[dokuwiki] Data protection by login via HTTPS, source code readable only for registered users
- From: Dave Kliczbor <maligree@xxxxxx>
- To: dokuwiki@xxxxxxxxxxxxx
- Date: Tue, 25 Jul 2006 01:31:58 +0200
Hello out there,
[DokuWiki core 2006-03-09b + a few plugins]
after tinkering a lot with DokuWiki (some plugins/extensions will result
out of this, I just have some bugfixing and doku left to do), I wonder
how to protect things like mail addresses and login passwords better.
I'm creating a half-closed site where not giving mail addresses out to
spam bots is a big issue. On the other side, having a half-public site,
I don't want the site to be too closed and mail addresses just have to
show up in some form.
Therefore, I figured it best
a) having the "guest user" access the pages via plain HTTP, but
b) login (and, if possible, session data too) should go over HTTPS. And
c) no guest should even have access to the plain wiki code, because
there's the mail address in plain text, ready to be spammed.
a) is already the default state, so I have to focus on switching to
HTTPS, and staying there.
For b), I figured from previous posts that that means tinkering a bit
with mod_rewrite (or patching the dokuwiki core scripts), but I'm not
sure about the full keyword list. I could create a rewrite rule that
triggers on 'do=login', but couldn't that also be sent via HTTP POST and
not show up in %{REQUEST}? And does the form then _reliably_ point to a
HTTPS action url?
I'd call it reliable if DokuWiki works with relative URLs by design, so
that an internal link always omits the 'http://host' part in both caches
and delivered pages. Just to be sure: Does DokuWiki work by design with
relative internal URLs? (user stupidity is taken aside ;)
And then there's the question if the session stops when trying to access
it via HTTP? (Stop means: The user has to re-login)
I've had some bad issues with Typo3 switching unreliably back and forth
between HTTP and HTTPS, partly having to do with caches and absolute
links, so I'd rather like a developer's opinion on that.
For c), I can't seem to find any information apart from protecting the
dokuwiki data directory via .htaccess, so either I have a blind spot
there or there isn't any ;)
To put it clear, I want the "guest user" have read access to (most of)
the rendered pages, but _not_ to the wiki sources.
Could this be done without modifying the core? (I'd rather like the core
scripts unchanged for easy core updates). If not, in which corner of the
core do I need to put something in the sense of "if auth level < EDIT
then show a HTTPS link to the login page instead of the textarea with
wiki code"? And would that be enough?
Sorry that this post was getting longer and longer, but I've had a lot
of issues and thoughts coming up while writing...
cya
Dave KLiczbor
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist
Other related posts:
