customizing mediawiki for internal use

After Internet Librarian, ricklibrarian was jazzed up about using a wiki for an internal knowledge base. I should have called him “wiklibrarian.” So, last night I installed Mediawiki on the TFML website. I’ve done a few installs of Mediawiki which made this one fast and smooth.

What did, however, take a little bit of searching and a little bit of time was to find what I needed to add to LocalSettings.php to secure the site. Here’s what needed to be done, in order of security strength:

  • Only registered users can comment
  • Only registered users can see the wiki
  • No non-user can register to be a user

This will allow for staff to post freely, and will keep the library’s internal business internal. To perhaps save you all some time, I’ll list here the code I added to LocalSettings.php to achieve the above results. This will give you a private wiki without having to mess with .htaccess or other authentication. Yay. Note: If you prevent user registration, you’ll have to pre-register people and give them usernames and passwords.

## stuff i'm adding (ADS)

# This snippet prevents editing from anonymous users
$wgGroupPermissions['*']['edit'] = false;

# This lists ages anonymous (not-logged-in) users may see (only the log-in)
$wgWhitelistRead = array("Special:Userlogin", "-", "MediaWiki:Monobook.css" );
$wgGroupPermissions['*']['read'] = false;

# This snippet prevents anonymous users registering
$wgGroupPermissions['*']['createaccount'] = false;

For the sake of transparency, a case could be made for having this wiki’s content open for all to see. In fact, I’m sure library users would enjoy browsing some of the sections like “Staff Recipes,” and “Sure fire books” in the YA section, but it might be best to start with it protected. If the content turns out to have any utility for the public, perhaps we could move to protecting only specific pages.

23 thoughts on “customizing mediawiki for internal use”

  1. Glad to see that Rick is so fired up about wikis now! :) Yeah, I don’t think there’s anything wrong with having an internal wiki being for internal eyes only and I’m glad you found that it wasn’t all that difficult to make it private, especially if you don’t have a large population that you need to give usernames and passwords to. It gets very complicated when people want to create very granular permissions (like where some people can only see the wiki, others can edit, others can edit and upload files, etc.). Maybe if the internal wiki works out and staff really get into it, a wiki for the public will be the next step! :)

  2. This couldn’t have come at a better time. My wide open wiki got vandalised by a student. Now I have locked them out , thanks to your code snippets. Thanks again.

  3. thanks very much, I have a private wiki I wanted to restrict access to; I figured all that I needed was probably in the mediawiki documentation but this saved me a few minutes reading!

  4. Is there any way to prevent access of media/image files by non-logged in users? With this solution in place, any user (logged in or not) can access media/image files so long as they have the direct URL to the file.

  5. Thanks a ton! This is exactly what I was looking for. I use mediawiki as a personal knowledge base and nobody but me needs to see it :)

    Works beautifully too.

Leave a Reply