Quick reference for tasks on silk

View SELinux file contexts

If you need to see the specific SELinux file contexts, add the Z flag to your command. For example:

1
ls -laZ

Find/Repair broken SELinux file contexts

Your silk site should be configured to inherit parent directory SELinux file contexts. However, some types of file operations (like move, or un-tarring) can cause those file contexts to be set incorrectly. This may cause your site to function incorrectly. For instance, if the httpd_user_content_t is not set for ~/www-root, then the web server will be unable to read files from that directory. To check if your files have the correct SELinux contexts, you can use the fixfiles command.

For example: see if all the file contexts in ~/www-root are as expected:

1
fixfiles check ~/www-root

To restore the default file contexts for ~/www-root:

1
fixfiles restore ~/www-root

Change web server settings

Many web server options can be changed within a directory's .htaccess file; see Apache HTTP Server documentation for options with a context of .htaccess.

Silk hosting offers control over several additional options by creating or editing your site's .silk.ini file (for example ~/www-root/.silk.ini). For the time being, you should contact SAA after making changes for them to take effect.

Maximum HTTP request length

The number of bytes the server will accept from a browser for your pages. In the [general] section, add a max-request-length option with a numeric value, e.g.:

1
2
[general]
max-request-length = 209715200

If you expect particularly large web requests such as large file uploads, you might also want to adjust the HTTP request timeout.

HTTP request timeout

The number of seconds the server will wait for a full response from your pages before returning an error to the user's browser. In the [general] section, add a request-timeout option with a numeric value, e.g.:

1
2
[general]
request-timeout = 120

Use UVM's template/Magicscript

Silk has local copies of the UVM Template synced nightly, but images, CSS, and JavaScript are still served from www.uvm.edu. To make the UVM template work on silk, redirect requests for these resources to www by using the following rules in your silk site's root .htaccess file (for example ~/www-root/.htaccess):

1
2
3
4
5
6
7
8
RewriteEngine On
RewriteRule .* - [E=HT:http]
RewriteCond %{HTTPS} =on
RewriteRule .* -  [E=HT:https]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule www/(css|images|js)(.*) %{ENV:HT}://www.uvm.edu/www/$1$2 [R,L,QSA]

DirectoryIndex index.html index.php3 index.php magicscript.php3 magicscript.php index.htm

Limit access to a web path

You can restrict access to part of your web site by creating an .htaccess file in the directory you want to limit. A few examples:

Require NetID authentication:

1
2
AuthType WebAuth
require valid-user

Allow only specific people:

1
2
AuthType WebAuth
require user firstnetid secondnetid thirdnetid

Allow only faculty and staff:

1
2
3
4
AuthType WebAuth
AuthzLDAPAuthoritative on
AuthLDAPURL "ldaps://ldap.uvm.edu/ou=People,dc=uvm,dc=edu?uid"
Require ldap-filter |(eduPersonAffiliation=Faculty)(eduPersonAffiliation=Staff)

Additional silk sites

If you would like an additional, separate web site in your account on silk, please contact SAA for assistance. A new site would have a name such as mysubsite.mynetid.w3.uvm.edu and would have its own document root and logs directory.

Additional hostnames for silk sites

If needed, aliases can be added for existing silk sites so that multiple hostnames reach the same web site. This is generally best kept to things like adding an optional “www.” to your site name. Contact SAA for assistance.

Host another domain on silk

If you would like a DNS domain that you own to have web pages hosted on silk, contact SAA for assistance. If approved, an additional document root and logs directory for this domain will be set up under your silk account.

SSL/TLS certificates are supported for these sites, but must be purchased by you.