Presenting Data to the World

  • Web Pages for the World
  • Web Pages for the Lab
  • Anonymous FTP
  • Secure (more or less) Transfer of Files
  • CGI programming

    • For security and convenience, we do not run a web server from the main Unix systems in the lab.  This duty is performed by a separate computer.  This computer has the name of www.uoxray.uoregon.edu.  Any access by the outside world to data in the lab should be granted via this machine.

    Be sure that everything you put there is ready for disclosure.  Unless you take special precautions placing data on the web server legally counts as a "publication".  When you publish a paper in a journal you will likely be required to sign a statement that this work has not been published previously.  If you placed it on the web you will not be able to publish it a second time in a journal.  The journals Nature and Science are particularly strict about this sort of thing.  The publication date is also critical in determining the patientability of an idea. 

    You must get permission from your boss before putting any unpublished research ideas on the web.

    You are not permitted to log onto the web server.  You will create and maintain your files using any member of the Unix cluster via the file system /internet.  Any file in this directory tree is actually stored on www.uoxray.uoregon.edu and will, in all likelihood, be visible to the world.  This web page describes how you can present data in several different ways via the Internet.
     

    Web Pages for the World

    If you specify to your browser the URL http://www.uoxray.uoregon.edu/ you will see the contents of the file /internet/httpd/html/welcome.html.  If you want to serve your own web pages to the world, simply create a subdirectory of this directory and place your files in it.  The file you name welcome.html will be displayed by default.

    There is one complication:  you must ensure that the protection of all your files is set so that users in the "other" category are granted "read" permission.  This is done in two steps: You must ensure that "other" users can pass through the directory you just created and that, once there, they can read your file.

    To open a directory to "other" access, change your working directory (with the "cd" command) to the parent directory and type "chmod o+rx file", where "file" is replaced with your directory's name.

    The "cd" into your directory and type the command "chmod o+r *".  You do not want to type this command in you home directory on the Cluster (/usr/users).

    This file access stuff is hard to remember and will likely cause us great difficulty.  If you have files in your web directory but the browser claims that it is not authorized to show them to you, this is likely your problem.

    Generic Web Pages

    There is a great deal of general documentation and lab generic web pages on the server.  To maintain some control and accountability you will not be allowed to modify these files without special permission.  I have created a unix "group" called "webmaster".  To modify the lab's web files you will have to be granted permission to enter this group and use the "newgrp" command  actually do so.
     

    Web Pages for the Lab

    There are a number of documents which we wish to have available to members of the lab, but have no particular need to go out of our way to protect from prying eyes.  This document is a good example.  We want you to be able to view this document from whatever computer you happen to be using, and we don't care if someone from outside the lab reads it.  Such documents are stored in the http://www.uoxray.uoregon.edu/local (or, when logged onto our Unix computers /internet/httpd/html/local) directory.  The files in the local directory are not indexed by web searchers, so no one should ever be directed to one by Google, Yahoo, or Alta Vista.

    You can create your own local web site by creating a directory in /internet/httpd/html/local.  Your directory should be named with your username.  You may then reach this file with the URL http://www.uoxray.uoregon.edu/~name.  You must change the file access permissions to allow users of type "other" to access these files, just as you must with files being served to the world.  A description of what you must do can be found here.

    For example, I have two (well...  three when you count the TNT pages) web areas.  They are /dale and /~dale.  You may look at them to see how I use them.  /dale/welcome.html is the page I expect people to see when they are looking for information about me.  /~dale/welcome.html contains my favorite bookmarks.  The latter page allows me to hop directly to a site regardless of which computer I am using at the time.  I can be anywhere is the world and my bookmarks are available to me.  It is not pretty but it doesn't need to be.

    Anonymous FTP

    Due to endless security problems with anonymous ftp, I have disabled this capability on our web server.  There is little need for anonymous ftp because you can place any files you wish to distribute in your exported directory and people outside the lab can pick up the files using http.

    Secure Transfer of Files (more or less)

    In some cases you will want to transfer one or more files to a particular person, and it is important that no one else can see the file.  In that case placing the files in web pages is not a good option.  The best way to transfer such a file is to send it as an e-mail attachment.  There is no management overhead and the file will get where it needs to go.

    If e-mail does not meet your needs, you will have to talk to me (Dale).  I can allow login access to your account on the web server.  You will have to set a password, one that is different from the one you use on the Cluster.  You may then create a directory in /internet whose name is your username and place your files in it.  Give the password of your web server account to your collaborator and let them sftp into www.uoxray.uoregon.edu using your account.  They transfer out the files, you tell me, and I shut down further access.  Please delete the files when you have finished with them.

    Note that I said "sftp" not "ftp".  There is no ftp server on www.uoxray.uoregon.edu.

    Protection is important to consider with these files too.  Normally we allow other members of our group to read our files.  Protected files on the web server must be considered different.  If you allow others in the "group" to read your private web files, people from outside the lab who have access to someone else's private directory will be able to read your files as well.  You should remove all access for "group" and "other" in your private directory.  This is done with the command "chmod go-rwx *".  If you have a whole directory tree you will have to use the -R option.

    CGI Programming

    If you web application requires that a script run on the web server you will likely want to engage in what is called CGI programming.  There are many books on this topic that you can buy.  What is relevant here is that a cgi script must be placed in the directory /internet/httpd/cgi-bin.  To create files in this directory you will need to be a member of the webmaster group.

    This web site uses the Apache web server software.  The users' guide for the server is here.

    You will likely have to work with me to set up complicated applications.  I don't know every type of thing that someone would want to do and probably have not got the permissions set up perfectly.



    Dale Tronrud, July 1, 2003
    webmaster@www.uoxray.uoregon.edu