I'm not sure how much help this is, but it should be possible to "section
off" certain levels of the wiki for certain user groups (you could possibly make a
"user group" for every individual user if you needed to)
What you would do, for sections with info so sensitive that only one or two people should
have access is simply to restrict everything, even the ability to read the page (including
the page source) in any way, to just those user groups you specify. This would effectively
secure that information to just those parties alone, though this would require manually
toggling settings for each user group, which would be extremely tedious yet doable.
That security hassle aside, MediaWiki is probably the best option you have for handling
such a large amount of content, and while I'm no expert on wiki security, it is
probably the most well featured wiki when it comes to additional security options and
extensions you can install and configure, and I would highly recommend using it.
In fact, I found an extension that should serve your security needs well in blocking even
page sources from being viewable (for your needs, this would be essential)
https://www.mediawiki.org/wiki/Extension:ProtectSource
You also want this extension, just to close loopholes in the above extension, such as the
Special:Import/Export special pages:
https://www.mediawiki.org/wiki/Extension:DisableSpecialPages
I'm not sure what else you need at the moment, but you should check out all the page
permission and security extensions on
MediaWiki.org, not to mention all the page
permission documentation available to determine how feasible the level of security you
desire is:
https://www.mediawiki.org/wiki/Permissions
Hope that helps.
From: pierre.labrecque(a)live.ca
To: mediawiki-l(a)lists.wikimedia.org
Date: Fri, 9 Aug 2013 23:10:05 -0400
Subject: [MediaWiki-l] Mediawiki as an Enterprise wiki
Hello,
(sorry for my poor English.)
This is probably a recurring question.
I work for an IT company of around 80 000 employees and we would like to
build an enterprise wiki, where we will put all our technical documentation
(how to, troubleshooting, scripting, etc.).
80 000 employees, but this wiki will be for 1000 of them. It may generate a
minimum of 200 000/300 000 pages + images + etc.
You have to know that in some of our documentation, we have usernames and
passwords, or maybe firewall configuration, etc. for different customers.
Of course, I know that Mediawiki cannot provide a per page/category security
(at a read level): my understanding is that Mediawiki is "Read all pages" or
"Access denied to all pages". nothing in between. So we cannot restrict view
of some documents to a specific group.
Fine.
So let's say that it's not a problem and that all our technicians will be
able to read all the technical documents, of all our customers.
Someone told me that we just don't have to put some confidential
informations in our wiki documents (no user/password/confidential
config/etc.).
Fine. But where ? If we don't put them in the wiki pages, it means that the
users will have to go in the wiki for the basic informations, then go on
another tool to have the confidential info.
Now, my question: how do you manage this ?
I really love Mediawiki and would like to implement it in our business, but
I haven't enough information on how this can be implemented in the reality
of a business.
And no: no budget to buy something like Confluence.
I have try Dokuwiki, XWiki, Tiki, MoinMoin, many others. I love Dokuwiki
too, but wasn't sure enough it was a strong tool to be able to manage that
amount of pages/images/. Anyway, I always come back to MediaWiki. I don't
know why.
Best regards,
Pierre
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l