The University of Texas at Austin

Web Central

Access Control Using .htaccess

Web Central does not meet the requirements for hosting classified data. Category-I data, including FERPA-protected data, must not be stored on Web Central.

An .htaccess file allows for per-directory Web access control to content, including all sub-directories contained within the directory. On Web Central, the following options are available for access control using an .htaccess file:

  • lockRestricting Access on Web Central using UT EID and the Transitional Fat Cookie
  • lockRestricting Access by Domain Name
  • lockRestricting Access by IP Address
  • lockRestricting Access by Username and Password

All EID-protected directories must be accessed using the HTTPS protocol.
You must include a logoff option on your EID-protected pages:

Any directories that you want to protect must be world-executable and any files you create must be world-readable. To set the proper permissions, log on to uts.cc.utexas.edu and go to your protected directory. To make the directory world-executable, enter the command

chmod  751  .  

To make a file world-readable, enter the command

chmod  644  the-filename  

Limits of Protection

Password protection of website directories does not give you complete protection; it only stops unauthorized users from viewing your files via a Web browser.

Your files remain world readable in their uts.cc.utexas.edu directory. This means that anyone who can log in to UTS will be able to go to your directory and read your HTML source files, provided they know where the files are.

Last updated May 30, 2014 @ 10:24 am

We Can Help

Get help from an expert:

* ITS Help and Service Desk

* Call us at 512-475-9400

* Submit a help request online

We also have a walk-in service in the first floor lobby of the Flawn Academic Center (FAC). Stop by and let us help you!