skip to content

Rules for web projects

The following rules have to be respected unconditionally for web projects:

  1. The RRZK has to know the technical contact person as well as the person in charge of the whole project. Changes in responsibilities have to be reported right away.
  2. For projects with their own user administration, like TYPO3-projects, admin user are only accepted if they registered with  their complete name and a working e-mail address. Accounts of admins without these information will be blocked. If there is no reachable admin left we will have to block the project. Newly registered admin users have to be informed about that.
  3. The use of your own server software (software with its own server port, for example Tomcat, Oregano) has to be agreed upon with the RRZK. 
  4. If you use third-party software (for example Joomla, phpBB), the person in charge of the project is required to always install the latest safety update ist. Regarding TYPO3 projects, it is required for the extensions. You should check for safety updates at least every four weeks and we recommend to subscribe to a corresponding mailing list.
  5. Scripts can never (deliberately or carelessly) interfere with other projects.
  6. The RRZK cannot guarantee that stored data, like personal date, is safe from unauthorized access. ( A seperate server for sole utilization would be needed for this purpose)
  7. Passwords in databanks have to be stored encrypted. If there is encryption with Salt available please use it. Simple MD5-encodings without Salt are easy to attack with nowadays tools.
  8. So-called test databanks (databanks called "test" or start with "test_") are not allowed to be used on the project server. They are deleted regularly without warning.
  9. Administrators of AFS projects should only grant selective writing permission to the web server and only if it is really necessary.
  10. The RRZK is not liable for any programming errors of the person in charge of a project.
  11. The usage of the provided space for the project is restricted to purposes of the respective institution. Personal contents are not allowed.
  12. Copyright laws and other regulations concerning the presented content have to be obeyed.
  13. It is forbidden to circumvent any of the RRZK's safety measures. If you detect a security gap, please tell the RRZK right away. Utilization of this gap (even for testing purposes) can lead to the immediate deletion of the web project and/or blocking of the account.

In case of violation of those rules the RRZK reserves the right to withdraw the project  from the net. (at least temporarily)

The confirmation code for the application of a web project is: IhdRgusszB

If you have any questions or problems, please contact the RRZK-Helpdesk