Webhost is a mediated service for members of staff to host web sites of benefit to the University, that promote its services, built on the commercial cPanel architecture, Examples of such sites would be a blog for a research group or a conference site. Please note this service is not suitable for personal vanity sites, the storage and access of teaching materials or sites that hold or deal with financial, personal or confidential data.
Requests for new sites are mediated and approved by Creative and Print Services within Marketing and Advancement, once agreement on the content and lifetime of the site has been reached. Content is controlled by the requestor via their content management system (e.g. WordPress), which must be approved by Creative and Print Services.
IT Services support the infrastructure of the service but do not provide direct support for individual sites. The service has restrictions in place to allow its continuing operation, which include fair usage and sunset clauses for all sites. Sites will be regularly security scanned and must be kept up to date and issue free to be allowed to continue on the service.
Any site found to have a GDPR breach will be shut down until the breaches are rectified and the site is cleared for use by Creative and Print Services.
Sites are built using available content management software, such as WordPress, which are regularly patched. All access to a site is controlled via the GUI of the agreed CMS. Sites have restrictions on their size, which is 1Gb by default, this can be increased, but must be approved by Creative and Print Services. This will allow all site owners fair access to the limited resources of the service. Any requirement outside of this will need to be approved by Creative and Print Services, with input from IT Services where necessary. Shell access and FTP access to the server are not available.
All requests for a site are via Creative and Print Services, who will discuss requirements in advance of any technical work. They should be able to provide advice as to how best to achieve your objectives (which may not require this service).
Yes, you can add additional members of staff and researchers via your CMS interface, if this allows it.
Whilst the service is relatively secure, it is not suitable for the storage of confidential or personal information. Please bear this in mind when requesting a new site, or when uploading content to an existing one. Access to your site can be encrypted, but please do not store or request any financial, personal or other confidential information. The service is currently able to offer TLS/SSL support and can provide certificates free of charge via a third-party service, Let's Encrypt. In the unlikely event of the Let's Encrypt service becoming unavailable, sites may need to operate without a certificate or purchase a long term certificate (if your site has a non-Loughborough address).
IT Services will regularly scan your site for security issues (such as a possible vulnerability being identified in your site) and you will need to act upon these, otherwise your site will have to be suspended. GDPR breaches will force us to close your site with immediate effect. Sites that are closed in this manner will only be reopened on approval from Creative and Print Services, with input from IT Services and Academic Registry.
As a site administrator, you are responsible for:
- Ensuring the content of your site is appropriate
- Managing access to your site for other administrators and any other content suppliers
- Ensuring that any scripts or applications that have been installed on your site are secure
- Deleting or reassigning ownership of your site (if you want it to remain active) before you leave the University
- Backing up your site
Backing up your website's files and data is your responsibility. We recommend site owners ensure they take regular copies of their site files and data.
Creative and Print Services have a large amount of experience in creating and managing sites. They should be your first point of call (Web and Digital team email address here).
By default, when you leave the University your site will be archived for six months before being eventually deleted. The same is true if there is no longer anyone available to administer the site. You can of course remedy this by simply finding another member of staff to take on responsibility for the site
A sunset clause relates to the lifetime of the site you are requesting. For a site to be approved on the service, it must have a date after which it is no longer required. This allows all site owners fair access to the limited resources of the service and ensures that any content the university is making publicly available, is up to date and appropriate. By default, any new site will have a sunset clause of two years after its activation. You may request yearly extensions, but these must be in writing to Creative and Print Services (you may also need to budget for any security certificates for your extension). Failure to provide an extension request will result in the site being shut down, once the sunset date is reached.