Restricting Access-Computing Services - Carnegie Mellon University

Which Restriction Method Should You Use?

The web is a public forum. Anyone with web access can read your course or personal web page. However, it is possible to restrict access to your pages by IP address, hostname or to some set of Andrew users through the use of an .htaccess file.The web server use Apache 1.3.12. An .htaccess file is simply a text file that contains Apache directives or commands.

There are considerations with each of these restriction methods. The best method for protecting your pages depends on who will be using them.

Restrict Access by IP Address or Hostname

  • This method allows you to control which machines can access your pages, however, you can not control who uses that machine. Restricting access to software or services by IP address is not considered a secure mechanism. In addition, this restriction becomes less relevant as university affiliates connect to Carnegie Mellon services from remote sites. For these reasons, Computing Services actively discourages the use of IP Address Restriction to restrict access to services.

Restrict Access to a Set of Andrew Users

  • This restriction method requires the users of your web pages to have Andrew user IDs. If the published information is essential to someone who does not have an Andrew user ID, this method of restricting access should not be used. At this time Computing Services has no service for users unwilling or unable to acquire a guest account through the Computing Services Help Center.

Last Updated: 6/3/13