Changeset 606 for trunk/INSTALL


Ignore:
Timestamp:
Jan 1, 2005, 10:13:24 PM (17 years ago)
Author:
Dominic Hargreaves
Message:

Improve wiki.conf security.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/INSTALL

    r605 r606  
    215215custom-templates/ and are described in the file CUSTOMISATION. The id and
    216216class tags used for the CSS in OpenGuides are specified in README.CSS.
     217
     218* Security
     219
     220The installer will try to create (or modify an existing) a .htaccess file
     221to protect wiki.conf, which contains sensitive data (ie passwords).
     222However we cannot tell whether apache (or any other web server you may be
     223using) is using this file, so you should check that it functioning and that
     224you cannot access wiki.conf over HTTP.
     225
     226You should also configure wiki.conf with the minimum permissions required
     227so that local users cannot read the file. This is difficult to automate,
     228but the file should be probably be mode 0640, owned by root or an admin
     229user, and set to the group the web server runs with.
    217230
    218231* Web server configuration
Note: See TracChangeset for help on using the changeset viewer.