Pages Server Availability and Policies
Pages Server Availability
Students have access to the Pages server for website development. Accounts on Pages are created and deleted according to our regular network account creation/deletion policies (http://pages.slc.edu/~support/?s=computer+accounts).
Only faculty who currently have faculty websites have access to the Pages web server.
Services available include:
- PHP (For the current version, see http://pages.slc.edu/~support/files/info.php). For security reasons, PHP operates in Safe Mode.
- MySQL database by request only – email esharp@slc.edu.
Services that are not available:
- CGI scripting
- The ability to deliver email via a script to non-SLC addresses.
Pages Server Terms of Use
These policies were created in order to keep the server up, running, and secure for all users. By using web space on Pages you agree to these terms.
Directory permissions
For all folders on Pages, permissions should be set to 775 (rwxrwxr-x) or more secure. Upload scripts may not work with these permissions, but they are necessary for security reasons.
Use of PHP $_GET
When using PHP scripting for page templating, a combination of $_GET for the page parameter and include() to display the contents of the page mentioned in that parameter must not be used.
Software installation
We do not recommend installing blogging or content management software on Pages. You may want to consider using a free version hosted elsewhere.
If you are already using such software on Pages, it must be upgraded to the most current release at least once per month.
General PHP security measures
When coding, be aware of general PHP security precautions. These include:
- Email header injection (http://damonkohler.com/2008/12/email-injection.html)
- MySQL injection (http://tizag.com/mysqlTutorial/mysql-php-sql-injection.php)
- More reading on general PHP security measures: http://www.phpfreaks.com/tutorial/php-security
Tags: faculty, faculty websites, learn, student, websites