Wiki Configuration
Posted: Sun Mar 07, 2010 12:52 am
Mac,
At some point, it was pointed out to me that people couldn't read the wiki if they weren't logged in. We want OpenURU.org to be as open as possible, so we fixed that so our wiki pages were public. But somehow the restiction snuck back in during more recent work. I would like to fix it again. Is there any reason we can't open the pages to the public with the other security measures we've taken?
Here's the current relevant setup:
# user rights
# only logged in users may read, only confirmed email may edit
$wgGroupPermissions['*']['read'] = false;
$wgEmailConfirmToEdit = true;
# Disable editing and creation for everyone.
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['*']['createpage'] = false;
$wgGroupPermissions['*']['createtalk'] = false;
# Disable for users, too: by default 'user' is allowed to edit, even if '*' is not.
$wgGroupPermissions['user']['edit'] = false;
$wgGroupPermissions['user']['createpage'] = false;
$wgGroupPermissions['user']['createtalk'] = false;
# Finally, set it to true for the desired group.
$wgGroupPermissions['autoconfirmed']['edit'] = true;
$wgGroupPermissions['autoconfirmed']['createpage'] = true;
$wgGroupPermissions['autoconfirmed']['createtalk'] = true;
# rights to read (if not logged in) just to the mainpage and some special pages
$wgWhitelistRead = array( "Main Page", "Special:Userlogin");
# no discussion pages for anonymous users
$wgDisableAnonTalk = true;
At some point, it was pointed out to me that people couldn't read the wiki if they weren't logged in. We want OpenURU.org to be as open as possible, so we fixed that so our wiki pages were public. But somehow the restiction snuck back in during more recent work. I would like to fix it again. Is there any reason we can't open the pages to the public with the other security measures we've taken?
Here's the current relevant setup:
# user rights
# only logged in users may read, only confirmed email may edit
$wgGroupPermissions['*']['read'] = false;
$wgEmailConfirmToEdit = true;
# Disable editing and creation for everyone.
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['*']['createpage'] = false;
$wgGroupPermissions['*']['createtalk'] = false;
# Disable for users, too: by default 'user' is allowed to edit, even if '*' is not.
$wgGroupPermissions['user']['edit'] = false;
$wgGroupPermissions['user']['createpage'] = false;
$wgGroupPermissions['user']['createtalk'] = false;
# Finally, set it to true for the desired group.
$wgGroupPermissions['autoconfirmed']['edit'] = true;
$wgGroupPermissions['autoconfirmed']['createpage'] = true;
$wgGroupPermissions['autoconfirmed']['createtalk'] = true;
# rights to read (if not logged in) just to the mainpage and some special pages
$wgWhitelistRead = array( "Main Page", "Special:Userlogin");
# no discussion pages for anonymous users
$wgDisableAnonTalk = true;
We've fixed that. The odd spammer that was still getting through wasn't going to be deterred by not being able to read pages because they were actually going through the whole account activation process, so were obviously real people rather than bots.