Home
How To Manual
 
Links Imagemap services application FAQ

Securing Your Files

At the top of the screen, WebSpinner identifies the directory or file for which you are editing security. This feature functions only if your webhosting was set up for security. Check with your administrator.

The first selection is:

USER RESTRICTION You have the ability to restrict as follows:

Accessible by all users (No other information is needed)
Accessible by login names

DOMAIN RESTRICTION You can also restrict access by domains. WebSpinner allows you to allow accessibity to all domains or to specified domains One of the newest features of WebSpinner is the ability the limit access to some or all of your directories. This is accomplished by using the Security Button. The Security Button allows you to limit access to your files using two methods: by allowing only certain domain names to view your directories or by setting a password on a directory.

WebSpinner Screen Shot

 

Restricting via Password

To activate password security for a directory, you must first check the checkbox at the top of the page which reads.

Here you will find thwo boxes to complete:

  1. User Name
  2. Password

User Name can be for an individual or a group. An example of group use would be for a class website. You might want to allow only your students to access the class website in order to protect sensitive material (i.e. homework solutions). You can create one User Name and Password combination for the class. This way you do not need to enter each student as a separate user. At the end of the semester, you can delete or change the User Name and Password.

 

Restricting by Domain Name

You have three different security options for each of your directories when you wish to restrict by domain name:

  1. Allow all domains to view this directory.

    This option allows anyone to access your page freely.

  2. Allow only UMD domains to view this directory.

    This option restricts access to your pages to only those web browsers being used on University of Maryland computers (i.e. those in the .UMD.EDU domain) or logged into the UMD.EDU host.

  3. Allow only the following domains to view this directory.

    This option is the most selective. You can specify either specific host names or specific IP addresses that will be allowed access to your pages. All other browsers will be denied. Note: If you switch from this option to either of the other two security options, any information typed into the editing box will be lost.

In keeping with the spirit of an open World Wide Web, the Office of Information Technology recommends that, whenever possible, WebSpinner users allow access to everyone. If you do decide to restrict access, it should be so noted on the page to alleviate the aggravation of websurfers.

The settings in this form will apply to the current directory, all files in the current directory, and all subdirectories and their files. For example, if you set access privileges for the directory whose URL is http://www.inform.umd.edu/EdRes/Colleges/, then every URL that begins with http://www.inform.umd.edu/EdRes/Colleges/ will be affected by the access settings.

 

Setting access by host name or IP address


If you choose to limit access to your directory by host name or IP address, then you can enter specific host names and IP addresses in the text field.

A host name is the server part of the URL. Some examples are inform.umd.edu, www.cnn.com, and www.apple.com. An IP address is the numerical equivalent of a domain which is easier for the computer to understand. Some examples of IP addresses are 128.8.10.29 and 207.25.71.26.

In addition to allowing access by specific host names or IP addresses, you can also permit access to entire domains or to partial IP addresses. This enables you to allow access to a wider range of users without having to specify each host name. As an example, let's say you want to only allow people from Apple Computer to have access to your site. To allow access by host name, you would have to enter every Apple host into the text field, which would look like this: 

www.apple.com, newton.apple.com, quicktime.apple.com
support.apple.com, ftp.apple.com
Instead, you can simply type the domain name to allow access to all users in the Apple domain: 
.apple.com
To take it one step further, you may want to only allow people coming in from a company site to be able to view your pages. If so, you could enter the following into the text field: 
.com
So to allow greater access with host names, you can, starting from the left, leave off pieces of the host name by listing names beginning with succeeding periods.

Partial IP addresses work in a similar way, but in reverse order. To allow access to specific IP addresses, you can type something like: 

128.8.10.29, 128.8.10.12, 128.8.10.114
If you'd like to allow access to all users in the 128.8.10. partial IP addess, you can simply type the following into the text field: 
128.8.10.
Again, to allow greater access, you may leave off pieces of the IP address, this time starting from the right end and working backwards. So to allow access to all IP addresses that start with 128., simply type the following into the text field: 
128.
You may combine any number of host names and IP addresses in the text field. Only a user that attempts to view your page from a host or IP address listed in the text field will be allow to view the directory, its files and any subdirectory of the current directory.

Then, press the Update Security button and your new security features will be implemented.

 

Links Imagemap services application FAQ
University of Maryland Maintained by theOffice of Information Technology
Please direct comments to webhostingadmin@umd.edu
Last modified Tuesday, 14-Dec-2004 12:14:48 EST
Office of Information Technology