DTU Databar Homepage Setup

Your own personal homepage lives in a public_html directory under your homedirectory.

The URL (Uniform Resource Locator) for your personal homepage is "http://www.student.dtu.dk/~userid", where userid is your login name, e.g. s801234.

Your homepage may also be available via the individual databar homepages, i.e. as "http://www.xbar.dtu.dk/~userid", where x is b, e, g, k, m or vr,
but you should use the official name above, as the webpages for the individual databars may be moved to other webservers.

The B-bar and G-bar pages have been moved to another webserver, and so the use of "http://www.bbar.dtu.dk/~userid" and "http://www.gbar.dtu.dk/~userid" will not work anymore.

The DTU CWIS is updated automatically on a regular basis with the current list of databar student users.
If you have a non-empty ~/public_html/index.html, ~/public_html/index.htm or ~/public_html/index.shtml file, it is assumed that you have a personal homepage, and the list should reflect this by providing a hyperlink to your homepage URL.

User Homepage Setup and Facilities

Directory and File Permissions

If you want your homepage to be visible, the access permissions on some files and directories must be set propperly, in order for the webserver process to be able to read the files in your ~/public_html directory.

	Your homedirectory, your ~/public_html directory and all its subdirectories must have read and execute permission for everyone: chmod u=rwx,go=rx dir (or equivalent: chmod 0755 dir).
	Likewise, all plain files in your ~/public_html directory (and subdirs) must have read permission for everyone: chmod u=rw,go=r file (or equivalent: chmod 0644 file).
	CGI-scripts should be readable, but not writeable by anybody but yourself: chmod u=rwx,go-w cgiscript (or equivalent: chmod 0755 cgiscript). See the section on CGI-scripts below for more information.

If you haven't changed the default permissions on your files and directories and you haven't changed your umask value (default is umask=022), the default permissions given to new files and directories should be correct.

Apache 2.0.47 server documentation

www.student.dtu.dk is running Apache 2.0.47, with the default set of modules compiled in.

Sorry, we do not have the resources to help you setup your homepage or use the Apache features, you are instead referred to the Apache docs, as well as any help you can get from your more WWW experienced fellow students.

Here is a list of the available Apache modules. Any module marked as compiled in by default in the module description, as well as the optional modules listed above is available on this server.

Directory Index Files

When accessing a directory http://.../some/directory/, the server checks for an index.html, index.htm or index.shtml file. If any of these files exists, the contents of the file found will be presented, otherwise a FTP-type listing of the directory will be presented.

The file index.shtml is for Server Parsed HTML, see the section below on Server Side Includes.

Especially, the files ~/public_html/index.html, ~/public_html/index.htm and ~/public_html/index.shtml are searched when your homepage URL "http://www.student.dtu.dk/~userid" is requested.

CGI Scripts

There are no system-wide CGI scripts available, you can however use your own CGI scripts, provided you obey these rules:

Your CGI scripts must be placed in ~/public_html/cgi-bin/ or subdirectories.

In addition, any file ending in .cgi, .php, .php3 or .php4 anywhere in your ~/public_html will be treated as a CGI-script.
See also the section below on PHP CGI scripts.

You must own the scripts yourself, and you cannot use symbolic links for scripts.

A script needs to be readable and executable by all (you), but it must definitely not be writable by group or others: chmod u=rwx,go-w cgiscript (or equivalent: chmod 0755 cgiscript). Also, the setuid and setgid bits must not be set.

Your ~/public_html/cgi-bin/ directory (and subdirectories) must have read and execute permission for all: chmod u=rwx,go=rx cgidir (or equivalent: chmod 0755 cgidir).

Your CGI scripts will be executed as you, giving total access to all of your files as well as everything else related to your databar account.
Warning: Be very careful of what your scripts are doing, and never trust a script you got from the network or from another user (unless of course, you would also trust him or her with your life :-)
Your CGI scripts are capable of doing anything you can do, including removing or damaging any or all of your files.
Even a script that has been very carefully checked may contain subtle security holes.

In addition, you should be aware of the following:

In your HTML documents, you can reference your CGI scripts as <A HREF="/~userid/path-to-script/script">.
You can write your CGI scripts in any of the UNIX shells, you can use perl 5, PHP, see below, or you can write your own C, Fortran, Pascal, ... program to do the job.
The later will of course be compiled programs, not scripts, but they're called CGI scripts anyway :-)
Compiled programs must be compiled for/on the Mandrake Linux platform.
Perl 5 is available as /usr/unic/bin/perl5, and perl 4 is no longer available.
Your ~/public_html/cgi-bin/ directory and subdirectories has been protected from direct access from the webserver, i.e. it is not possible to generate a directory listing for these directories, but any CGI script within can be called, provided the name and path is known and the filepermissions are correct.
The CGI scripts are executed on the databar webserver www.student.dtu.dk.
The current working directory when the script starts is the directory in which it resides.
You can protect or limit execution of your CGI scripts by placing a .htaccess file in your ~/public_html/cgi-bin/ directory. See the section below on Access Control for more information.

PHP CGI Scripts

It is now possible to use PHP on the databar webserver, provided you follow these instructions.

PHP scripts will be called as CGI scripts using the Apache suEXEC feature, just like any other CGI script. See the section on CGI-scripts above for details.
The name of your PHP script must end with .cgi, .php, .php3 or .php4, except if placed in ~/public_html/cgi-bin/, in which case you can use any name.
The PHP script must start with this sh-bang line: "#! /usr/bin/php-cgi" (without the quotes), as the Apache suEXEC feature will otherwise not know where to find the PHP interpreter.
There is no MySQL or other databases running on the webserver, nor are there any plans on providing such a feature.

Server Side Includes

You can write Server Parsed HTML, which will be processed by the Apache Include Module.

Files containing Server Parsed HTML must end in .shtml.

The SSI EXEC feature is insecure and is thus not available.

Access Control

You can control web access to individual directories under your homepage (including the ~/public_html homepage directory) by creating a .htaccess file in the directory.
A .htaccess file in a directory controls access to everything in that directory, including subdirectories.

The access control can be based on host names and/or user names and passwords.
You can use this program to generate the necessary encrypted passwords for password based protection.

An example .htaccess file, allowing only hosts on DTU access:

order deny,allow
deny from all
allow from .dtu.dk

An example .htaccess file for password protection,
auth files are in ~/public_html/etc (see warning below):

AuthType Basic
AuthName "My Restricted Directory"
AuthGroupFile /gbar/newton/home1/c00/c001234/public_html/etc/.htgroup
AuthUserFile /gbar/newton/home1/c00/c001234/public_html/etc/.htpasswd
require group mygroup

Example ~/public_html/etc/.htgroup for password protection:

mygroup: c001234 c972345

Example ~/public_html/etc/.htpasswd for password protection:

c001234:(place password generated by crypt here)
c972345:(place password generated by crypt here)

Warning: If the directory containing the AuthGroupFile and AuthUserFile files is placed below ~/public_html (like in this example), it is very important that the directory is protected against download with an .htaccess file containing:
order deny,allow deny from all
otherwise it will be possible to download the .htpasswd file containing the encrypted passwords.
Note, that both an AuthGroupFile and an AuthUserFile are required, and that the full paths must be listed in the .htaccess file ($HOME/... or ~/... (tilde) doesn't work).

Image Maps

You should no longer use the imagemap CGI script. Use the Apache built in image map module instead.

Any file ending in .map is treated as an image map file.

Server provided images

You can access the set of icons supplied with the server as /icons/image. There is also an index image available, showing all the available images.

Last updated: 2004.08.05 by UNI*C Databar Support.

	Your CGI scripts must be placed in ~/public_html/cgi-bin/ or subdirectories.
	In addition, any file ending in .cgi, .php, .php3 or .php4 anywhere in your ~/public_html will be treated as a CGI-script. See also the section below on PHP CGI scripts.
	You must own the scripts yourself, and you cannot use symbolic links for scripts.
	A script needs to be readable and executable by all (you), but it must definitely not be writable by group or others: chmod u=rwx,go-w cgiscript (or equivalent: chmod 0755 cgiscript). Also, the setuid and setgid bits must not be set.
	Your ~/public_html/cgi-bin/ directory (and subdirectories) must have read and execute permission for all: chmod u=rwx,go=rx cgidir (or equivalent: chmod 0755 cgidir).
	Your CGI scripts will be executed as you, giving total access to all of your files as well as everything else related to your databar account. Warning: Be very careful of what your scripts are doing, and never trust a script you got from the network or from another user (unless of course, you would also trust him or her with your life :-) Your CGI scripts are capable of doing anything you can do, including removing or damaging any or all of your files. Even a script that has been very carefully checked may contain subtle security holes.