In December 2021, Atlas Systems added an additional layer of security to the TestWeb pages on your Aeon web server by restricting access to TestWeb to the known IP addresses of your institution. This additional layer of security gives your institution the freedom to upload pages that are incomplete or otherwise not ready for use without concern that they’d be seen by the public at large.
With this now in place, Atlas Systems will be adjusting how GitHub functions on your Aeon server to offer a more seamless experience for testing your web pages. Once Atlas completes this change, web pages uploaded in GitHub to your TestWeb folders will automatically be posted to your web server. This will allow for multiple tests to be conducted without the potential need for numerous code reviews.
To help your team understand what this change means for you and your institution, we’ve prepared the following FAQ:
When will this change occur?
Atlas will begin implementing these changes beginning on January 3rd, 2022, with an anticipated completion date of January 14th, 2022.
Why is this happening?
Waiting on code reviews to conduct tests of new web pages can introduce lengthy and unnecessary delays in your web projects. Having secured your TestWeb pages to be inaccessible to the public at large, uploading these pages without code reviews introduces minimal risk.
Where are my TestWeb pages?
These are pages contained within TestWeb folders. You can see these are part of your URL. For example: https://youraeonserver.institution.edu/aeon/testweb/
You can also see them in GitHub within folder names ending in _TestWeb
These pages are not utilized by end-users and are rarely accessed.
Does this affect my production pages?
No. Changes to your regular Aeon pages, both using Aeon Authentication or Remote Authentication (eg: Shibboleth), will not automatically upload from GitHub to your web server. Production pages will still require code review prior to being published.
Can I opt out of this new configuration?
Yes. Atlas understands each institution’s security policies may be different and you may wish to have all page updates, including those limited to TestWeb, go through code review prior to publishing. Simply contact us at firstname.lastname@example.org informing us of your decision to opt out. We will also remove the IP restrictions on TestWeb if you choose this option.
What do I need to do?
Your responsibilities include informing Atlas of any users you wish removed from GitHub, such as those departing or changing their job role, and ensuring that any pages uploaded to TestWeb by users associated with your institution are conducted in a thoughtful and responsible manner.