Web Site Terms of Service
- Access to www.tarleton.edu and Cascade
- Scripting languages and allowed packages
- Database access
- Supported Web Development and FTP Software
- Digital media or other types of large files
- Web directory structure
- Website abandonment or lack of maintenance
- Site redirects
- Passing of secure information
- TOS change and policy enforcement
Access to www.tarleton.edu and Cascade
The Office of Web Services reserves the right to limit or restrict user access to Cascade (www.tarleton.cascadeserver.com) and may do so if a user has not adhered to posted policies, terms of service, or guidelines. Direct access to www.tarleton.edu is limited to employees of ITS and Web Services, and FTP user access is only implemented in limited cases.
All third-party embedded scripts are subject to evaluation and approval by the Office of Web Services prior to use. Individual scripts that are identified by Web Services as potentially exposing others to risk, abuse, or intrusion may be disabled and/or removed. For example, automated pop-up windows, third-party ads, retargeting ads, and cookies which track user behavior beyond www.tarleton.edu are explicitly prohibited. All reasonable efforts will be made to communicate with the site owner and manage the removal in a such a way as to minimize service interruptions, but removal may precede notification if the situation is deemed to warrant such action. Please contact email@example.com to submit script requests for approval.
To ensure the security of the server, several specific software packages are forbidden from use on the machine. Applications made in ASP are maintained and accessed only by the Web Programmer. One Perl script has been installed for creating contact forms with specific required fields, etc. for users.
Software packages such as blogs and bulletin boards are explicitly disallowed on all departmental, organizational, and individual websites on the server. These applications have historically been prone to containing poorly written code that can be exploited to gain unauthorized privileges on the machine. Attacks against these known holes have increased dramatically over the last few years, as evidenced by server access logs. Other campus resources are available for hosting these services and should be used instead of hosting them here.
The server is designed first and foremost to host and serve university web pages, however, we do also host some web applications. Web Services manages these applications in order to ensure that all security measures are being established. Development of applications that require database access is restricted to within the Web Services and IT departments.
Web Services supports Cascade Server as the official tool for setting up and maintaining a Tarleton website. Although use of other software is not prohibited, Web Services cannot offer support for any other software, including Dreamweaver, Windows FTP, Publisher, FrontPage, and others.
Student web accounts are no longer supported and are set to be decommissioned during Summer 2015.
The server was designed to serve Web pages, and is not to be used as media servers for large media files, or as download areas for large files of any type. You may not place any digital media file (audio (such as MP3), any type of video file, or any individual file over 5MB in size) without expressed authorization from the University Web Services department. This is to ensure the proper functioning of the public university web site and to protect the server from the extraordinary traffic volumes and storage requirements that digital media files sometimes impose. In addition, many music and video files are copyrighted, and may for no reason be placed in a public access point such as the web server. Other university resources exist which are better suited for the hosting media files, if its necessary.
Requests for particular forms of URL are made on a "first-come, first-served" basis and certain URL forms may not be available to you because they are already in use. The University Web Services department also reserves the right to refuse requests for URL forms likely to be used for university administration (e.g., URLs including words like "security" or "emergency"). If you desire to create a specific URL for a print publication, please contact Web Services prior to printing to ensure that the URL is available and functioning.
Each department, program, organization, and faculty website must have a designated person to make content updates on a regular basis, with that person's name and email displayed in the footer of the website. Web Services will provide training to designated web updaters.
Tarleton reserves the right to archive and remove sites on the university web server that have been abandoned. Abandoned sites are defined as those sites which have not been edited or updated in 1 year or more and which contain content that is patently wrong or out of date. Web Services will check for outdated websites on a continual basis. The University Web Services department also reserves the right, when necessary, to archive and/or remove web sites when a complaint or security incident has been identified. The University Web Services department will make reasonable efforts to contact site owners in such cases; however apparently abandoned web sites may be removed in any case without notice after one year of inactivity.
The University Web Services department realizes that organizations often wish to move their web presence off of the server and onto their own hosts. This process has historically not been coordinated, resulting in dozens of abandoned directories on the server. Many of these directories contain out-of-date information, others have placeholder information linking to the new site, and others use "meta" refresh tags to automatically send the visitor to the new location.
This process is being discontinued in favor of a cleaner methodology for redirects. If a university organization no longer wishes to host their site on the server, they should contact the University Web Services department (firstname.lastname@example.org) in order to coordinate an orderly transition. Once the organization's new site is available, the directory on tarleton.edu is to be archived and removed. Virtual directories created to link the old site URL to the new one may stay in place up to but no longer than 2 years.
The university web server is configured to support SSL connections and Tarleton-signed certificate is currently installed. It is recognized that this can cause web browsers to complain about untrusted certificates. If this becomes an issue, commercial certificates can be purchased and installed.
Applications that require the passing of privileged information must do so over a secure connection. Please note that this is particularly important for logins. Basic authentication is enabled, but if directories are to be protected by such login boxes, users should be directed to these URLs via links to the encrypted "https://" version of the URL. Contact the University Web Services department (email@example.com) to request any of these measures be implemented.
These service guidelines may change without notice. However, where and when possible, we will give the Tarleton State University community advance notice of any anticipated changes. As the keepers of the university's public web site, we also reserve the right to make any technical changes to the server as necessary. Again, prior notice will be given when possible, though such warnings may not always be possible. In any case, the security of the server dictates that immediate action may be taken to deactivate accounts, remove web sites, delete files, or alter server configurations whenever the normal operation or security of the machine may be endangered.