Personal Web Pages
All members of the department may create a personal home page. In addition, faculty, research scholars, and staff can edit their profile page in addition to their personal web pages. Instructions for profile pages can be found here.
If you would like to publish a web page to the CS web server all you need to do is login to a department Public Use Server (e.g., portal.cs.princeton.edu) and put files with appropriate permissions (see below, for "appropriate") in the following directory:
~/../htdocs/username
and its subdirectories but not in:
~/../htdocs/username/private/
and its subdirectories, where username is your actual username (i.e., your CS NetID). Your web page will then be available at the URL https://www.cs.princeton.edu/~username/.
Additional notes:
- Files in home directories or project spaces are inaccessible from the web server (even via soft links).
- When your htdocs directory is initially created (at account creation time), it is empty except for an .htaccess file that tells the web server to reject all requests to your web page with a 404 - Not Found message. Be sure to remove this file as you add your initial files to create your web pages.
- In order for your homepage to show up as a link on the appropriate "people" page on the main website, you will need to send email either to Emily (faculty and staff) or Nicki (graduate students), requesting that a link to your homepage be added.
Static files (e.g., HTML, PDF, plain text) are treated differently than PHP/CGI files that are executed. See below for details.
Static Files
Static files (i.e., ones that do not have the extension .php or .cgi), must be accessible to the apache user running on the main website. This means the files must be world-readable and the containing directories have world-execute permission (allowing traversal).
Security note: files protected from being served by the web server using an .htaccess file are still accessible via the file system by other users of the system.
PHP/CGI Files
When a requested URL points to an executable file (i.e., one that does have the extension .php or .cgi), the web server will use the suEXEC mechanism to access and execute the file as user username. In order to be successful, neither the executable file nor the directory the file is in can be writable by anyone other than username. Once the PHP/CGI file is executing (as username), it can access any file or subdirectory in ~/../htdocs (including the private subdirectory) as long as the permissions allow access for user username. Of special note, it is possible to store sensitive information (such as database credentials) in a file the private subdirectory with user-only access; this file can be accessed by a PHP/CGI process, but will not served by the web server, and will not accessible by other file system users.
More details about creating scripts on our systems is here: CGI/PHP Scripts and Using FastCGI
Filesystem Links and Quota
While there are access restrictions in place for the web server (and suEXEC PHP/CGI processes), the files in htdocs and files in a user's home directory are on the same file system. This has some important implications:
- Files in the htdocs area are counted as part of a user's home directory quota
- While files outside of the htdocs area are not accessible via soft links, they can be made accessible via hard links. A hard link has the effect of having the same file appear in different parts of the hierarchy. (Note that hard links only apply to files, not directories.)
Convenience Link in Your Home Directory
While not necessary for the functioning of the web server, you may wish to use a soft link from your home directory to your htdocs directory for convenience. Assuming you don't already have a file, directory, or link named public_html in your home directory, use the following command:
ln -s ~/../htdocs/`whoami`/ ~/public_html/
Note that this link is for your convenience and doesn't have to actually be "public_html." However, our documentation will generally use that name as a convention.
(Note: accounts created after August 15, 2014, already have this convenience link in place.)
Accessing the htdocs space from SMB/CIFS
If you wish to access ~/../htdocs/username from your PC or Mac via SMB/CIFS, you must first create a convenience link as described above and use it to reach that part of the file system. This is because CIFS won't allow you to otherwise traverse above your home directory mount point.
Different Filesystem Views
The web server actually mounts the file system at the htdocs node. This means that, from the point of the view of the web server, the web files for user username are actually located at "~username". The cycles machines mount the filesystem higher up and so the web files for user username are located at "~username/../htdocs/username". This has implications for developers of executables that internally use absolute paths and must run both from the shell (of a cycles machine) and as a CGI on the web server.
Some users may want to redirect their CS homepage to their own personal website. While there are several ways to do this, a simple way is by adding a file named .htaccess
in your ~/../htdocs/username
folder:
RewriteEngine on RewriteRule .* https://yourwebsite.com/ [L,R=301,NC]
With this in place, both of these requests:
https://www.cs.princeton.edu/~username/ https://www.cs.princeton.edu/~username/directory/sample.html
Will redirect to:
https://yourwebsite.com/
Project Web Pages
We also offer the ability to host your research group or project-related content at its own subdomain (e.g. https://project.cs.princeton.edu/). The request forms in the left column of this site allow you to first request the necessary project disk space to store the site, and second, request that a virtual web server be set up for the name you request.
By default, the web server that handles project web spaces does not use the suEXEC mechanism. Therefore, all files and directories that are served (or executed as PHP/CGI) must be accessible by the apache user.
However, SuEXEC is available for project spaces upon request, which removes the need for your PHP/CGI to be accessible by the apache user. To enable suEXEC for your project webspace, contact CS Staff.
When your disk space is set up, it can be used for more than just the website files. For example, there may be some related files that you don't wish to make web-accessible. We recommend that you plan to create a directory in your new space called "www" or "public_html", or something similar, which will contain all of the web-accessible content. The Web Space request form allows you to specify this directory as the "Location of the Document Root."
Web Server Configuration
Our web servers run on Linux and run Apache. We offer PHP as the primary scripting language and files with a .php extension are interpreted as PHP. In addition, you can write CGI scripts in any language installed on the webserver. Make sure that you name your script or binary with a .cgi extension. See the section on CGI scripts for more information.
Adding Authentication and Authorization
If you want to protect access to your app, the recommend approach is to use our Central Authentication Service (CAS). You can query our LDAP server to determine if the user is a graduate student, faculty member, etc, if you want to provide some basic authorization. We've also made some sample PHP code available to demonstrate how this can be done.