[Mediawiki-l] Security issues with directories
coldwaveindustry at yahoo.com
coldwaveindustry at yahoo.com
Sat May 6 19:40:49 UTC 2006
I've just installed and configured MediaWiki for the first time and so far everything has been functioning smoothly. However, I've noticed that I'm able to browse to a specific file or directory within the public directory, for example I'm able to bring up my LocalSettings file or browse to the /bin area.
Now, the average visitor will probably not have any knowledge of MediaWiki and where files and directories are placed, but someone who does know could very well navigate their way around. One solution could be to place index.html files in the other directories and to customize server permissions for individual files and directories, but this seems unnecessary and still doesn't solve the issue of security considering that other wikis such as Wikipedia, Wikinfo, etc. do not appear to do this and keep visitors strictly within the wiki environment.
What do I need to do in order to configure the server and/or wiki to function like that? I've looked through much of the MediaWiki documentation and all I can find concerning the issues of security and permissions are those that relate to the wiki itself, and not the web server. There's no information about what to do with the files and directories in order to mask them from the public. Any help would be greatly appreciated.
Thank you.
---------------------------------
Blab-away for as little as 1¢/min. Make PC-to-Phone Calls using Yahoo! Messenger with Voice.
More information about the MediaWiki-l
mailing list