> I wanted to provide a quick heads up... recently we hardened the web > server. We did things like ensuring root owned things, user 'apache' had > u+r files, while providing u+rw in a few places as required, like runtime > temp directory for session information. Apache seems well configured now, > and mostly follows best practices. > > The hardening partially broke the wiki. For example, the wiki cannot > generate thumbnails at the moment. You can see its effects by visiting the > homepage. I'm having trouble clearing the issues because I cannot find a > guide on Mediawiki's security best practices, and or even a list of which > directories need u+rw. (I'd prefer MediaWiki run under a different security > context than Apache, but that does not appear to be a viable option). > > I've got a couple of questions open on the Stack Exchange network: > > * > http://webmasters.stackexchange.com/questions/93864/best-practice-for-temp-directory-used-by-mediawiki > * > http://webmasters.stackexchange.com/questions/93758/file-system-permission-for-mediawiki-uploads > * http://webapps.stackexchange.com/q/94930/72479 > > if you have experience with Administering MediaWiki, then please provide > some suggestions. >
Whoops, most of the references above to file permissions should be group: g+r, g+rw, etc. The files are owned by root, and apache gets access through the group. Jeff -- -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
