Skip to page content
Return to Top

Web site Terms of Service

Use of web server services at Tarleton State University is governed by University Web Services. Please read and be familiar with these procedures before requesting an account or directory space on the university web server. The following guidelines dictate specific additional terms of use on the Tarleton State University web server (tarleton.edu), hereafter "the server."

Contents:

Scripting languages and allowed packages

All third-party embedded scripts are subject to evaluation and approval by Web Services prior to use. Individual scripts that are identified by Web Services as potentially exposing others to risk, abuse, or intrusion may be disabled and/or removed. For example, automated pop-up windows, third-party ads, retargeting ads, and cookies which track user behavior beyond Tarleton.edu are explicitly prohibited. All reasonable efforts will be made to communicate with the site owner and manage the removal in a such a way as to minimize service interruptions, but removal may precede notification if the situation is deemed to warrant such action. Please contact djhunt@tarleton.edu to submit script requests for approval.

To ensure the security of the server, several specific software packages are forbidden from use on the machine. Applications made in ASP are maintained and accessed only by the Web Programmer. One Perl script has been installed for creating contact forms with specific required fields, etc. for users.

Software packages such as blogs and bulletin boards are explicitly disallowed on all departmental, organizational, and individual websites on the server. These applications have historically been prone to containing poorly written code that can be exploited to gain unauthorized privileges on the machine. Attacks against these known holes have increased dramatically over the last few years, as evidenced by server access logs. Other campus resources are available for hosting these services and should be used instead of hosting them here.

Database access

The server is designed first and foremost to host and serve university web pages, however, we do also host some web applications.  Web Services manages these applications in order to ensure that all security measures are being established.  Development of applications that require database access is restricted to within the Web Services and IT departments. 

Supported Web Development and FTP Software

Web Services supports the following web development and FTP software: Cascade Server, Dreamweaver, and Windows FTP.  Although use of other software is not prohibited, Web Services cannot offer support for any other software, including Publisher, FrontPage, and others.

For student web accounts, Web Services can only offer assistance with FTP usernames and passwords for web accounts. Instructions for using specific web development or FTP software required by the class is given by the instructor, not Web Services.

Digital media or other types of large files

The server was designed to serve Web pages, and is not to be used as media servers for large media files, or as download areas for large files of any type. You may not place any digital media file (audio (such as MP3), any type of video file, or any individual file over 5MB in size) without expressed authorization from the University Web Services department. This is to ensure the proper functioning of the public university web site and to protect the server from the extraordinary traffic volumes and storage requirements that digital media files sometimes impose. In addition, many music and video files are copyrighted, and may for no reason be placed in a public access point such as the web server.  Other university resources exist which are better suited for the hosting media files, if its necessary.

Web directory structure

Requests for particular forms of URL are made on a "first-come, first-served" basis and certain URL forms may not be available to you because they are already in use. The University Web Services department also reserves the right to refuse requests for URL forms likely to be used for university administration (e.g., URLs including words like "security" or "emergency"). If you desire to create a specific URL for a print publication, please contact Web Services prior to printing to ensure that the URL is available and functioning.

Web site updates, abandonment, and lack of maintenance

Each department, program, organization, and faculty website must have a designated person to make content updates on a regular basis, with that person's name and email displayed in the footer of the website. Web Services will provide training to designated web updaters.

Tarleton reserves the right to archive and remove sites on the university web server that have been abandoned. Abandoned sites are defined as those sites which have not been edited or updated in 1 year or more and which contain content that is patently wrong or out of date. Web Services will check for outdated websites on a continual basis.  The University Web Services department also reserves the right, when necessary, to archive and/or remove web sites when a complaint or security incident has been identified. The University Web Services department will make reasonable efforts to contact site owners in such cases; however apparently abandoned web sites may be removed in any case without notice after one year of inactivity.

Student Web sites

Students who have requested permission to create web sites on the Tarleton server retain access to their web sites for the entirety of their enrollment at Tarleton State University. Once a student ceases to be enrolled at Tarleton, his or her NTNET username may be re-used by a newly enrolled student who will have access to the same web address, with all previous contents deleted.

Student web sites are not to be made for commercial use. Web sites on any Tarleton server are to be used for educational purposes only. Uploading/hosting MP3s, videos, or any other copyrighted content is strictly prohibited.

Site redirects

The University Web Services department realizes that organizations often wish to move their web presence off of the server and onto their own hosts. This process has historically not been coordinated, resulting in dozens of abandoned directories on the server. Many of these directories contain out-of-date information, others have placeholder information linking to the new site, and others use "meta" refresh tags to automatically send the visitor to the new location.

This process is being discontinued in favor of a cleaner methodology for redirects. If a university organization no longer wishes to host their site on the server, they should contact the University Web Services department (www@tarleton.edu) in order to coordinate an orderly transition. Once the organization's new site is available, the directory on tarleton.edu is to be archived and removed.  Virtual directories created to link the old site URL to the new one may stay in place up to but no longer than 2 years.

SSL and passing secure information

The university web server is configured to support SSL connections and Tarleton-signed certificate is currently installed. It is recognized that this can cause web browsers to complain about untrusted certificates. If this becomes an issue, commercial certificates can be purchased and installed.

Applications that require the passing of privileged information must do so over a secure connection. Please note that this is particularly important for logins. Basic authentication is enabled, but if directories are to be protected by such login boxes, users should be directed to these URLs via links to the encrypted "https://" version of the URL. Contact the University Web Services department (www@tarleton.edu) to request any of these measures be implemented.

Guideline changes and policy enforcement

These service guidelines may change without notice. However, where and when possible, we will give the Tarleton State University community advance notice of any anticipated changes. As the keepers of the university's public web site, we also reserve the right to make any technical changes to the server as necessary. Again, prior notice will be given when possible, though such warnings may not always be possible. In any case, the security of the server dictates that immediate action may be taken to deactivate accounts, remove web sites, delete files, or alter server configurations whenever the normal operation or security of the machine may be endangered.