COE Web Server Guidelines

The engineering webserver provides the public face of the OSU College of Engineering and its Departments to the online world. As such, when granted permissions to edit or write files to the college or departmental websites it is important to remember the following:

• Always consider the security implications of any files placed on the server, especially executable files.
  
• World writeable permissions on files are not allowed on the COE server.
  
• Consult with support@engr before installing web software to determine whether there is a supported package that will serve your purposes.
  
• Notify support of any open source, or custom built web applications that you install or upload.
• Keep abreast of updates and security patches for open source packages, by subscribing to package maillists, subscribing to rss news feeds, etc.
  
• Follow "best practices" in the coding of custom web applications. For example, see: http://www.phpbuilder.com/columns/tim20010101.php3
  
• Content on production departmental webservers is intended for public consumption. If content/materials are for purely internal purposes, consult with support to determine if they are better suited to web.engr or groups.engr
  
• Personal or student webpages do not belong outside of engr account public_html directories.
  
• Support reserves the right to remove my access and shutdown code without warning should a security concern warrant such action.
  

Article Information:

Date Created: Nov 27, 2007
Last Modified: Tue, Nov 27, 2007 12:58 PM
Views: 305