|
Each website has a specific file system and permission structure
at the time of website creation. Each area of the website
file system structure has a specific purpose.
In the Windows 2003 server environment it is difficult to maintain
security while allowing users to manage their own directory permissions.
For this reason there are four default areas set up in every account
which handle the various permission environments necessary on a
Windows 2003 web server. The areas are described in the table below.
By default, the URL to a standard website is http://www.web.virginia.edu/[site name].
Users can request virtual roots with acceptable DNS names as approved
by the UVA Hostmaster (hostmaster@virginia.edu). The virtual roots
are processed using host header names, and are subject to the limitations
of host header processing. A notable issue with host header processing
is that SSL is not available to a host header name root. SSL can
still be implemented for these sites by calling the appropriate
content via the default account URL.
PLEASE NOTE: Although users cannot change the
permissions on the subdirectories within their website, they can
delete the default directories. If a user tries to recreate the
default directories, they will not function correctly as they will
not have the proper permissions on the file system or within the
web server.
| Site Name Folder |
Notes |
| Root
of the account. In most cases, all of your files will go here. Files placed here
can be read, retrieved, and processed as scripts. |
- http://www.web.virginia.edu/[site name]
- F:\Web\users\[site name]
- \\es-web1.eservices.virginia.edu\[site name]$
- File
system permissions: Server User: Read; Account Users: Read/Write
- Web
server permissions: Read, Script
|
| CGI-Bin Folder
|
Notes |
| Executeable
directory. Files placed here can be executed by the server.
They cannot be read, retrieved, or written by the server |
- http://www.web.virginia.edu/[site name]/cgi-bin
- F:\Web\users\[site name]\cgi-bin
- \\es-web1.eservices.virginia.edu\[site name]$\cgi-bin
- File
system permissions: Server User: Read; Account Users: Read/Write
- Web
server permissions: Execute
|
| Private Folder
|
Notes |
| Private
directory. The web server has no access to files in this directory. |
- NO
DIRECT HTTP ACCESS
- F:\Web\users\[site name]\private
- \\es-web1.eservices.virginia.edu\[site name]$\private
- File
system permissions: Server User: Denied; Account Users:
Read/Write
- Web
server permissions: No Access
|
| Database Folder
|
Notes |
|
Data
directory. Place data sources such as access databases here.
The web server can read and write files in this directory,
but not process them as content or scripts. This ensures that
your data cannot be retrieved other than through your scripting
or executeable code. In other words, you can the server can
create a file here, and that file is NOT accessible via a
simple URL, it can only be retrieved via a script or executeable.
|
- NO
DIRECT HTTP ACCESS
- F:\Web\database\[site name]
- \\es-web1.eservices.virginia.edu\[accountdb]$
- File
system permissions: Server User: Read/Write; Account Users:
Read/Write
- Web
server permissions: No Access
|
|
