[pmwiki-users] Newbie Alert!!! - basic site security?
Jeff Schallenberg
schallenberg.jeff at gmail.com
Fri Oct 19 10:38:48 CDT 2007
I have just installed a pmwiki site on my Ubuntu server.
It works and looks great - I have configured a logo and a skin, I can create
and edit pages - but that is the problem. This site is to be used for a
private non-profit group - less than a dozen users. I would like to allow
viewing, editing and uploading only by this group.
I have edited the config.php file to include the following lines:
$DefaultPasswords['admin'] = crypt('secret');
$EnableUpload = 1;
$DefaultPasswords['upload'] = crypt('secret');
But, even after restarting the server, I can still edit pages without
entering any password. If I check the recent changes, I see:
- HomePage<http://jeffnet.zapto.org:85/pmwiki/pmwiki.php?n=Main.HomePage>.
. . October 19, 2007, at 08:54 AM by ?:
- NewPage<http://jeffnet.zapto.org:85/pmwiki/pmwiki.php?n=Main.NewPage>.
. . October 19, 2007, at 08:42 AM by ?:
- WikiSandbox<http://jeffnet.zapto.org:85/pmwiki/pmwiki.php?n=Main.WikiSandbox>.
. . October 18, 2007, at 08:49 PM by ?:
So, pmwiki doesn't even know who is editing!
How can I protect my pmwiki site so that I have admin privileges, and group
members have read, write and upload privileges.
I have read the documentation on security and passwords, and I understood
that setting passwords in config.php was sufficient to limit edit privileges
to users who know those passwords.
What am I missing?
Thanks for your help! And thanks for the great software!
Jeff Schallenberg
--
- Jeff
-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/pmwiki-users/attachments/20071019/bb0e6d2e/attachment.html
More information about the pmwiki-users
mailing list