Chazin Home | Ca-binding Protein DB | Vanderbilt Home
	Research Description | Publications | Wisdom | Search
	How to contribute | About this page

How to restrict access to sensitive data on the web

On our server there are three methods through which you can restrict access to web pages. Choose the one that suits you best. You do not need to use more than one.

Method 1. To enable Vanderbilt-internal access only to a single page

prepend the file name with i_
E.g. call the page i_test.html instead of test.html and the server will not let external users see it, irrespective of where the page is. This method is very simple and lets you 'open up' the file later through a simple name change.

I could set up more such naming conventions if there is interest.

Method 2. Create a directory for your restricted pages and place a .htaccess file in it.

The .htaccess should look like this:

<Limit GET>
order deny,allow
deny from all
allow from 137.131
allow from 129.59
allow from 160.129
lt;/Limit>

All restricted addresses need to be IP numbers, not domain names. Our server no longer resolves IP addresses to domain names (which makes it a whole lot faster).

The 137.131 line is our regular network at Scripps. The 160.129 and 129.59 lines are the Med Center and Arts and Sciences networks at Vanderbilt, respectively.

Note that there is an existing directory wisdom/restricted that is already set up for your convenience.

Method 3. The last way to restrict access is by asking me to edit the access control lists.

This largely duplicates what can be done with the .htaccess file.

There is actually a fourth way to restrict access: Put your page into some directory other than the server root (chazin's /var/www/htdocs) or your ~/public_html and link to it through file://host/path/file.html

Some random notes:

Anything involving research results should probably be run by Walter first.