Web Hosting – Security

As an NUWeb user, you are solely responsible for the content, accuracy, maintenance and consequences of information you publish. Individually-identifiable and/or sensitive information such as Social Security Numbers, dates of birth, financial information, student records, or any other privileged information may not be published or in any way made available through your website.

All NUWeb account requests will receive an HTTPS URL.

If you publish content that Northeastern deems to be sensitive information, yet it is compliant with the university’s Web Publishing Agreement, you can set up password protection or use a digital certificate. The following are instructions on how to password protect areas of your site:

  1. Log on to nuweb[your server #].neu.edu via secure shell.
  2. Change directory to the directory of which you want to provide password protection:
  3. Look for the “.htaccess” file in that directory and add the following content. Do NOT remove the original content, substitute in the correct information for “[PATH TO PRIVATE DIRECTORY]” (if you do not know this information, type “pwd” at the command prompt and that will give you the full path):
    authtype basic
    authname protected
    authuserfile /[PATH TO PRIVATE DIRECTORY]/.htpasswd
    require valid-user
  4. To create the password file, while you are in the directory you are going to password protect, type the following at your prompt:
    /usr/bin/htpasswd -c .htpasswd [NAME OF AUTHORIZED USER]
  5. The system will ask you to enter a password for this user, then ask you to repeat it.
  6. You may continue to add users, but the “-c” option is only used the first time you create the database. Do not use “-c” again or you will overwrite the original database.
    /usr/bin/htpasswd .htpasswd [NAME OF AUTHORIZED USER]
  7. Go to your website and try it out! If a password prompt does not appear and you have followed the above steps, your server account may need permission to use .htaccess. Please contact webgroup@northeastern.edu in this event.