Change web server settings

Many web server options can be changed within a directory's .htaccess file; see Apache HTTP Server documentation for options with a context of .htaccess.

Silk hosting offers control over several additional options by creating or editing your site's .silk.ini file (for example ~/www-root/.silk.ini). For the time being, you should contact SAA after making changes for them to take effect.

Maximum HTTP request length

The number of bytes the server will accept from a browser for your pages. In the [general] section, add a max-request-length option with a numeric value, e.g.:

max-request-length = 209715200

If you expect particularly large web requests such as large file uploads, you might also want to adjust the HTTP request timeout.

HTTP request timeout

The number of seconds the server will wait for a full response from your pages before returning an error to the user's browser. In the [general] section, add a request-timeout option with a numeric value, e.g.:

request-timeout = 120

Use UVM's template/Magicscript

Silk servers contain local copies of UVM's deprecated template system, but images, CSS, and JavaScript are still served from To make the UVM template work on silk, redirect requests for these resources to www by using the following rules in your silk site's root .htaccess file (for example ~/www-root/.htaccess):

RewriteEngine On
RewriteRule .* - [E=HT:http]
RewriteCond %{HTTPS} =on
RewriteRule .* -  [E=HT:https]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule www/(css|images|js)(.*) %{ENV:HT}://$1$2 [R,L,QSA]

DirectoryIndex index.html index.php3 index.php magicscript.php3 magicscript.php index.htm

Limit access to a web path

You can restrict access to part of your web site by creating an .htaccess file in the directory you want to limit. A few examples:

Require NetID authentication:

AuthType CAS
require valid-user

Allow only specific people:

AuthType CAS
require user firstnetid secondnetid thirdnetid

Allow only faculty and staff:

AuthType CAS
AuthzLDAPAuthoritative on
AuthLDAPURL "ldaps://,dc=uvm,dc=edu?uid"
Require ldap-filter |(eduPersonAffiliation=Faculty)(eduPersonAffiliation=Staff)

Limit access to a proxied site

When access to your site is proxied through another web service, the authentication system might need to be informed so that users are sent back to the right place after logging in. If your site is proxied and authentication is not working as expected, you can overcome this by adding the following to your site's .silk.ini file and notifying SAA to restart the web service:

proxy-root =

where should be replaced with the top URL that your site is proxied through.

SELinux Permissions

In additional to traditional Unix file permissions, your files are protected by SELinux ("Security Enhanced Linux"), which tags files in a way that describes which applications can access them.

View SELinux file contexts

If you need to see the specific SELinux file contexts, add the Z flag to your command. For example:

ls -laZ

Find/Repair broken SELinux file contexts

Your silk site should be configured to inherit parent directory SELinux file contexts. However, some types of file operations (like move, or un-tarring) can cause those file contexts to be set incorrectly. This may cause your site to function incorrectly. For instance, if the httpd_user_content_t is not set for ~/www-root, then the web server will be unable to read files from that directory. To check if your files have the correct SELinux contexts, you can use the fixfiles command.

For example: see if all the file contexts in ~/www-root are as expected:

fixfiles check ~/www-root

To restore the default file contexts for ~/www-root:

fixfiles restore ~/www-root

Additional silk sites

If you would like an additional, separate web site in your account on silk, please contact SAA for assistance. A new site would have a name such as and would have its own document root and logs directory.

Additional hostnames for silk sites

If needed, aliases can be added for existing silk sites so that multiple hostnames reach the same web site. This is generally best kept to things like adding an optional “www.” to your site name. Contact SAA for assistance.

Host another domain on silk

If you would like a DNS domain that you own to have web pages hosted on silk, contact SAA for assistance. If approved, an additional document root and logs directory for this domain will be set up under your silk account.

SSL/TLS certificates for these sites can either be set up by us for free via Let's Encrypt, or you can provide your own purchased from a third party vendor.

Restore from backups

Information on silk is backed up daily and can be restored from the command-line using the recover command. This opens an interactive program that accepts many Unix-like commands as well as backup-specific ones:

cd [<directory>]
Go to the specified directory.
ls [<path>]
List files as they appear in the backup you are viewing.
changetime <time>
View the most recent backup as of the given time.
add <path>
Add files to the list of things to be restored.
Recover the currently added files.
Show information about available commands.