privacy concerns for self-hosted wiki

[Rob Locher]

Greetings all,

I've just discovered TiddlyWiki, what an amazing thing!  It sure beats the collection of text files I'd been using.  Somehow I even managed to install a wiki on my website by uploading the wiki file itself and store.php.  Now I can access my notes from work, hurrah!

I have some privacy concerns.  Currently the wiki's only protection is its "secret" URL; anyone who has the URL can edit the wiki.  The username and password are pre-populated in the control panel.  It seems as though it could be just a matter of time before some bot discovers the wiki and spams it.  (I had a bad experience once as the webmaster of a CMS-based website.)

Ideally I'd like visitors to be required to authenticate before even seeing the wiki.  I definitely need some sort of control so that not just anyone can save it.  Does anyone have any suggestions?

- Rob

[PMario]

On Friday, October 13, 2017 at 11:29:18 PM UTC+2, Rob Locher wrote:

I have some privacy concerns.  Currently the wiki's only protection is its "secret" URL; anyone who has the URL can edit the wiki. 

You should use https://    ... https://letsencrypt.org/ is the way to go here. Your hosting provider may have additional info!

 

The username and password are pre-populated in the control panel.

IMO this in only there because your browser does it. ... So check your browser settings and have a look at your saved passwords. ... Make sure you know them, remove them and have a look at the panel again.

have fun!
mario

[TonyM]

Rob,

What is your website host?. I have used .htaccess to secure folders and cpanel has a tool to protect folders.

Tony