TikiWiki security problem? Posted by Josephine Tan 13 Nov 2005 14:08 GMT-0000 posts: 84 What are common tw security problems? How can we safeguard our tw sites from being sabotaged by others? ❓
Posted by Damian Parker 13 Nov 2005 14:52 GMT-0000 posts: 2881 Hi, Always keep upto date with the latest TikiWiki release. And protect your Apache with a .htaccess file to disallow access to files and folders, that shouldnt really be in the docroot. Examples and details of these are within the articles on tikiwiki.org. Make sure you are running at least 1.9.2 minimum! All previous releases are insecure. 1.8 releases are no longer maintained and should be upgraded to 1.9.2 with immediate effect. Cheers Damian p.s. Ta for the nudge 😉
Posted by Josephine Tan 13 Nov 2005 15:08 GMT-0000 posts: 84 > Always keep upto date with the latest TikiWiki release. And protect your Apache with a .htaccess file to disallow access to files and folders, that shouldnt really be in the docroot. > > Examples and details of these are within the articles on tikiwiki.org. Don't quite understand. Have looked at http://tikiwiki.org/tiki-index.php?page=TikiSecurity&highlight=security What does the following mean? Do I simply copy and paste into my .htaccess file? AuthType Basic AuthUserFile /dev/null AuthGroupFile /dev/null Require valid-user > ** Make sure you are running at least 1.9.2 minimum! All previous releases are insecure. 1.8 releases are no longer maintained and should be upgraded to 1.9.2 with immediate effect. Actually, I've already upgraded to 1.9.2. Still...
