Template:Page specific user rights extensions

The Page specific user rights extensions category contains various extensions that attempt to restrict a user's access to specific pages based on the namespace, category links, and/or title patterns.

Before installing one of these extensions, users should be aware that such extensions are likely to exhibit three significant problems:


 * caching problems: MediaWiki's page caching facilities do not currently support rights-specific caching.  That means MediaWiki caches one versions of a page and then serves that page to everyone without rechecking to see if the next user has the proper rights.  Any extension that tries to exclude or hide part of a page based on user rights is likely to result in performance declines (if caching is turned off) and/or security leaks when a page cached for a user with higher rights is later viewed by a user with lesser rights.
 * multiple exit paths: Page content has many exit paths in MediaWiki: direct page views, excerpts inserted into search results, special pages, RSS feeds, and numerous extensions that read directly from the MediaWiki database.  There is no one exit path that either the MediaWiki core or its extensions rely on.  Hence it is virtually impossible for any extension to provide full security.
 * system security: Content management security is inseparable from overall system security.  The default MediaWiki configuration places database passwords in plain text on a file located on the same server as the mediawiki installation.  There is no attempt to secure the host web server or underlying database.  If the underlying system is insecure, any extension added on top of that system is also insecure.