Luke Howson writes:
What is the best way to ensure that my docuwiki is secure and protected?Set up an restrictive ACL and make sure file permissions are set to a bare minimal needed value. The latter might be difficult for you to do on a shared host, depending on how the Webserver/PHP was setup. See http://wiki.splitbrain.org/wiki:install:permissions for details.Chuck wants his wiki protected from "other users at my web host from viewing or modifying any part of the wiki". I don't have much experience with secured shared web hosting, but on a plain vanilla linux, my understanding is that you usually have php run in the process space of apache (and hence shares the security context it is run with.) If you just have a bunch of virtual hosts setup, they will all run under the same context, so all PHP scripts can access precisely the same files.
Which is described at the mentioned page. However there are several ways to have different uids for different vrtual hosts, like FastCGI or suPHP and many of the better hosters use one of those methods. Which is what I was refering to with "depending on how the Webserver/PHP was setup".
Andi -- DokuWiki mailing list - more info at http://wiki.splitbrain.org/wiki:mailinglist