[dokuwiki] Re: making DokuWiki secure on a shared web host

From: Andreas Gohr <andi@xxxxxxxxxxxxxx>
To: dokuwiki@xxxxxxxxxxxxx
Date: Thu, 02 Aug 2007 11:27:58 +0200

Luke Howson writes:

What is the best way to ensure that my docuwiki is secure and protected?


Set up an restrictive ACL and make sure file permissions are set to a
bare minimal needed value. The latter might be difficult for you to do
on a shared host, depending on how the Webserver/PHP was setup. See
http://wiki.splitbrain.org/wiki:install:permissions for details.


Chuck wants his wiki protected from "other users at my web host from
viewing or modifying any part of the wiki". I don't have much experience
with secured shared web hosting, but on a plain vanilla linux, my
understanding is that you usually have php run in the process space of
apache (and hence shares the security context it is run with.) If you
just have a bunch of virtual hosts setup, they will all run under the
same context, so all PHP scripts can access precisely the same files.

Which is described at the mentioned page. However there are several ways tohave different uids for different vrtual hosts, like FastCGI or suPHP andmany of the better hosters use one of those methods. Which is what I wasrefering to with "depending on how the Webserver/PHP was setup".


Andi
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist

References:
- [dokuwiki] making DokuWiki secure on a shared web host
  - From: Chuck Soper
- [dokuwiki] Re: making DokuWiki secure on a shared web host
  - From: Andreas Gohr
- [dokuwiki] Re: making DokuWiki secure on a shared web host
  - From: Luke Howson

[dokuwiki] Re: making DokuWiki secure on a shared web host

Other related posts: