Scripting languages and allowed packages

To ensure the security of the server, several specific software packages are forbidden from use on the machine. A minimal installation of Perl and PHP will be made available and kept current, but many of the advanced features will not be installed.

Software packages such as blogs and bulletin boards are explicitly disallowed on the server. These applications have historically been prone to containing poorly written code that can be exploited to gain unauthorized privileges on the machine.

Individual scripts that are identified by system administrators as potentially exposing others to risk or abuse may be disabled and/or removed. All reasonable efforts will be made to communicate with the site owner and manage the removal in such a way as to minimize service interruptions, but removal may precede notification if the situation is deemed to warrant such action.

Database access

The server is designed first and foremost to host and serve University web pages. While various scripting languages are installed on the machine, it is not intended to be an application server. In order to preserve resources for the delivery of web content, a database server has not, and will not be installed on the machine.

Digital media or other types of large files

The University web server was designed to serve Web pages, and is not to be used as a media server for large media files, or as a download area for large files of any type. You may not place any large digital media file (MP3 audio, any type of video file, or any individual file over 5MB in size) without written authorization from the University webmaster's office. This is to insure the proper functioning of the public University web site and to protect the server from the extraordinary traffic volumes and storage requirements that digital media files sometimes impose. Other University resources exist which are better suited for the hosting of these types of files.

Web directory structure

Requests for particular forms of URL are made on a "first-come, first-served" basis and certain URL forms may not be available to you because they are already in use. The University webmaster's office also reserves the right to refuse requests for URL forms likely to be used for University administration (e.g., URLs including words like "security" or "emergency").

Website abandonment or lack of maintenance

TAMIU reserves the right to archive and remove sites on the University web server that have been abandoned. Abandoned sites are defined as those sites which have not been edited or updated in two years or more and which contain content that is patently wrong or out of date. The University webmaster's office also reserves the right, when necessary, to archive and remove web sites when a complaint has been made about a site and the official directory owner cannot be contacted or has left the University. The University webmaster's office will make reasonable efforts to contact site owners in such cases; however these apparently abandoned web sites may be removed in any case without notice after two years of inactivity.

Site redirects

The University webmaster's office realizes that organizations often wish to move their web presence off of the server and onto their own hosts. This process has historically not been coordinated, resulting in dozens of abandoned directories on the server. Many of these directories contain out-of-date information, others have placeholder information linking to the new site, and others use "meta" refresh tags to automatically send the visitor to the new location.

This process is being discontinued in favor of a cleaner methodology for redirects. If a University organization no longer wishes to host their site on the server, they should contact the webmaster's office (webmaster@tamiu.edu) in order to coordinate an orderly transition. Once the organization's new site is available, the directory on www.tamiu.edu is to be archived and removed. A server rewrite rule will then be added to the University web server configuration file to automatically redirect requests to the organization's new website location.

SSL and passing secure information

The University web server is not configured to support SSL connections.

Applications that require the passing of privileged information MUST do so over a secure connection. As such, privileged information should never be placed on the web server.

Guideline changes and policy enforcement

These service guidelines for the server may change without notice. However, where and when possible, we will give the Web community advance notice of any anticipated changes. As the keepers of the University's public web site, we also reserve the right to make any technical changes to the server as necessary. Again, prior notice will be given when possible, though such warnings may not always be possible. In any case, the security of the server dictates that immediate action may be taken to deactivate accounts, remove web sites, delete files, or alter server configurations whenever the normal operation or security of the machine may be endangered.

Web Content / Subject Matter Experts (SME)

Each University unit/department is responsible for the maintenance of its Web content. As each unit is the Subject Matter Expert (SME) for the information regarding their unit/department, they are the best qualified to ensure the information found online is accurate. The Office of Information Technology will provide training/assistance as necessary, but can only provide a support function. Further, access will only be provided to full-time employees to provide greater continuity.