About Sitehost


Sitehost is Indiana University's central web server solution for core and gateway university websites.

Sitehost is for official IU business related to your organizational unit, research, instructional, academic, approved professional organization, or registered student group. Sitehost hosts the university gateway and regional campus websites as well as thousands of other websites related to official IU business. Accounts on Sitehost have access to subservices and utilities not available through IU Pages. Sitehost Accounts on Sitehost are assigned to a group account and intended to be maintained by multiple users. For more about accounts and services for Sitehost, see Manage Sitehost accounts with the Enterprise Web Technical Services site.

Sitehost features at a glance

  • Apache 2.4
  • Server connections: SSH2/SFTP with two-factor authentication
  • MySQL 8.0
  • Perl 5.26
  • PHP 8.1 (default), 8.2, 8.3
  • Python 2.7.15+
  • Text editors: Nano, Pico, vi, vim, Emacs
  • Home directory: /groups/accountname/
  • Web directory: /groups/accountname/web
  • Perl modules: Perl is available on Sitehost, but only with the default modules installed. To request additional modules, contact Tier 2.
  • HTTPS traffic only: Sitehost only serves traffic via HTTPS/SSL. All non HTTPS/SSL requests will automatically be redirected to the HTTPS/SSL version of the site. There is no option for non-HTTPS/SSL site service.
  • Storage limits: Sitehost accounts have an initial quota of 2 GB. If you need additional storage, contact Tier 2 with a description of your storage needs, including an estimate of the amount needed. Large media files and backups should not be stored on the Sitehost file system.

Eligibility and accounts

At IU, the central web server solution, Sitehost, provides all campuses with a place to publish information.


University-affiliated departments, groups, and organizations

Any university-affiliated department, group, or organization can request an Sitehost account for the purpose of publishing information about the services they offer to the IU community.

Student groups

Student groups who wish to use Sitehost to publish university-related material may do so as long as the owner is a full-time staff/faculty member who is ultimately responsible for the account and its use. For more about student organization computing accounts, see Computing accounts for IU Bloomington and IU Indianapolis student organizations.

Professional organizations

Professional organizations may request an account provided that the group is directly related to the business of the university and 50% of the group's members are IU faculty or staff.

Professional organization computing accounts are for the sole and exclusive use of the IU organization and its designated members, and may not be used for or by other organizations or individuals not affiliated with IU.

Request Sitehost accounts

Sitehost accounts must be tied to an existing group account; to request a group account, see About IU computing accounts for groups or departments. If you already have a group account you wish to use, you may perform all account management tasks for Sitehost on the Enterprise Web Technical Services (WebTech) site at https://webtech.uits.iu.edu; for instructions, see Manage Sitehost accounts with the Enterprise Web Technical Services site.

Additionally, all Sitehost accounts/domains need to have an approved website hosting application.

For more information, see Request a Website.

Managing Sitehost

Sitehost sites and virtual hosts can be managed via the Enterprise Web Technical Services site. You can follow the documentation for working with virtual hosts.

Connect to the Sitehost servers

Sitehost servers support SSH and sFTP connections via two-factor authentication or by SSH keys. A Sitehost account features access to a production and a testing server for development work. The server URLs to connect in the application of your choice are:

  • Sitehost (production server): ssh.sitehost.iu.edu
  • Sitehost-test (test server): ssh.sitehost-test.iu.edu
You will need to be on campus, or use a VPN if off campus. If you are unable to use two-factor authentication, you may use the IU Groups VPN, selecting Groups 3833(IU-Linux-Hosting-Users) to bypass the two-factor requirement. For an overview of your options for accessing the servers, see Connect to the Sitehost servers.

Mandatory two-factor login

Sitehost requires mandatory two-factor login for all SSH and SFTP connections. For an overview of the connection options and related instructions, see Connect to the Sitehost servers.

Due to a technical limitation in Duo Unix, two-factor login for a group account is not a viable option. Duo Unix automatically picks the default factor; the second factor will always go to the same place and not to other users sharing the group account credentials.

To implement two-factor authentication in a way that doesn't require multiple users to use the same second factor for a group account, use IU Groups VPN for two-factor logins with personal IU accounts. If your needs cannot be met with two-factor authentication, email the UITS Support Center to request an exception.


Support for Sitehost

For technical assistance, contact Tier 2. For site development and coding support, you may wish to contract with University Communications and Marketing.

Virus scans and notifications

Enterprise Web Technical Services uses a virus scanning tool which scans accounts weekly for potentially malicious files and automatically quarantines detected files to maintain the security of the affected website and the hosting environment. If a file is flagged and quarantined, account owners/contacts will receive an email with the affected account name(s) and a list of files detected as potentially malicious. Scans occur during the weekend, and notification emails will be sent on Monday.

Accounts owners/contacts should review the list of files indicated in the email to determine if the files are truly malicious or not. If you need assistance to determine if the content is malicious, contact the University Information Security Office (UISO) at uiso@iu.edu. Once all files have been investigated:

  • If a file is malicious, contact Tier 2 and provide the results. Administrators will permanently delete the file. Account owners/contacts should also review the account and address any site vulnerabilities the file may have caused.
  • If a file is not malicious, contact Tier 2 and provide the results. Administrators will release the file from quarantine and add it to an exception list so that it will not be flagged again.

Quarantined files are held for 30 days from the date and time they are flagged. If no action is taken, quarantined files will be permanently deleted after 30 days and will not be recoverable. Account owners/contacts will receive email notifications weekly until an action is taken or until the quarantined content is permanently deleted.

Sitehost data classifications

Sitehost is cleared for the storage and processing of Restricted data or lower. Account owners who wish to process data with higher classifications should work with Data Stewards and Sitehost administrators via Tier 2 Web Services Support (WSS) to obtain authorization.

If you're using the WCMS, be aware that it is only cleared to host and process University-Internal data.

For more, see Classification levels of institutional data.

This is document axnv in the Knowledge Base.
Last modified on 2024-05-14 11:44:07.