Apache HTTPD – Security Levels
The Shared Apache HTTPD service provides more various options when it comes to choosing who can access your website. While at first it may look intimidating, the concept is quite simple. Each of the two axes provides the where and the who of the security system. The numbers 1-4 are locations of potential users (the where) and the letters A-H are groups (the who) that can access your site. So it is as easy as choosing the where and then choosing the who and finding the intersection in the table. Below is a grid layout of the security levels which will allow you to do that, and below that are some examples of the most common requested security levels.
| IP Address Restrictions | |||||
|---|---|---|---|---|---|
| 1. Open to Any Address (no restriction) | 2. Open to Any Purdue University Address | 3. Open to Any Purdue University West Lafayette Address | 4. Open to a Custom List of IP Addresses (a subnet, block, etc.) | ||
|
User/Group Restrictions
|
A. Open to Any User (no restriction) | 1A | 2A | 3A | 4A |
| B. Open to Purdue Career Account & Password | 1B | 2B | 3B | 4B | |
| C. Open to Purdue Faculty & Staff Only | 1C | 2C | 3C | 4C | |
| D. Open to Purdue Students Only | 1D | 2D | 3D | 4D | |
| E. Open to a Department or Group of Departments | 1E | 2E | 3E | 4E | |
| F. Open to a Specific Career Account List1 | 1F | 2F | 3F | 4F | |
| G. Global ID & Password (not LDAP) | 1G | 2G | 3G | 4G | |
| H. Custom2 | 1H | 2H | 3H | 4H | |
1 This can be done with an .htgroup file maintained and deployed to each tier by the developer (preferred) or as a static list maintained by Web Services.
2 Contact Web Services for assistance.
Examples
Below are some examples of how to use the table, each of the bold phrases are the key components in the questions.
| Desired Access | Requested Security Level | |
|---|---|---|
| I want Purdue Students Only to access my site but it doesn’t matter where they are | Any IP Address and Purdue Students = 1D | |
| Any IP Address = 1 | Purdue Students = D | |
| I want only people on the West Lafayette Campus to access my site but it doesn’t matter who they are | Any Purdue University West Lafayette Address and Any User = 3A | |
| Any Purdue West Lafayette Address = 3 | Any User = A | |
| I want a single username and password for my site and it doesn’t matter where it’s accessed from | Any IP Address and Single Sign-on = 1G | |
| Any IP Address = 1 | Global ID & Password (Single Sign-on) = G | |
| I want a certain subnet to access my site with their Career Account | Specific Subnet and Purdue Career Account = 4B | |
| Specific Subnet = 4 | Purdue Career Account = B | |