• Your recent searches
CGI-pWiki
1 match

 view release on metacpan or  search on metacpan

pWiki.pm  view on Meta::CPAN 

There is no need to add any handler besides B<.wiki> and B<.text>,
if you dont want to manage the other files with B<pWiki>.
Handling B<.xsl> files in fact opens a wide security hole, and should
B<NOT> be done outside a B<VirtualHost 127.0.0.1> environment.

=head2 Security

CGI::pWiki will offer users from outside to write files in the
document root of your webserver. It is therefore a possible
security hole. The minimal security is to constrain write access
by using the Unix C<chmod> command. e.g. :

 mkdir /var/www/test.copyleft.de
 echo "=location /open/index.wiki" /var/www/test.copyleft.de/index.wiki
 mkdir /var/www/test.copyleft.de/open
 touch /var/www/test.copyleft.de/open/index.wiki
 chmod a+w /var/www/test.copyleft.de/open
 chmod a+w /var/www/test.copyleft.de/open/index.wiki

This will create a document root for the test site, installs
a relocation of the index page, and creates an open area and
its index page, and makes it world writeable, while other
areas will stay read only.

A typical all public site for creating open content may want
to allow every directory to be writeable. Adopt the following
lines to migrate existing content.

 find /var/www/test.copyleft.de/ -print | xargs sudo chown kraehe.www-data
 find /var/www/test.copyleft.de/ -type d -print | xargs chmod 6775
 find /var/www/test.copyleft.de/ ! -type d -print | xargs chmod 664

You may want to restrict edit access to the Wiki as a webmaster
by defining a directory directive :

 <Directory /var/www/test.copyleft.de>
     AuthUserFile /usr/local/etc/test.copyleft.de.htpasswd
     AuthName "For Test Only"
     AuthType Basic
     <Limit POST>
         require valid-user

pWiki.pm  view on Meta::CPAN 


=head2 First Test

You can now test the pWiki by reloading Apache. Create a directories
for your virtual host to contain a database called pWiki. The second
directory needs to be writeable by the webserver, as it contains the
shadow pages, if people change the content online.

 mkdir -p /var/www/test.copyleft.de/pWiki
 mkdir -p /var/lib/pWiki/test.copyleft.de/pWiki
 chmod a+w /var/lib/pWiki/test.copyleft.de/pWiki

Browse at your fresh created test site and enter the URL :

 http://test.copyleft.de/pWiki/index.wiki

This should show an edit window. Submit something like the following :

 This is a test for pWiki.

Click on the pWiki and submit the following :



( run in 0.241 second using v1.01-cache-2.11-cpan-496ff517765 )