accounts are created in a user specific tablespace and will not have access to any other tablespace or accounts. The reader account is given a quota of 2KB. The admin account is given an initial quota of 10MB.
Process: After receiving these two Oracle accounts a web developer is asked to secure his directory where the code resides. While developing, all code should have the proper extensions (.cgi or .php). A web developer should never use a user/password in an include (.inc) file or any file that can be displayed on a web browser. All users/passwords should be placed in files where they are parsed by the web server and hidden from public view. Before going live with a web based program, the web developer should email ascit-dba@buffalo.edu and also register their application at http://www.wingsappreg.buffalo.edu. It will take approximately 4 weeks for approval.
Securing Oracle User/Password files:
An include file is created in a separate directory tree apart from the document root of the web server. This file should be owned by the unix username nobody. The oracle developer will create this file and send to ascit-dba@buffalo.edu the proper path to use in Perl / PHP code.
Return to Index
5. Web Application Policy and Registration
Faulty or incorrectly coded Campus Web Hosting applications could result in instability of the campus server, thereby denying access to information by prospective students, researchers from around the world, and the University community. In order to ensure a stable viewing platform for the millions of visitors to the University at Buffalo websites, all applications must be registered and reviewed annually. Rogue applications will be discovered during monthly server checks and will be made unavailable until compliance with this policy. Upon adherence to policy and review by the Central Campus Web Hosting Service team, new and modified applications will be made available. It is the responsibility of the webmaster to check, test, and correct their web application after a system upgrade or change.
Definitions:
- An application is a specific program or coded script that executes on the Central Campus Web Hosting Server (i.e., uses facilities such as Perl, Oracle, PHP, etc.). All web applications must use the following extensions: .php, .cgi and reside in a separate directory apart from the main website. HTML files are not considered applications, but web forms or other data collection methods are programs.
- A responsible owner is a faculty or staff member who takes administrative responsibility for the web application and associated site. This person is usually a department chair, area director, or node coordinator.
a. Application Security and Stability
All applications should follow current best practices. Applications should prevent unauthorized or undesired use of web server resources. For example: no unauthenticated text boxes should be able to post data to a website or be part of a mail message without precautions.
b. Mandatory Registration and Testing for All Applications on the Central Campus Web Hosting Server
All web applications must be registered in Central Campus Web Hosting applications database at http://www.wingsappreg.buffalo.edu and re-registered annually by August 15. The registration includes the following information:
- Ownership: web developer and responsible party
- Purpose of application and resources used (disk space, CPU)
- Web tools used (Oracle, PHP...)
- Data security needs and method used to achieve secure site
c. Updates and Changes to Existing Web Applications
Web developers/responsible parties must notify the Central Campus Web Hosting Service Team in advance as to any testing or updates done to their web application. Refer to the Web Application Testing Request Form for notification.
d. Central Web Server Application Policy Compliance
The following will be done on a monthly basis to ensure stability of the Central Campus web server.
Return to Index
- Monthly checks will be run to compare what web applications have been registered versus any new applications that may be residing on the Central Campus Web Hosting Server.
- Any new applications that have "not" been registered will be made unavailable to execute on the Central Campus Web Hosting Server.
- After careful review, the Central Campus Web Hosting Service Team will reinstate (reset permissions) web applications after the application database has been updated with all required information, and testing in the central web server environment is completed.
6. Access Restriction
The Campus Web Hosting Server provides two ways of limiting access to UB users. (The UBLearns system would be used instead by faculty needing to restrict site access to students in a class.)
Return to Index
- Domain restriction is a type of restricting access to a Campus Web Hosting directory based on the domain that site visitors are coming from (ex. you can use it to deny access from all non-UB computers). See Access Restriction for instructions.
- DCE protection of a website requires that each authorized user have a valid UBIT account. The users will always use the same password that they use for other UBIT services (central email, SOAR, etc.). DCE protecting a directory will allow anyone with a valid UBIT account access to the directory. To request DCE protection of a directory on the central campus server, complete the Campus Web Hosting Special Request Form with the full path of the directory that needs to be protected.
7. Search Engine
The google search engine is a commercial search engine appliance. The google search appliance automatically indexes any new page that linked from an already indexed page. See UB Google Central Campus Search Engine for more detailed explanations.
Any department, division or faculty group of the University may request a website be included in the UB Search Engine name using the Campus Web Hosting Special Request Form. The website to be indexed does not need to reside on wings.buffalo.edu.
Return to Index
- Websites may be excluded for performance reasons.
8. Campus Web Hosting Service Team Responsibilities
A central campus web hosting service team member is assigned to answer requests forms and will process and attempt to complete such requests that require less than 4 hours of staff time. If additional assistance hours are needed, the request will be recorded in a future project log awaiting available staff time. The webmaster will be contacted for more information and be informed of a possible time frame for completion as long as the request falls within the scope of the staff's work.
The role of the Campus Web Hosting Team is to set up a good environment for websites and programs, and to ensure the security and health of the webserver. To that end, they get involved in debugging, but not programming. Programming is the responsibility of the webmaster. The Central Campus Web Hosting Team does not have the resources to provide custom programming at this time.
Return to Index
9. Other Restrictions (Media Files, FTP...)
CIT reserves the right to remove or disable any file, site or program that impacts the stability of the Central Campus Web Hosting Server. Additionally:
Return to Index
- Media files (audio/video) are stored and used from the server: stream.buffalo.edu.
- Extremely large files or disk image downloads cannot be made available from the Central Campus Web Hosting Server. They should be made available on a department or application specific ftp server.