Menu
▾
▴
Re: [Phpwiki-talk] help!!
|
From: Ben H. <ph...@gr...> - 2005-09-22 22:18:00
|
On Thu, Sep 22, 2005 at 04:06:31PM -0500, Burgoyne, Rebecca wrote: > On Thu, Sep 22, 2005 at 03:55:24PM -0500, Ben Hartshorne wrote:=20 > > On Thu, Sep 22, 2005 at 03:45:27PM -0500, Burgoyne, Rebecca wrote: > > > My wiki is getting spammed! How can I stop spam links from showing > > > up on my wiki? > > > > You could require logins with passwords to edit, if that is feasible > > in your environment. > > > Oh, yeah. I guess I could do that. How do I do that? Rebecca, I am bringing this conversation back to the phpwiki-talk list, because I am interested in others comments about my response, and I think (especially about deletes) some other members of this list might have better answers. You'll want to set=20 ALLOW_ANON_USER=3Dtrue ALLOW_ANON_EDIT=3Dfalse ALLOW_BOGO_LOGIN=3Dfalse ALLOW_USER_PASSWORDS=3Dtrue If you ALLOW_BOGO_LOGIN=3Dtrue, users will still have to log in, but the password checking routines are disabled - they can use any or no password. That might defeat bots. > It's not really favorable to me. Is there a way to maybe protect only > one page? You could try using .htaccess and some fancy URL-matching rules to use apache authentication only for certain pages. I don't really know if it would work, since phpwiki uses index.php/foo as its path, but adding the following to the .htaccess file in the root of your wiki installation might work: <Files index.php/MyRestrictedFile> AuthType Basic AuthName "My Restricted Wiki File" AuthUserFile /path/to/phpwiki/root/.htpasswd Require valid-user </Files> You can also use wildcards in the <Files> directive, so you might be able to use <Files index.php/*Secret*>, and then any page in which you include the word 'Secret' would require authentication. Again, I don't know if this will work. The Files directive might need to match a physical file instead of the funkiness of passing a /foo to index.php. But you might be able to do something like that. I am also interested in selective page protection, but I would rather use the phpwiki authentication to define classes of users that can access certain pages. No idea how to do so, if it is even possible. =20 > Also, is there a way to delete pages? I don't know. I think you might be able to muck with the DB directly to delete pages, or you can just remove the links and so orphan them... -ben --=20 Ben Hartshorne email: be...@ha... http://ben.hartshorne.net |
