Guidelines for installing software on IU central web accounts

It is understood that web application developers frequently obtain segments of sample program code, useful HTML or JavaScript segments, and CGI scripts in the course of the development of a web application. The guidelines below apply to complete, ready-to-install software products (commercial, open source, or otherwise) that account holders might obtain and wish to install within their accounts and use as part of their websites.

Important:
If you install software in your account, it is your responsibility to keep informed about updates and security issues surrounding the software. The University Information Security Office (UISO) also offers a web application scanner to help discover vulnerabilities in your web site. For details or to request a scan, see Vulnerability Scanners.

Software that an account holder wishes to install on Sitehost servers must not:

  • Require changes to the underlying operating system configuration of the web host server
  • Require changes to the underlying host server's network configuration (other than perhaps the use of a virtual host)
  • Require changes to the HTTP (non-secure) and HTTPS (secure) web server configuration that cannot already be made by the account holder using .htaccess files containing appropriate directives in any web directory within the account
  • Require changes to directory or file permissions (system or user) outside of the account holder's directory space
  • Require additions or deletions of language (Perl, PHP, C, C++, etc.) extensions that will be specific to the account holder's product, and be of little use to other account holders who are developing applications. Requests made via Tier 2 Web Services Support (WSS) will be considered carefully to ascertain if they will have reasonably broad appeal across account holders. Perl language module extensions are a good example of this type of request.
  • Require specific versions of languages or their extension components that conflict with current versions or planned future versions
  • Be anticipated to consume or observed to consume storage, CPU, memory, input/output, or network bandwidth resources at a level significantly greater than the average usage by other account holders
  • Require regular support services by UITS staff at the behest of the account holder above and beyond the level of support provided to all account holders generally
  • Require root access during installation or during operation of the account holder's software product
  • Require the use of a TCP/IP network port above 1023, such as in the case of a product that acts as a server and receives connections from the TCP/IP network. UITS will check for and monitor unauthorized use of network ports on any UITS central web hosting server, and take appropriate actions if needed.

For questions about these guidelines, contact Tier 2.

This is document bfrd in the Knowledge Base.
Last modified on 2023-03-31 07:45:23.