MediaWiki now has some good built-in tools for enforcing password strength see the manual for $wgPasswordPolicy for details. For example, I have a Wiki tree stored in a directory like /home/sitename/public_html/wiki/, and I put the HTTPS requirement rules in /home/sitename/public_html/.htaccess. Depending on how your Wiki is installed, it may make sense to put the above rules one or two directories up. htaccess files apply to the directory in which they’re stored, and to all directories recursively below that. Once the above is in place, verify that 1) you can still access the Wiki via HTTPS and 2) that you get a “403 Forbidden” response when trying to access the Wiki using plain old HTTP.Īlso remember that. htaccess file to include the following: SSLCipherSuite HIGH:!aNULL:!MD5 (If you are using a self-signed certificate and/or a local CA, it is a good idea to do these tests with up-to-date versions of all browsers your user base might reasonably be expected to use.)Įdit your Wiki’s. Confirm that you can access your Wiki via HTTPS. (Setting up Apache for HTTPS, and the generation or acquisition of server certificates are beyond the scope of this article.)Ĭonfirm that HTTPS is working in general (by loading a static test page). Therefore, we want to enforce HTTPS everywhere. It does little good to require that users authenticate with passwords before using your Wiki if those passwords are flying over the ‘net in cleartext - or if the content protected by those passwords is sent in the clear. It’s also a good idea to actually test your Wiki at this point to confirm that anonymous reading, anonymous editing and account creation by non-sysop users are all disabled. In any case, confirm that your LocalSettings.php contains the following: $wgGroupPermissions = false If you are migrating from an earlier version, or updating the configuration of an existing MediaWiki installation, you will have to edit your LocalSettings.php by hand (in which case, I would strongly advise making a backup copy of the original first if nothing else, copy it to LocalSettings.php.0). If you are doing a fresh install using a relatively recent MediaWiki version, the installer will prompt you and set up your LocalSettings.php accordingly. The first step in creating a private Wiki (and one which is well-documented elsewhere) is to make it so that only logged-in users can view or edit pages (other than the login page), and so that only sysops can create new accounts. Restricting Access to Registered Users Only The process described below was tested and is known to work with the following software versions: While the methods I describe should be reasonably general, future releases may involve different ways of doing things. You’ll also need the ability to edit files under the MediaWiki install tree (via command-line access or FTP or any other means). The remainder of this article will assume that you’re starting with a fresh, working install of MediaWiki, and have an admin user set up (and know its password). Because of the huge user base, most “How do I…?” questions are answered with a simple web search.There are lots of useful plugins available.It’s decently fast even on a modest computer, without resorting to esoteric fastcgi and caching tricks.There’s a huge volume of example pages out there. It’s incredibly well-tested, and doesn’t flake out in odd corner-cases. The Wikitext markup language is reasonably intuitive (simple things are simple, and new users can start contributing right away) but still powerful enough to create complex pages.If you are just trying to create a Wiki, you’ll waste time swimming against the current. A CMS or blogging package or groupware suite are great if you need those things, but they all tend to assume a certain workflow and division of responsibility. I’ve tried doing similar things with other packages (such as Tiki Wiki), and ended up wasting lots of time fighting with or trying to turn off features I didn’t want or need. If that’s not what you want, it requires some tuning, which I’ll describe in detail after the jump.Īn obvious question is, if the MediaWiki software needs tweaking to do what I want, why do I use it and not some other software? A few reasons: It’s a pretty polished software package, but out of the box it tends to assume that you are creating something like Wikipedia that is visible to (and editable by) the whole wide world. I’ve used it at work to build an internal company knowledge base, and at home to make a Wiki for the fictional worlds of a couple of roleplaying games I’ve been in. MediaWiki is the software behind Wikipedia, but you can use it to create your own special-purpose sites. The re-write went up in 2017 I have updated it for 2023.) Because so much has changed, I’ve opted for a re-write instead of just updating the original. (This is an update of an article I wrote in 2011.
0 Comments
Leave a Reply. |