Changes
Jump to navigation
Jump to search
Test Web Server Documentation (view source)
Revision as of 14:53, 20 January 2016
, 14:53, 20 January 2016New sections on security extensions and IntraACL
$ sudo mkdir /var/lib/mediawiki
$ sudo mv mediawiki-1.26.2/* /var/lib/mediawiki
== Mediawiki Security (1/15/16) ==
Mediawiki advises against implemented security measures because, if you're trying to make a publicly-editable wiki, you should need any user access restrictions at all (but you'll need to combat spam). We do want to make some pages publicly-editable (aka community-maintained) in the future, but much of the content should only be edited by us or a specified group of registered users. In addition, some pages should not even be viewable by unregistered or even registered users, whether that's on search results or through internal or external links.
The old webserver uses an extension called [https://www.mediawiki.org/wiki/Extension:SimpleSecurity SimpleSecurity], but it's no longer maintained and has some known security issues (including allowing users to be able to see the titles of pages for which they do not have read access). These issues may be fixed by another extension, [https://www.mediawiki.org/wiki/Extension:RemoveProtectedContent RemoveProtectedContent], but it doesn't seem like the best option.
== Installing IntraACL (1/20/16) ==
I looked over some of the information on Mediawiki authorization extensions, including common [https://www.mediawiki.org/wiki/Security_issues_with_authorization_extensions security issues] that many of the extensions have trouble fixing and a [https://www.mediawiki.org/wiki/Category:Page_specific_user_rights_extensions table] listing several of the more popular authorization extensions and what features each supports, and a new extension, [http://wiki.4intra.net/IntraACL IntraACL] seems to offer the most features and is the most recently maintained.
I followed the [http://wiki.4intra.net/IntraACL#Installation installation instructions] for IntraACL pretty much line-for-line, including the patch.