Manual talk:Preventing access

Archives
Archive 1 Archive 2

[edit] How diffs could be visible again in the RSS or Atom feeds ?

In Manual:Preventing access#Restrict viewing of all pages it is said that :

In addition to the main page of such a private site, you could give access to the Recentchanges page (if you think that its content isn't private) for feed readers by adding "Special:Recentchanges" to $wgWhitelistRead.

But the problem is that since MediaWiki 1.12, as soon as "Disable reading by anonymous users" is set, the diffs aren't shown anymore in the feeds.

How come ?

How diffs could be visible again in the RSS or Atom feeds ?

--Dieudo 00:20, 10 January 2011 (UTC)

[edit] writeapi

Ohmygod Manual:$wgEnableWriteAPI and the writeapi permission is true by default, but not one word is mentioned about the API. Say if spammers can directly use the default wide open writeapi permission to spam away unthwarted? Jidanni 08:23, 22 January 2011 (UTC)

Right. Just as they could use the regular edit interface. —Emufarmers^(T|C) 23:26, 22 January 2011 (UTC)

So locking it down should be mentioned just as much as locking down the corresponding regular edit interface, please. Jidanni 00:09, 23 January 2011 (UTC)

If you've removed the edit right from a group, they won't be able to edit through the write API either. —Emufarmers^(T|C) 00:51, 23 January 2011 (UTC)

That's good to know. Jidanni 01:02, 23 January 2011 (UTC)

[edit] "Consider whether MediaWiki is right for you"

I proposed a certain organization to install MediaWiki. They described their needs to me, so i worked for a few days to demonstrate them that MediaWiki fits their needs - i installed it on my laptop, wrote a few pages in the style they need, defined user permissions to their liking.

But then they asked their sysadmin to install it on their servers. For some reason, he started looking for excuses not to do it. Among other things, he cited this page: "Consider whether MediaWiki is right for you. MediaWiki was not originally designed for private wikis, so other software may be more suitable".

In this case this was already done - as i said, i already demonstrated that the page design and the security is suitable for them. But now this installation is on hold because of this rather ridiculous reason - they are "reconsidering" because this page told them to do so.

Is this sentence still true? Is MediaWiki so badly suited for a "Simple private wiki"? And is this sentence really needed here? --Amir E. Aharoni 15:57, 16 February 2011 (UTC)

They should certainly consider whether this is the software they actually want: most people just install the first thing they see. If MediaWiki really is the best option for them, we may hope their consideration will lead them to that conclusion.

MediaWiki should be able to handle the use case you describe without any problems, although I can recall one hole that was patched only a couple months ago. There's been a certain amount of warning creep over the years (people don't usually like removing warnings!); I've gone ahead and removed this one. —Emufarmers^(T|C) 07:43, 17 February 2011 (UTC)

[edit] Dosn't seem to work

I've been trying to disable read access by anonymous users. I've added the code to the LocalSettings.php file and nothing seems to happen. I can still see every page when not logged in. I also tried adding the account creation line suggested and it isn't working either. I tired adding some random letters to the top of the LocalSettings.php file just to confirm that it is the right file, and it broke the wiki, so it is working. I just can't seem to figure out why those lines are having no effect. Any ideas?

Add the code at or near the bottom of the file, not the top. —Emufarmers^(T|C) 10:49, 6 April 2009 (UTC)

Thats what I did, and I removed the <? as well, and I can still access all the pages as a anon. sfeild@uark.edu

You mean ?>, right?

The only thing I can suggest is that you paste the contents of your LocalSettings.php file (with passwords removed) so I can look for a problem. —Emufarmers^(T|C) 20:21, 6 April 2009 (UTC)

I wanted to prevent anonymous users to read/edit my wiki. i added to my LocalSettings.php those lines and it's still not working. Thanks! --213.203.135.77 08:20, 23 May 2011 (UTC)

# Disable reading by anonymous users
$wgGroupPermissions['*']['read'] = false;
# But allow them to read e.g., these pages:
#$wgWhitelistRead =  array ( "Main Page", "Special:Userlogin", "Help:Contents");
# Like previous, but for French (be careful of encoding! save file as UTF-8!)
# $wgWhitelistRead = array( ":Page Principale", "Special:Userlogin", "Aide en français");
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['user']['edit'] = false;
$wgGroupPermissions['sysop']['edit'] = true;
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['user']['edit'] = false;
$wgGroupPermissions['sysop']['edit'] = false;
# Prevent new user registrations except by sysops
$wgGroupPermissions['*']['createaccount'] = false;
# Prevent new user registrations by anyone
$wgGroupPermissions['*']['createaccount'] = false;
$wgGroupPermissions['sysop']['createaccount'] = false;

The same advice applies as above. Given that you included the same line three times, I suspect you might have added something else you didn't mean to. —Emufarmers^(T|C) 08:59, 23 May 2011 (UTC)

Thanks, i'm not really into those things, i'm sure i messed up somewhere :); if you have time you can see my LocalSettings.php here --213.203.135.77 09:13, 23 May 2011 (UTC)

What exactly isn't working? Are unregistered users still able to see all pages? Can I have a link to your wiki?

You should probably change your database password, since you just posted it for the world to see. —Emufarmers^(T|C) 10:27, 23 May 2011 (UTC)

[edit] A way to restrict editing to logged in people, but keep the edit links

I wonder if there is a way to keep the edit links available once I've restricted editing to only logged in users. The use case is this: the people browsing our internal wiki might not realize they can edit unless they see the links. I want to avoid misunderstanding that the wiki doesn't allow edits for them: I imagine they'd more readily click the edit tab then get a login challenge than just guess they have to login to edit the page.

[edit] Diff of hack to keep edit links after requiring a login to edit a page

branch

http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_5/phase3

Index: includes/SkinTemplate.php
===================================================================
--- includes/SkinTemplate.php   (revision 90117)
+++ includes/SkinTemplate.php   (working copy)
@@ -737,7 +737,8 @@
                        );
 
                        wfProfileIn( __METHOD__ . '-edit' );
-                       if ( $this->mTitle->quickUserCan( 'edit' ) && ( $this->mTitle->exists() || $this->mTitle->quickUserCan( 'create' ) ) ) {
+#                      if ( $this->mTitle->quickUserCan( 'edit' ) && ( $this->mTitle->exists() || $this->mTitle->quickUserCan( 'create' ) ) ) {
+                       if ( true ) {
                                $istalk = $this->mTitle->isTalkPage();
                                $istalkclass = $istalk?' istalk':'';
                                $content_actions['edit'] = array(
Index: languages/messages/MessagesEn.php
===================================================================
--- languages/messages/MessagesEn.php   (revision 90117)
+++ languages/messages/MessagesEn.php   (working copy)
@@ -1008,7 +1008,7 @@
 'actionthrottledtext'  => 'As an anti-spam measure, you are limited from performing this action too many times in a short space of time, and you have exceeded this limit.
 Please try again in a few minutes.',
 'protectedpagetext'    => 'This page has been locked to prevent editing.',
-'viewsourcetext'       => 'You can view and copy the source of this page:',
+'viewsourcetext'       => 'If you haven\'t logged in, try logging in. You can view and copy the source of this page:',
 'protectedinterface'   => 'This page provides interface text for the software, and is locked to prevent abuse.',
 'editinginterface'     => "'''Warning:''' You are editing a page which is used to provide interface text for the software.
 Changes to this page will affect the appearance of the user interface for other users.

Davious 19:21, 5 August 2011 (UTC)

[edit] TextEdit for Mac

Is it okay to use TextEdit for Mac computers? It does mention about Notepad for Windows, but nothing for the Mac platform. --TJRana 22:30, 24 December 2011 (UTC)