How to set up a private wiki

From Cor ad Cor
Jump to navigation Jump to search

Goal: set up a private wiki that can be read or edited only by a limited number of team members.

Prerequisites — AMP

An "AMP" stack is Apache, MySQL, and PHP. It is possible to configure Windows servers with these three components (WAMP) or linux servers (LAMP).

- a server that is accessible to the world wide web
- I use linux servers. Windows NT servers that supply Apache, MySQL, and PHP (or their functional equivalents) can also be used.
- I use Apache as my HTTP server.
- a folder on the server that is password protected
- permission to install wiki software and run the management scrips
- permission from the owner of the server
- permission ON the system itself (unix/linux concept) — a username and password with privileges to run scripts, make folders, rename, delete, remove, etc.; FTP and shell privileges for that folder
- MySQL (or MariaDB or the functional equivalent): a database system
- username and password associated with a database; power to modify the database, make new tables, delete, rename, ...
- PHP

Installation

General concepts
- Install wiki files in your password-protected folder
- Configure the wiki to use your database username, password, and database
- Lock wiki access internally so that only the wikimaster can grant users editing privileges
- Authorize users as editors (issue usernames and passwords)

My favorite wiki software is MediaWiki, the software that has been developed for and is used by Wikipedia.

There are many other kinds of wiki systems. If your system administrators are already familiar with one of these, it would probably be preferable to use that system.

Maintenance

You must patch and upgrade Mediawiki regularly to guard against security problems.

Your first defense for security is the password-protected folder. Every person will be given the same username and password to access the wiki inside that folder.

Your second defense is Mediawiki itself. All of the editors will have their own username and password on the wiki itself. If someone steals the password for the folder, it will not give them editing privileges on the wiki.