Difference between revisions of "WikiServer - Securing the Wiki"
(Created page with "There are a number of settings and tweaks that can save you greif while maintaining your wiki. Item #1 is to try hard not to be bored during the install... File:Dontbebore...") |
|||
| (4 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | There are a number of settings and tweaks that can save you | + | There are a number of settings and tweaks that can save you grief while maintaining your wiki. |
| − | |||
| − | |||
| + | ==='''Item #1''' try hard not to be bored during the install...=== | ||
[[File:Dontbebored.png|frameless|600x600px]] | [[File:Dontbebored.png|frameless|600x600px]] | ||
| − | '''Item #2''' | + | ==='''Item #2''' disallow edits=== |
| + | by anyone who is not logged in with a valid account. This is done by choosing "'''Authorised editors only'''" as the '''User rights profile.''' | ||
[[File:UserRights.png|frameless|518x518px]] | [[File:UserRights.png|frameless|518x518px]] | ||
| − | '''Item #3''' | + | The default, '''Open wiki''', is pretty much asking for spam & chaos... |
| + | |||
| + | ==='''Item #3''' account creation control.=== | ||
| + | A good starting point to manage account creation (albeit manually...) is to add <code>$wgGroupPermissions['*']['createaccount'] = false;</code> to your '''LocalSettings.php''' (which is hiding out in <code>/etc/var/html/wiki</code> on a stock-standard install) | ||
| + | |||
| + | Using this method, it takes an Administrator to actually create a new account. | ||
| + | |||
| + | ===Further thoughts=== | ||
| + | There are a large number of further items in the [[mediawikiwiki:Manual:MediaWiki_Security_Guide|documentation]], including plugins & add-ons to enhance security. | ||
| + | |||
| + | The 3 items listed here are a good starting point tho. | ||
| + | |||
| + | <br /> | ||
Latest revision as of 01:55, 13 July 2020
There are a number of settings and tweaks that can save you grief while maintaining your wiki.
Contents
Item #1 try hard not to be bored during the install...
Item #2 disallow edits
by anyone who is not logged in with a valid account. This is done by choosing "Authorised editors only" as the User rights profile.
The default, Open wiki, is pretty much asking for spam & chaos...
Item #3 account creation control.
A good starting point to manage account creation (albeit manually...) is to add $wgGroupPermissions['*']['createaccount'] = false; to your LocalSettings.php (which is hiding out in /etc/var/html/wiki on a stock-standard install)
Using this method, it takes an Administrator to actually create a new account.
Further thoughts
There are a large number of further items in the documentation, including plugins & add-ons to enhance security.
The 3 items listed here are a good starting point tho.
