Help talk:Security Checklist
Is "mediawikifolder" an actual name or a placeholder? I can't find it on my system (WhiteBox Linux 4, mediawiki-1.4.5, etc).
--Norman Paterson
i believe there is an error in the "PHP Breakage Problems" fix section of the page. the code snippet that goes into httpd.conf reads:
<IfModule !sapi_apache2.c> <Files ~ '\.php$'> Order allow,deny Deny from all Allow from none </Files> <Files ~ '\.phps'> Order deny,allow Allow from all </Files> </IfModule>
as i understand it, it should read: <IfModule !sapi_apache2.c>
<Files ~ '\.php$'> Order allow,deny Deny from all Allow from none </Files> <Files ~ '\.phps'> Order deny,allow Deny from all Allow from none </Files> </IfModule>
i'm not comfortable enough with apache permissions to make the change, but if someone can confirm this, please change it.
Fix (Theory) is a bit confusing[edit]
The fix for LocalSettings.php is a bit confusing. Initially the page says "If you want to keep your admin account and passwords a secret remove them from LocalSettings.php". Can I just remove them from LocalSettings.php? Will MediaWiki still work? I think an example for this is in order.
This initial paragraph for Theory is good, but then the example seems a bit jumpy, like several different people wrote it with different intentions in mind. This should probably get cleaned up.
From what I've read, I've made LocalSettings.php read/execute to apache:apache only. Now how do I remove the passwords in the file? Where do I put them, will MediaWiki work, etc? Ahh now I see it listed further down below.
Errors[edit]
I used same Apache-user & -group as linux i get "a 403 Forbidden error" when setting mw-directory to 460.
84.137.211.167 15:38, 23 September 2006 (UTC)
Where do i type all the chmod stuff?[edit]
I'm a bit confused as to where to type all the chmod bits - which file do i need to open and edit?--80.176.233.172 07:57, 7 December 2006 (UTC)
Answer: You have to go into the properties of all your files or the properties of the files listed and change the preferences for Read/Write/Execute in Owner/Group/User. This will result in the fulfilling your question.