Media Wiki Security Concepts: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 10: Line 10:


=sysop=
=sysop=
=User Rights Profile=
{{External|https://www.mediawiki.org/wiki/Manual:User_rights}}
==Open wiki==
The Open wiki model allows anyone to edit, without even logging in.
==Account creation required==
A wiki with "Account creation required" provides extra accountability, but may deter casual contributors.
==Authorized editors only==
The "Authorized editors only" scenario allows approved users to edit, but the public can view the pages, including history.
==Private wiki==
A "Private wiki" only allows approved users to view pages, with the same group allowed to edit.


=Reading=
=Reading=

Revision as of 03:45, 18 November 2021

External

Internal

Overview

sysop

User Rights Profile

https://www.mediawiki.org/wiki/Manual:User_rights

Open wiki

The Open wiki model allows anyone to edit, without even logging in.

Account creation required

A wiki with "Account creation required" provides extra accountability, but may deter casual contributors.

Authorized editors only

The "Authorized editors only" scenario allows approved users to edit, but the public can view the pages, including history.

Private wiki

A "Private wiki" only allows approved users to view pages, with the same group allowed to edit.

Reading

Disable reading by anonymous users:

$wgGroupPermissions['*']['read'] = false;

To allow anonymous users access to the login page:

$wgWhitelistRead = array ("Special:Userlogin");

Editing

Disable anonymous editing:

$wgGroupPermissions['*']['edit'] = false;

Account Creation

Controlled by LocalSettings.php:

$wgGroupPermissions['*']['createaccount'] = false;

This prevents account creation by anyone (logged in or not), except by sysops.