Restricting Access to Your Web Pages
S4293 December 2013
Pages that you publish on the web are normally available to anyone. You can, however, restrict access to your web pages to the U-M community or to groups and/or individuals within it. Those who wish to view your pages must first log in with their uniqname and UMICH password. This document tells you how to publish web pages that only the U-M community or specific groups and individuals in that community can access.
Table of Contents
Restricting Access to the U-M Community
Create a Private HTML Directory
Put Your Web Files in the Private Directory
To restrict access to your web pages to the U-M community, you'll need to put the files for those pages into your private HTML directory (or folder). Inside your AFS home or group directory is a Private folder. Inside that is a folder called html. Put the files for the web pages inside the html folder.
HINT: If you had already published the Web pages, you will need to move those files from the html folder in your Public folder to the new html folder in your Private folder.
Use MFile for an easy-to-use, secure, web-based method of transferring files. You can also use WinSCP to access your AFS file storage space. You can obtain the following SFTP programs at no cost from the U-M Blue Disc:
Accessing the Restricted Pages
To access your restricted web pages, use a web browser to connect to the appropriate URL:
HTTPS: The URLs begin with https instead of http. The s stands for a secure http connection and is required.
Anyone who goes to the URL for your pages (including you) will receive a Login required screen. Log in with a uniqname and UMICH password to connect to the page.
Be sure to include a logout link on your page(s) so that people who have logged in can also log out. Here is HTML code for a sample link you can use:
Restricting Access to Specific Groups and Individuals at U-M
Follow the steps earlier in this document to:
You can then further restrict access to individuals or groups within the U-M community by using .htaccess files.
To work with .htaccess files, you need to know how to use a Unix text editor such as pico or vi to create and edit files. For instructions, refer to Using the Unix Text Editor Pico (R1168) or Using the Unix Text Editor vi (R1172).
If you want to restrict access to groups of people (rather than to individuals), you also need to know how to create and work with protection (pts) groups. For instructions, see Creating and Using Protection (pts) Groups for AFS (S4033).
To further restrict access to the web files in a particular directory, create a .htaccess file in that directory that specifies who can have access.
ABOUT RESTRICTIONS: Restrictions are enforced on a directory-by-directory basis, so you can make a subdirectory that is more narrowly restricted than Private/html.
Using a class as an example:
You could restrict Private/html to members of the U-M community, restrict Private/html/assignment1 to just the students and teaching assistants of a class, and restrict Private/html/assignment1/grades to only the teaching assistants. Note that restrictions can be narrowed in subdirectories, but you cannot have a subdirectory that is more widely available than its parent directory.
For a more complete overview of .htaccess files, refer to Setting up Access Control for Your HTML Documents.
For information on accessing the pages that you have restricted access to, see Accessing the Restricted Pages earlier in this document.
Visit ITS's Information System to obtain ITS computer documentation and other resources. A list of relevant documents follows:
The ITS Service Center provides a variety of computing help resources.
For further help with this or any other topic, call 734-764-HELP  or submit an online service request.