From: <de...@de...> - 2013-07-01 05:51:15
|
Author: PeterThoeny Date: 2013-07-01 00:51:05 -0500 (Mon, 01 Jul 2013) New Revision: 26031 Trac url: http://develop.twiki.org/trac/changeset/26031 Modified: twiki/trunk/core/data/TWiki/TWikiInstallationGuide.txt Log: Item7151: Remove obsolete reference to protecting the configure script by IP address - configure is now protected by password Modified: twiki/trunk/core/data/TWiki/TWikiInstallationGuide.txt =================================================================== --- twiki/trunk/core/data/TWiki/TWikiInstallationGuide.txt 2013-06-28 07:27:24 UTC (rev 26030) +++ twiki/trunk/core/data/TWiki/TWikiInstallationGuide.txt 2013-07-01 05:51:05 UTC (rev 26031) @@ -1,4 +1,4 @@ -%META:TOPICINFO{author="TWikiContributor" date="1368057869" format="1.1" version="$Rev$"}% +%META:TOPICINFO{author="TWikiContributor" date="1372657864" format="1.1" version="$Rev$"}% %STARTINCLUDE% ---+ TWiki Installation Guide @@ -52,13 +52,12 @@ 1 *Configure the webserver* * Unless you are an Apache expert setting up the webserver can be quite difficult. But TWiki has three resources that make setting up Apache easier. * The best and easiest way is to use webpage TWiki:TWiki.ApacheConfigGenerator which contains a tool that can generate a safe and working config file for TWiki on Apache. - * In the root of the twiki installation you find an example config file =twiki_httpd_conf.txt= - * In the root of the twiki installation and in the =twiki/bin= directory you find example =.htaccess= files you can copy and modify. The files contains help text explaining how to set them up. In =twiki/bin= you find =.htaccess.txt= which can be copied to =.htaccess= and defined access to the CGI scripts. In the root of TWiki you find =pub-htaccess.txt= which you can copy to =pub/.htaccess=, =subdir-htaccess.txt= which you can copy to all directories as =.htaccess= except bin and pub, and you find =root-htaccess.txt= which you can copy to =.htaccess= in the twiki root directory. But again only use .htaccess files if you do not have root priviledges. + * In the root of the twiki installation you find an example config file =twiki_httpd_conf.txt= (nevertheless, it is better to use the generator). + * In case you do not have root priviledges on the server: + * In the root of the twiki installation and in the =twiki/bin= directory you find example =.htaccess= files you can copy and modify. The files contains help text explaining how to set them up. In =twiki/bin= you find =.htaccess.txt= which can be copied to =.htaccess= and defined access to the CGI scripts. + * In the root of TWiki you find =pub-htaccess.txt= which you can copy to =pub/.htaccess=, =subdir-htaccess.txt= which you can copy to all directories as =.htaccess= except bin and pub, and you find =root-htaccess.txt= which you can copy to =.htaccess= in the twiki root directory. But again only use .htaccess files if you do not have root priviledges. * If you are unsure about how to do this on your system, see TWiki:TWiki.InstallingTWiki#OtherPlatforms for links to information about various server setups. * __Note:__ When you use config files you need to restart Apache each time you change a setting to make the new setting active. - 1 *Protect the configure script* - * You should never leave the =configure= script open to the public. Limit access to the =twiki/bin/configure= script to either localhost, an IP address or a specific user using basic Apache authentication. The TWiki:TWiki.ApacheConfigGenerator lets you setup who has access to the configure script. Also the example twiki-httpd-conf.txt and bin/.htaccess.txt files includes the needed setting to protect the configure script. - * If you limit the access to a particular user then you need to setup a .htpasswd file that contains the user name and password that Apache will authenticate against. Per default both TWiki:TWiki.ApacheConfigGenerator and the example config files and .htaccess files uses =twiki/data/.htpasswd= but this file does not exist until you have TWiki running and have registered the first user. You therefore have two options. Either limit the access to localhost or an IP address, or make a .htpasswd file. To make a .htpasswd file change directory to =twiki/data= and issue the command =htpasswd -c .htpasswd username= and enter your password when asked. The username must match the =Require user username= directive in the Apache config file or .htaccess file. Do not use a username you will later use to register in TWiki because TWiki will then claim that you are already registered. 1 *Run the =configure= script* from your browser (enter =http://yourdomain/twiki/bin/configure= into your browser address bar) * Specify and reenter a password. This is your configure password, as well as the =admin= user password once TWiki is running. * __Note:__ In case you forgot the password, you can reset it by deleting ==$TWiki::cfg{Password}== from ==LocalSite.cfg== file from =={TWIKI_ROOT}/lib== directory. |