Overview of Web Protection on HKUST WWW servers

Web pages are just files contained in directories under your account. Access to your web pages is controlled at this directory level by .htaccess files. Different .htaccess files control access in different ways.

You can restrict access to your entire Web (WWW) directory, or to various directories contained within your WWW directory. For example, you could have a directory called "schoolwork", the web pages of which are accessible only from within the HKUST domain, or a directory called "personal" which is accessible only by your friends and family. There are three main ways to control access to your Web directories:

Controlling Access by Domain

You can allow or deny access according to the name of the machine which is doing the browsing. This can be done at either the domain or host name level. For example, you could set it up as any of the following:

Basic Password and Group Protection

For greater control, you can restrict access to a set of users, each of whom must enter a valid username and password in order to look at your pages. You create the username and password, and tell them to use it to gain access. This pair of username and password are completely separate from accessing ITSC general services, or any other authenticated services.

The username and encrypted password are put in a password file which is managed by a utility called htpasswd.

If you wish to limit access to your Web directories to certain set of users, you can provide a group file, which prevents you from having to repeatedly specify the same set of users.

Password Protection by WebLDAP

You can restrict access to those people who have an ITSC Network account via "WebLDAP", a system that requires people to have entered a valid ITSC Network Account and password in order to access your pages. Access can also be restricted to anyone with an ITSC Network Account, or to a particular group of ITSC Network Account you desired.