Uploading and Publishing Your Own Web Site on the Users Web Server

Students and staff in the School of Computer Science & Informatics, can upload and publish their own websites on the School's users Web server. The information here will tell you how to create the website, how to upload or remove pages, and how to write and install CGI programs. It also tells you how to publish your site so that it can be viewed on the World Wide Web.

Staff and students in Cardiff School of Computer Science & Informatics can create and publish a web site on the School's users web server http://users.cs.cf.ac.uk/. Use of the users web site is purely voluntary — it is not necessary for your work within the School. You decide whether or not to create pages for the server and whether or not to publish them on the World Wide Web. Web projects and other work for your course modules in the School should be installed on the the School's project web server (see Creating a Web site on the School's Project Web Server).

Setting up a Web Site

There are a few steps for setting up a web site.

  1. Upload files to your site through the School's web site upload server websites.cs.cf.ac.uk.
  2. Visit http://users.cs.cf.ac.uk/ and publish your web site.
  3. Browse to http://users.cs.cf.ac.uk/MailName (where MailName is your mail name) to see your web site.

Uploading your Pages

In order to create your users web site, you will first need to upload files to it - HTML files, PHP script files or CGI scripts.

You can upload pages through the School's web site upload server websites.cs.cf.ac.uk.

Connect an SFTP-enabled client application to fileserver websites.cs.cf.ac.uk. For example, you can use —:

  • WinSCP on a Microsoft Windows PC or laptop.
  • Mate caja, GNOME nautilus, KDE konqueror or sshfs on a Linux workstation or laptop.
  • Cyberduck on a Macintosh workstation or Macbook.

There's also a version of Cyberduck for Windows. The portable application Filezilla is available for all platforms, too.

Connect one of these applications to websites.cs.cf.ac.uk. You will see two sub-directories, project and users. Navigate to the users directory to upload files for your users web site.

For further details on uploading files from Windows see Accessing Your University Files Remotely from Windows and Vista. For uploading from Linux, see Accessing Your University Files Remotely from Linux PCs and Laptops, and for uploading from Macs see Accessing Your University Files Remotely from a Macintosh.

The upload server websites.cs.cf.ac.uk also allows connection via secure WebDAV as well as SFTP. Secure WebDAV is available in Caja on Linux (Mint), Window Explorer on Windows, and the Finder on Macs. Simple FTP can be used from within the School network too.

If you want to create your web site with an open source or commercial web site design/publishing application, the software will need to have either SFTP or secure WebDAV upload capability. Connect the application to server websites.cs.cf.ac.uk with directory users.

Another way to upload files is to use the web site administration web application. This is an application you can use from any web browser. Simply direct your browser to https://siteadmin.cs.cf.ac.uk/. See Administering Your Websites from a Web Browser with the Website Administration Application.

The web site administration application lets you upload or delete page and script files, create directories, change file access modes and upload and extract zip or tar archives.

The web site administration program is described more fully in the Appendix [[another note]].

Publishing your Web Site

Even after upload, your web site is not available for viewing until you publish it. Publishing your site will list it in the users web site index page and make its URL available to the Internet.

Open the URL http://users.cs.cf.ac.uk/, and you will see the index page where all of the users web sites are listed.

In the left-side menu, notice the entry Publish your site. Click on this to begin the process of making your site visible.

You will need to authenticate to get to the Publish Your Site page. On the page, enter your password again and click the Authorise button. This will publish your pages on the users site.

When you click on the Authorise button, you agree to abide by the rules that apply to the users server. Your mail name will appear on the users index page and your web site will be accessible over the World Wide Web. It is your responsibility to ensure that the pages you publish are proper and lawful.

After a few minutes, your mail name will appear as a link on the index page.

Hiding your documents

You can unpublish your web site and hide your documents from browsers in the Internet. Click on Unpublish your site in the left-side menu to go to the Unpublish Your Site web page.

The files will remain in place, however, and you can still upload or delete them using the web site administration program, or by STFP or secure WebDAV.

Accessing your Web Site

Once you have created and uploaded your site, and published it and made it visible on the Internet, you can view your site at http://users.cs.cf.ac.uk/MailName (where MailName is your University or Computer Science mail name).

Rules for pages on the users server

Publishing on the users web site is a privilege offered to users within Computer Science & Informatics and it is your duty to treat this privilege responsibly and ethically.

Pages on the users server are visible to the whole Internet and are subject to School Rules, University Regulations, the Regulations of the University's Internet Provider (JISC), and legal restrictions regarding the propriety of their content. The Rules and Regulations include:

Copyright
You must not publish copyright material or material that is otherwise restricted.
Reputation
You must not publish material which might bring yourself, the School of Computer Science & Informatics or Cardiff University into disrepute.
Authenticity
You must not purport to be anyone other than who you are on your web pages.
Privacy
Respect the privacy of others. Avoid material about private individuals unless you have their permission.
Sensitivity
Think carefully before publishing material about real events. Try not to write anything that could be distressing to others.
Complaints
Take complaints about material on your web pages seriously. Respond to complainants quickly and politely. Be prepared to remove material if you cannot achieve a resolution of the complaint.
Security
You must not install pages or software which damage the security or integrity of the web server or University network. Keep security in mind when writing web pages and applications. Take care when installing third-party applications in your website.

Pages that are considered to be inappropriate by the Head of School or his designated web masters will be removed without appeal.

If you wish to create web pages that you don't want published on the Internet, use the project server instead of the users server. The project server is visible from within the School's Intranet only - see Creating a Web site on the School's Project Web Server.

Types of Web Page - Documents and Scripts

We can consider pages on a web server to be in four categories.

Simple document pages

Files containing HTML text, images, etc which are formatted and displayed by the client browser (such as Firefox, Google chrome, Konqueror, Safari or Internet Explorer). You may write such documents directly - in a simple text editor, for example - or you may use a web authoring program. On the server, HTML files are named something.html.

Scripted Web pages

Pages generated on the fly by the server. The server understands the PHP scripting language (see http://uk.php.net/). When you write a page in PHP, the server executes the contents of the page and produces HTML which it sends to the browser. Again, you can write these yourself or use an authoring package to create them. PHP files are named something.php. The file often consists of portions of HTML and PHP mixed together. Any PHP program portions in the file must begin with <?php and end with ?>. Raw HTML portions are sent to the browser literally, as if they came from a .html file.

Common Gateway Interface (CGI) Scripts

Linux programs which produce HTML (in general) as their output when they run. These may be written in any computer language available on the Linux server (e.g. Perl, Shell, C, Java etc). CGI scripts follow a special protocol. In particular, the first thing they output must by a header which defines the sort of output that will be produced. CGI scripts should be placed in directory cgi-bin, or sub-directories of it, within your web file space.

Other Pages

If a file is not a .html or .php one, and it's not a CGI script in cgi-bin, then the server will usually send the contents of the file to the browser unchanged. The file name is passed to the browser and it uses this to decide how to display or save the file. For example, the server may send PDF files, MS Word documents, PostScript files etc. Web browsers are often equipped to deal with these. Sometimes a browser has built-in functions to handle a non-HTML page, or it may run a so-called plugin or external application, or it may simply save the file onto the local computer.

An Example HTML Index Page

Here is an example of an simple HTML file and the web page it produces.

<title>My first document</title>
<h1>A heading</h1><p>Text can be plain, <strong>bold</strong> or <code>italic</code>. There can be images included</p>
<p><img src="/image/y_ddraig_goch.gif" /></p>
<p>and links to other pages like <a href="http://users.cs.cf.ac.uk/">here</a> to the main user-supplied pages.</p>

Preventing listing of directory contents

When you visit directory in your site, the browser will list the contents of the directory.

This is generally undesirable. It's better to have a file called index.html or index.php in your website's directory. A file with one of these names will be displayed by default when the address that's requested is a web site directory.

So, if the user above renamed file first.html as index.html, the simple html file would be displayed by default and no directory listing would appear. You can rename files using the web site administration program, or an STFP or secure WebDAV application.

Secure mode

The users server also has a secure HTTPS mode which you can use, for instance, if you want the browser to send passwords or other valuable data to the server. Secure URLs are the same as ordinary ones but with https: in place of http:. The first time you access a secure page from the users server, your browser will download the server's secure certificate file, and may warn you about it.

Running CGI scripts

Executable files in the cgi-bin directory in your web file space can be accessed using URLs of the form http://users.cs.cf.ac.uk/MailName/cgi-bin/ followed by the file name, where MailName is your University mail name. The files must have executable file access mode set. You can do this in the web site administration program (see LINK TO SITEADM).

There is a maximum CPU time allocated to scripts executing on the users server. After this has been reached, the program is terminated. Any HTML which it has produced is flushed to the client browser but no error message or indication of termination is given.

Reading and Writing Files

CGI scripts and scripted web pages can access files in the Linux file system on the users server. If you want your script or page to access a file called site.log, say, in your web site directory, you can specify the full pathname of the file as /usr/local/www/user/MailName/site.log, where MailName is your University mail name.

This pathname is the name of the file in the Linux Domain. This means that the web server looks on its local file system for the file.

Note that files in /usr/local/www/user/MailName/ are accessible to web users using a Web Domain address starting http://users.cs.cf.ac.uk/MailName/.

If you don't want people to see the file, you will need to protect it with a .htaccess file. One way to do this is to create a separate directory for files which are used directly by scripts and pages that is protected the directory against web access.

Use the web site administration program, STFP or secure WebDAV to create a directory called files, say, so that the Linux Domain path for the file would be /usr/local/www/user/MailName/files/site.log. Now create an access control file called .htaccess in the files directory. The access control file should contain:

order deny allow
deny from all

This will prevent any files in the directory from being accessed over the Web but won't stop your pages or scripts from accessing them in the Linux Domain.

Referring to Other Documents

When your pages refer to other documents on the users server, for example in a HREF link or an IMG specification, it is better to use a relative URL rather than an absolute one. So, you can (and should) miss out the http://users.cs.cf.ac.uk part because the server will automatically fill in its own address.

Similarly, you can miss out the directory hierarchy if the document you want is in the same directory as the one being read. So, to refer to a page other.html in your web site directory from your index page, use the URL other.html instead of http://users.cs.cf.ac.uk/MailName/other.html.

Use the full URL if you are referring to an external page on another server. For example use http://www.cs.cf.ac.uk/ to refer to the home page on the School's main web server.

Server-side Includes

It is possible to include directives inside your documents which cause a program to be run on the server. This is similar to using a CGI script except that the HTML it outputs is included in the document being displayed instead of creating a separate web page.

The program or script to be run can be in your cgi-bin directory, or other accessible document directory.

For example, suppose you want to include the CGI script count.cgi which is in your cgi-bin directory. Put the following directive in your document.

<!--#exec cgi="cgi-bin/count.cgi"-->

The server will not look for the directive unless the document file access modes are set to be executable. (This is for performance reasons, it prevents the web server from scanning files unnecessarily). You can set the mode using the web site administration program.