[dokuwiki] Re: making DokuWiki secure on a shared web host
- From: Chuck Soper <chucks3@xxxxxxxxxx>
- To: dokuwiki@xxxxxxxxxxxxx
- Date: Tue, 7 Aug 2007 11:39:06 -0700
I'm sorry for my delayed response. I'm now hoping to set up my Wiki today.
At 9:30 AM +0200 8/2/07, Andreas Gohr wrote:
Chuck Soper writes:
Is the "wiki:security" page up to date?
Yes, however keep in mind that most things there are recommended
precautions but not strictly neccessary.
Thanks for mentioning this.
What is the best way to ensure that my docuwiki is secure and protected?
Set up an restrictive ACL and make sure file permissions are set to
a bare minimal needed value. The latter might be difficult for you
to do on a shared host, depending on how the Webserver/PHP was
setup. See http://wiki.splitbrain.org/wiki:install:permissions for
details.
I contacted my web hosting company about file permissions; I pointed
them to the <http://wiki.splitbrain.org/wiki:install:permissions>
page. Here is their response:
At 2:10 AM -0400 8/7/07, Technical Support wrote:
Regarding permissions, all your directories should have 755
permissions and all your files should have 644 permissions. Data
files and directories (which will not be accessed directly by the
web browser, but will be accessed by your application) can have 600
and 700 directories respectively.
The mod_rewrite rules can be placed in your .htaccess file.
Is this a good approach? Could someone possibly help me with the
rules required for my .htaccess file? Or, do you know a good web site
for learning more about .htaccess?
Unfortunately, I'm not a PHP developer. Will I need a PHP developer
to set up dokuwiki to be secure?
No! Of course not.
Good. When I look over the DokuWiki documentation I do see lots of PHP code.
Is this email list the best place to ask questions or is the forum
at forum.dokuwiki.org a better place?
Both is fine.
Andi
thanks,
Chuck
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist
Other related posts:
