Body
Context
Before adding password protection to your personal webpage, please review the guidance from the Information Security Office (ISO):
- All posted content should be reviewed for need and relevance, and any unnecessary files and information should be removed. Additionally, the service should not be used as an Archive even if older data is still needed.
- We encourage leveraging storage solutions such as Box or OneDrive.
- Ensure that you are not publishing sensitive information to your web directory, such as grades, class roster, student information, computer logs, emails to students or colleagues, other internal UTD data that should only be stored within approved campus platforms.
- Miscellaneous class material should be posted to eLearning where possible.
- This includes things like syllabi, instructional material, lecture and lab meeting notes, assignments, and sample materials.
- While not forbidden, we highly recommend removing materials like family photos, resume, home address, and personal email.
- Respond to notifications from the ISO when web application issues are identified for resolution to avoid web vulnerabilities putting your site and UT Dallas at risk.
Basic Authentication
Basic authentication allows the site owner to specify a set of usernames and password that may be used to access the site. When a user accesses a page, they will be presented with a dialog box prompting the user for their username and password.
The following steps may be used to configure basic authentication on a personal webpage:
- SSH into Giant.
- Navigate to the directory within public_html you wish to protect.
- Example: cd public_html/protected/
- Using your preferred text editor, create a temporary passwords file.
- Enter a list of usernames and passwords in the following format:
username2 password2
Note: These usernames do not have match the NetID format.
- Run the htcreate [passwords file] command to generate the configuration files.
- This creates the .htaccess and .htpasswd files.
- Remove the temporary passwords file.
- Example: rm passwords
Navigating to a page within the directory where the newly created .htaccess file resides will prompt the user for a username and password. If entered correctly, access will be granted to the page(s).
Single Sign-On (SSO) Authentication
Note: OIT is aware of issues affecting SSO on personal webpages. We are working to resolve these issues as soon as possible.
SSO authentication allows personal webpages to be protected behind the UTD SSO system. This provides a unified authentication experience for users and provides greater governance of personal webpage authentication. The following steps may be used to configure SSO authentication on a personal webpage:
- SSH into Giant.
- Navigate to the directory within public_html you wish to protect.
- Example: cd public_html/protected/
- Using your preferred text editor, create an .htaccess file.
- Paste in the following template:
AuthType shibboleth
ShibRequestSetting requireSession true
<RequireAny>
require shib-user NetID@utdallas.edu
</RequireAny>
- Modify the .htaccess file to specify users or groups that should be granted access to the site.
Navigating to a page within the directory where the newly created .htaccess file resides will redirect the user to UTD SSO. After successful authentication, they will be re-directed back to the personal webpage. If they are not in the allowed list of users, they will be presented with an “Access Denied” message.