You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Crypto++ Users
Hi Everyone,
I wanted to provide a quick heads up... recently we hardened the web server. We did things like ensuring root owned things, user 'apache' had u+r files, while providing u+rw in a few places as required, like runtime temp directory for session information. Apache seems well configured now, and mostly follows best practices.
The hardening partially broke the wiki. For example, the wiki cannot generate thumbnails at the moment. You can see its effects by visiting the homepage. I'm having trouble clearing the issues because I cannot find a guide on Mediawiki's security best practices, and or even a list of which directories need u+rw. (I'd prefer MediaWiki run under a different security context than Apache, but that does not appear to be a viable option).
I've got a couple of questions open on the Stack Exchange network:
if you have experience with Administering MediaWiki, then please provide some suggestions.
Jeff
Jeffrey Walton
unread,
Jun 19, 2016, 10:48:16 PM6/19/16
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Crypto++ Users
Whoops, most of the references above to file permissions should be group: g+r, g+rw, etc. The files are owned by root, and apache gets access through the group.