The City University of Hong Kong (CityU) website provides links to and information about the University, its teaching and research mission, its academic programmes, resources, services and people, to a wide audience of staff, students, alumni, faculties, collaborators, potential employers and visitors. Therefore it is important that the web pages provide the best possible representation of CityU.
With a view to providing a reference site for all departments and offices to refer to when they engage in web publication, the Computing Services Centre (CSC) has prepared this guide to the related policies, design guidelines, references etc. that are relevant and certainly useful for publishing on the web.
Web publishers at the CityU are responsible for the contents of the pages they publish and are expected to abide by the highest standards of quality and responsibility. These responsibilities apply to all publishers, from academic departments to administrative offices. In addition, publishers should make sure that the use of resources is tied firmly to the mission of the CityU and all web activities must support research, education, administrative processes, community service and legitimate pursuits. They are also required to comply with relevant CityU rules and policies, and international and local laws concerning appropriate use of computers, information and data security.
Central web hosting
service is set up to provide a consolidated, fully monitored and
managed environment for hosting departmental web sites or project
web sites on Microsoft IIS. The hardware
and the software of the central web service are maintained and
supported by the CSC while the web page contents and applications
are developed and maintained by the departments. Compatibility and
technical advice will be provided to assist in the development of a
new website or migration of existing websites. In order to provide
a stable environment for the web services already hosted, NO
development activities is allowed in these web servers. Users are
expected to do all developments and testing on their own machines
before uploading to the central web hosting servers.
As highly reliable and secure central servers are used to host these services, web site owners can then concentrate on the development of their web contents or applications without worrying about the server management or operational support of the servers. It also relieves these owners from the burden of keeping the servers secure and the effort to manage them.
It is hoped that this centralized support arrangement can eradicate the levels of risk of having many web servers distributed around the campus with different security protections. The consolidated infrastructure to host these websites also leverages economies of scale, thereby creating significant cost savings.
Microsoft IIS is provided as a standard for web hosting:
Departmental web sites can be hosted on the departmental web server maintained and supported by the department. It is the responsibility of the department to perform proper server management to ensure the server is secured from hacking and attacking activities. Below are some guidelines and notes for maintaining the departmental web server.
Departmental and/or project websites represent the University as a whole, therefore attacks by internet hackers causing defacement of websites and information corruption are highly undesirable. To avoid these from happening, below are some guidelines for maintaining a secure website.
- Tighten the folder and file access control and do not allow any directory in the web server to have both write and execute privileges for the everyone group.
- Request CSC to perform web security scanning when the website is revamped or re-developed.
- Do not download or run programs from un-trusted sources on the web server.
- Subscribe to product security notification.
- For departmental web servers, apply a SSL web server certificate from a CA to protect the sensitive information such as login username and password.
Department can submit a CSC Work Request and CSC can help to get the SSL web server certificate from Thawte for the departmental web server. The department has to pay for the cost for the SSL web server certificate which is cheaper than that of other CAs.
- If the departmental web server wants to validate CityU's EID and password, Central LDAP User Authentication Service provided by CSC can help for the authentication. Department can submit a CSC Work Request for using the service.
In order to dramatically improve search results within the University site and search engines in general, it is important to include certain search engine specific information on your page as part of the Search Engine Optimization (SEO) strategy. Below are some tips on improving your search ranking which have the best effect if they are applied at the same time and should be good enough to get you started.
- Good title in the "Title" tag
Good title in the "Title" tag with descriptive keywords is vital in achieving high search engine ranking.
- Keywords in "Meta" tag
You can define keywords and phrases that represent the page content. List the keywords in order of importance.
- Description in "Meta" tag
It is used to give a short description of the page. It is indexed by search engines like the rest of the content on your page and should be kept brief, preferably a sentence or two with good keywords.
- Keywords appear in the first paragraph of the body text
This helps in determining how relevant the page is to a specific topic or search term. The denser the keywords are within the content, the higher the relevance will be.
- Avoid using frame
Search engine may have problems to index the page and even if search engines are able to index your pages, web users who find your page will only be taken to one of the pages within the frameset.
- Avoid duplicate content
It is common for a site to have several pages (URLs) listing the same (highly similar) contents. A canonical page is the preferred version of a set of pages with highly similar content. The "rel=canonical" tag lets you suggest the page that search engine should treat as canonical. For example,
<link rel="canonical" href="http://www.cityu.edu.hk/web-guide/">
- Images and graphics
Search engines cannot index images and graphics. If having those non-text elements on your page is inevitable, you should write description content for each of them. For example,
<img src="your_image.jpg" alt=" a brief description of your image ">
Herein are some good practices that web account owners on the university central web servers (www, www6, www7) should follow to ensure the wellness of their websites.
Failure to follow the above conditions may result in a breach of security, loss of data, poor performance, etc which may tarnish the name of the department and the firstname.lastname@example.org