Help talk:Security Checklist

From Meta, a Wikimedia project coordination wiki

Is "mediawikifolder" an actual name or a placeholder? I can't find it on my system (WhiteBox Linux 4, mediawiki-1.4.5, etc).

--Norman Paterson

i believe there is an error in the "PHP Breakage Problems" fix section of the page. the code snippet that goes into httpd.conf reads: 

<IfModule !sapi_apache2.c>
   <Files ~ '\.php$'>
       Order allow,deny
       Deny from all
       Allow from none
   </Files>
   <Files ~ '\.phps'>
       Order deny,allow
       Allow from all
   </Files>
</IfModule>

as i understand it, it should read: <IfModule !sapi_apache2.c> 

   <Files ~ '\.php$'>
       Order allow,deny
       Deny from all
       Allow from none
   </Files>
   <Files ~ '\.phps'>
       Order deny,allow
       Deny from all
       Allow from none
   </Files>
</IfModule>

i'm not comfortable enough with apache permissions to make the change, but if someone can confirm this, please change it.

Fix (Theory) is a bit confusing[edit]

The fix for LocalSettings.php is a bit confusing. Initially the page says "If you want to keep your admin account and passwords a secret remove them from LocalSettings.php". Can I just remove them from LocalSettings.php? Will MediaWiki still work? I think an example for this is in order.

This initial paragraph for Theory is good, but then the example seems a bit jumpy, like several different people wrote it with different intentions in mind. This should probably get cleaned up.

From what I've read, I've made LocalSettings.php read/execute to apache:apache only. Now how do I remove the passwords in the file? Where do I put them, will MediaWiki work, etc? Ahh now I see it listed further down below.


Errors[edit]

I used same Apache-user & -group as linux i get "a 403 Forbidden error" when setting mw-directory to 460.

84.137.211.167 15:38, 23 September 2006 (UTC)[reply]

Where do i type all the chmod stuff?[edit]

I'm a bit confused as to where to type all the chmod bits - which file do i need to open and edit?--80.176.233.172 07:57, 7 December 2006 (UTC)[reply]

Answer: You have to go into the properties of all your files or the properties of the files listed and change the preferences for Read/Write/Execute in Owner/Group/User. This will result in the fulfilling your question.

Retrieved from "https://meta.wikimedia.org/w/index.php?title=Help_talk:Security_Checklist&oldid=3666967"