[MediaWiki-l] Locked-down intranet on public hostile Internet - how best to do this?

Chad innocentkiller at gmail.com
Wed Feb 1 15:29:31 UTC 2017

On Wed, Feb 1, 2017 at 3:19 AM David Gerard <dgerard at gmail.com> wrote:

> This is pretty much the "hard shell, tasty soft centre" security
> model. Is this a desperately unsafe thing to do? Has anyone else done
> this or something like it?
We do this every single day at Wikimedia. Think of the private wikis--ones
for Arbcom, Office, etc etc etc. They're internet-accessible but locked down
to anonymous users.

Just deny read permissions to anons and as long as you trust the login
method (in your case, Google) you should be fine. You can also whitelist
Main_Page to give people a warning and instructions to login.


More information about the MediaWiki-l mailing list