From owner-freebsd-isp Fri Nov 22 07:23:49 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id HAA23375 for isp-outgoing; Fri, 22 Nov 1996 07:23:49 -0800 (PST) Received: from i-gw.dalsys.com (i-gw.dalsys.com [207.42.153.1]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id HAA23369 for ; Fri, 22 Nov 1996 07:23:35 -0800 (PST) Received: (from smap@localhost) by i-gw.dalsys.com (8.6.9/8.6.9) id JAA25621; Fri, 22 Nov 1996 09:17:26 -0600 Received: from future.dsc.dalsys.com(199.170.161.3) by i-gw.dalsys.com via smap (V1.3) id sma025619; Fri Nov 22 09:17:24 1996 Received: by future.dsc.dalsys.com (AIX 3.2/UCB 5.64/8.6.12) id AA121703; Fri, 22 Nov 1996 09:23:03 -0600 Date: Fri, 22 Nov 1996 09:23:03 -0600 (CST) From: Richard Stanford X-Sender: richards@future.dsc.dalsys.com To: Steve Cc: David Stickney , The FreeBSD ISP Mailing list Subject: Re: The best way to allow users to access a WWW directory In-Reply-To: Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Fri, 22 Nov 1996, Steve wrote: > > > In srm.conf you put > > UserDir public_html Or alternatively, set up a dedicated (slow/dumb) machine for users to login to, specifically one that they can crash without bringing down any of your essential services. Next, create a place on the webserver for users to put their pages (ie: /www/users/ ) and create their directories underneath it. The users must be in the /etc/passwd file for the webserver, but their password may be * or something else so that they can never log in. Now NFS mount the /www/users directory from the webserver over to the telnet/ftp client mentioned earlier. Users add their pages to the apparently-local drive, and they never interfere with your webserver. Oh, almost forgot -- on the webserver, you can set UserDir to /www/users/ which tells the engine to look here for user webpages. Even on a non-dedicated box, this would allow you to put all webpages onto a seperate drive, rather than having them intermingled with user's home directories. If you like, you can always execute as part of your user-setup stcript a: ln -s /www/users/u/username /home/u/username/public_html or something like that. > Then all each user must do is create a subdirectory in their home > directory called public_html and place their files in that subdirectory. > The URL uses ~userid - example: > > http://www.sompeplace.com/~david/Welcome.html > > Would pull up Welcome.html from public_html unde ryour home directory. Or wherever else specified in UserDir, but yes. > All files my be world readable (I think read and executeable) -ie > chmod 755 Executable? All files should be at least 444, but that's all -- If files are 644 and directories are 755, that enhances security and allows indexing to be performed on directorys with no index file. If the directory is 711, that enhances user-privacy at the expense of indexing. > On Thu, 17 Oct 1996, David Stickney wrote: > > > Hello, Hey there. > > I loaded the Apache www server up, and it works and everything.. My question is how would I go about letting users add their own WWW pages with out letting them thrash the syetem? In my opinion -- this is the safest way. The users are never ON your webserver. > > There is a comment "UserDir public_html" where does it go? The only Documentation I have found is the README for the Icons?... There is documentation and a FAQ at http://www.apache.org/ > > If you help me, Send me your address, I pay. ;> Don't bother -- just help the next person. It all evens out, everyone is happy, and we can all pretend that this is the internet of a few years ago. > > Thanks, > > Dave De nada - Richard -------------------------------------------------------------------------------- Contrary to popular belief, Unix is user friendly. It just happens to be very selective about who it decides to make friends with.