Jump to content, Georgia Institute of Technology, College of Engineering, School of Electrical and Computer Engineering, About ECE, Academics, Research, Faculty & Staff, Alumni & External Relations, Campuses, News
COLLEGE OF ENGINEERING
Search | Contact Us | Feedback | BuzzPort
GT Home > COE Home > ECE Home > CSG > Home Pages > FAQ on Tools Available for Your Pages
Georgia Institute of Technology Logo
 
School of Electrical and Computer Engineering

Great Minds Think Differently

FAQ on Tools Available for Your Pages

How do I restrict access to a page or pages?
How do I put a counter on my page or track access?
How can I write CGI-BIN/PHP programs?
How do I submit forms via email?

How do I restrict access to a page or pages?
Web pages can be protected by placing a file named .htaccess in the web directory. The ECE web server will detect this file and interpret its instructions before allowing access to material in the directory (and its subdirectories). The specific format of directives in the .htaccess file are defined by the web server software from The Apache Group. Please be aware that this restriction is done on a per-directory basis. If you have some files you want open to the public, but some restricted, then you need to have two separate directories.

Suppose you have a directory that you only want people on campus to be able to see the contents. The following sniplet of commands placed in a .htaccess file in the directory /a/b/c/to/path would be used to implement that restriction.

order deny,allow
deny from all
allow from .gatech.edu

There are other methods for restricting access, including the requirement of a username/password combination.

New! As of Fall 2010, you can password-protect your directories using the same single sign-on system that is used by my.gatech.edu, T-Square, BuzzPort, and many other Georgia Tech services. If you would like to restrict access to a directory so that anyone with a Georgia Tech account can login, place the .htaccess file in the directory to restrict and put the following in your file:

AuthType Cas 
Require valid-user

If, instead, you'd like to restrict access to a limited group of users, use the following format in your .htaccess file, replacing "gb0 gburdell0" with a space-separated list of Georgia Tech usernames for those who should be able to login:

AuthType Cas 
Require user gb0 gburdell0

Please note that since this is a single sign-on service, if you are already logged into another application that uses this service, you will not be asked to login again. If you would rather be notified each time you are logging into one of the single sign-on applications, make sure that you check the box next to "Warn me before logging me into other sites" when you initially login to the "Georgia Tech Login Service".

Note: The method that follows does not encrypt any of the transaction, so usernames and passwords are sent in plain text. If you need a more secure method of protecting your files, send an email to help@ece. We recommend that you use NCSA-style user files which contain simple username: <enc passwd> pairs. This advanced feature should only be used by experienced people. To do so, you set up a .htaccess file very similar to above, but instead, you need to add a database that contains the list of users you want to be able to access the files. This database file consists of a list of username:password pairs where the passwords are encrypted just like standard Unix passwords. In order to reduce the complexity of managing these files, we have provided a utility in /home/www/bin/userdb (accessible via ssh) that will allow you to easily manage and maintain these NCSA style password files.

usage: /home/www/bin/userdb -db /path/to/your/password/file -action [username]
 
  -add username     Adds the specified user to the 
                    userdbfile, possibly creating 
                    the file.  Prompts for the 
                    user's password.
 
  -change username  Changes an existing user's 
                    password.
 
  -delete username  Removes the specified user 
                    from the userdbfile.
 
  -list             Displays the contents of the 
                    userdbfile.
 
  -help             Prints out information on how 
                    to use this program with 
                    Netscape server authentication.

To use an NCSA-style password file, you must refer to it in the .htaccess file as shown:

AuthUserFile /path/to/your/password/file
AuthGroupFile /dev/null
AuthName "This is what the prompt will say"
AuthType Basic
require valid-user

Please note that references to your database files MUST include a fully qualified pathname, and it must be world-readable. (Note: If your password file is in a sub-directory of your users page, the /path/to/your/password/file will begin with "/home/www/users/" (for faculty and staff) or "/home/webpages/" (for students) followed by your username and the rest of the path to your password file. So, if I am faculty, and my username is "abcd" and the sub-directory which contains my ".htpasswords" file is called "private", then my AuthUserFile would be "/home/www/users/abcd/private/.htpasswords" - without the quotes.) NOTE: your password file should begin with .ht so that it cannot be read in a browser.

NOTE: A lot of people think that they have access restrictions on their pages, yet they unintentionally set the permissions on the files so that the web server itself can not read them. In this case, the server returns an error message pertaining to permissions, when it is really telling you the that the file permissions are wrong. In order for the server to read your files, all directories must be read-execute enabled to world, e.g. at least mode 755. All files must at least be readable by the webserver, e.g. at least mode 644. You can use the Unix chmod command to set these permissions properly.

How do I put a counter on my page or track access?
We now have software that allows you to get detailed information about who is visiting your pages. Fill out the form on Webstats to receive these reports.

We have installed a counter that allows you to count hits on any page. Read the counter documentation for complete details. You need to add an img tag to your page in the corect location, where the URL for the image si something like http://www.ece.gatech.edu/cgi-bin/Count.cgi?df=myfile.dat, where myfile.dat is replaced by a unique file name in the directory /home/www/counter/data. It does not matter what the filename is as long as it is unique to your page. For example, This is the default counter image. this counter uses the datafile unique_counter.data, and the code which we added to the web page is as follows:

<img src="http://www.ece.gatech.edu/cgi-bin/Count.cgi?df=unique_counter.data">

Do not use this as your data file name. To actually do this, look in the directory /home/www/counter/data, which is available from any machine in the ECE Unix network. Pick a file name that is not listed. If you choose a filename that is already there, you will be sharing counters with other pages of people housing pages on the ECE webserver. Once you have chosen a unique name, simply insert the above URL into your webpage and load the web page in your browser. The webserver will then automatically create the counter file for you in that directory, which will then report your page hits.

Further details on the counter program are available through the counter documentation. We do not provide any further support for this product.

How can I write CGI-BIN/PHP programs?
You can't. OK, if you have a really good justification as to why you need to, see the CGI-BIN/PHP Policy page. Note that you need a very strong reason to be granted such privileges - not because you want: a counter, a guestbook, simple form processing, etc.

How do I submit forms via email?
As of October 14, 2003, the form_email script is disabled. Please send an email to help@ece.gatech.edu if you need your form to be configured with our new script. Please note that, if you are a student requesting to be set up with the new script, we will require approval from your advisor. Be sure to include a link to the html form that you have created.

If you would like to set up a form using this new script, please create your form web page then send an email to help@ece with the following details:

  • The path to the form file you created
  • Who should receive the email with the information provided in the form
  • What you would like the subject of the email to contain
  • Which, if any, of the fields are required
  • If you have another page that you would like people to be redirected to after they have filled out the form, then be sure to create that file and supply the path to that file, too

When you receive your reply from help@ece, you will be provided with additional details (including what to fill in for your <form> tag).

Last revised on August 27, 2010.