After Internet Librarian, ricklibrarian was jazzed up about using a wiki for an internal knowledge base. I should have called him “wiklibrarian.” So, last night I installed Mediawiki on the TFML website. I’ve done a few installs of Mediawiki which made this one fast and smooth.
What did, however, take a little bit of searching and a little bit of time was to find what I needed to add to LocalSettings.php to secure the site. Here’s what needed to be done, in order of security strength:
- Only registered users can comment
- Only registered users can see the wiki
- No non-user can register to be a user
This will allow for staff to post freely, and will keep the library’s internal business internal. To perhaps save you all some time, I’ll list here the code I added to LocalSettings.php to achieve the above results. This will give you a private wiki without having to mess with .htaccess or other authentication. Yay. Note: If you prevent user registration, you’ll have to pre-register people and give them usernames and passwords.
## stuff i'm adding (ADS)
# This snippet prevents editing from anonymous users
$wgGroupPermissions['*']['edit'] = false;
# This lists ages anonymous (not-logged-in) users may see (only the log-in)
$wgWhitelistRead = array("Special:Userlogin", "-", "MediaWiki:Monobook.css" );
$wgGroupPermissions['*']['read'] = false;
# This snippet prevents anonymous users registering
$wgGroupPermissions['*']['createaccount'] = false;
For the sake of transparency, a case could be made for having this wiki’s content open for all to see. In fact, I’m sure library users would enjoy browsing some of the sections like “Staff Recipes,” and “Sure fire books” in the YA section, but it might be best to start with it protected. If the content turns out to have any utility for the public, perhaps we could move to protecting only specific pages.
21 Comments
This was just what I was looking for….
Thanks
Glad to see that Rick is so fired up about wikis now! :) Yeah, I don’t think there’s anything wrong with having an internal wiki being for internal eyes only and I’m glad you found that it wasn’t all that difficult to make it private, especially if you don’t have a large population that you need to give usernames and passwords to. It gets very complicated when people want to create very granular permissions (like where some people can only see the wiki, others can edit, others can edit and upload files, etc.). Maybe if the internal wiki works out and staff really get into it, a wiki for the public will be the next step! :)
Glad it is of use, Tim. Can’t wait to see what you do with it.
ooh, goody! when can we start using it?
go for it!
Thanks!
You’re right near the top of a google search for “upload registered users only mediawiki”
This couldn’t have come at a better time. My wide open wiki got vandalised by a student. Now I have locked them out , thanks to your code snippets. Thanks again.
thanks very much, I have a private wiki I wanted to restrict access to; I figured all that I needed was probably in the mediawiki documentation but this saved me a few minutes reading!
Is there any way to prevent access of media/image files by non-logged in users? With this solution in place, any user (logged in or not) can access media/image files so long as they have the direct URL to the file.
Thank you for sharing your knowledge! It works in exactly in the way I need.
Thank you!
This works well – MediaWiki is an amazing piece of free software isn’t it?
– David (darkchestnut.com)
Thanks a ton! This is exactly what I was looking for. I use mediawiki as a personal knowledge base and nobody but me needs to see it :)
Works beautifully too.
Why the “-” in the whitelist-array?
Thank you for sharing. I was trying to install a private wiki, this helped me a lot.
Great… This is exactly what I was looking for :-)
Fixed the issue of the images still getting exposed to random passers-by. See my blog post for instructions.
Hope to help.
dagobart
Thank you so much. This was very simple and helpful.
Thanks a million. You saved me a day.
We still use the wiki pretty heavily two and a half years later. And someone is still reading this post, as they got to my blog via the link.
perfect! thanks!
One Trackback
[...] So, installed Mediawiki? — aptitude install mediawiki. Then directed the browser to the wiki. You can do that by something like this: http://localhost/mediawiki/. I got the familiar Mediawiki “I’m ready to setup” page, filled in the demanded input fields, confirmed. When Mediawiki was done, I moved the LocalSettings.php around, as Mediawiki demanded. Once done with that, I applied the patch: [...]