BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] Wiki Security Risk
- Subject: [Discuss] Wiki Security Risk
- From: greg at freephile.com (Greg Rundlett (freephile))
- Date: Thu, 6 Feb 2014 23:35:36 -0500
MediaWiki software is very secure (from hackers, or general software vulnerabilities) when properly setup, configured and maintained. See http://www.mediawiki.org/wiki/Manual:Security for more info on how to setup/secure LAMP and MediaWiki There were only 5 vulnerability reports in 2013 against MediaWiki - with details (severity, scope, type) here: http://secunia.com/advisories/product/2546/?task=statistics_2013 MediaWiki software is not designed to manage fine-grained access control over contents. Therefore it would make a horrible customer account reporting system for a bank. If you want a MediaWiki with content-specific authorization controls, read about how you'll be fighting the system internals here: http://www.mediawiki.org/wiki/Security_issues_with_authorization_extensions Quick tip: if you want to setup a public (or private) MediaWiki while preventing spammers or non-authorized users from logging in and _creating_ content, then use the OpenID extension ( http://www.mediawiki.org/wiki/Extension:OpenID) Greg Greg Rundlett http://eQuality-Tech.com http://freephile.org
- Prev by Date: [Discuss] Cryptoparty at Northeastern
- Next by Date: [Discuss] [Position-wanted] Tony Koker, SAN man pro. EE seeking FT/PT or contract leads
- Previous by thread: [Discuss] Wiki Security Risk
- Next by thread: [Discuss] Cryptoparty at Northeastern
- Index(es):
