FreeGuide : Security

Distributed Pages:

Pm Wiki.Passwords General use of passwords
Pm Wiki.Passwords Admin More password options for the administrator
Pm Wiki.Url Approvals Require approval of Url links
Pm Wiki:Site Analyzer A tool for analyzing site configuration settings and security

Cookbook Pages

See also Cookbook index: Security
Cookbook:Blocklist 2 Block postings based on content or IP address
Cookbook:MT Black List Movable Type spam blacklist
Cookbook:Web Server Security Making the server more secure with .htaccess
Cookbook:Farm Security Making Farm installations secure
Cookbook:E Protect Hide e-mail address
Cookbook:Audit Images Check to see what images have been uploaded to your wiki.

What about the botnet security advisory at http://isc.sans.org/diary.php?storyid= 1672?

Sites that are running with PHP's register_globals setting set to "On" and versions of PmWiki prior to 2.1.21 may be vulnerable to a botnet exploit that is taking advantage of a bug in PHP. The vulnerability can be closed by turning register_globals off, upgrading to PmWiki 2.1.21 or later, or upgrading to PHP versions 4.4.3 or 5.1.4. In addition, there is a test at Pm Wiki:Site Analyzer that can be used to determine if your site is vulnerable.

If you would like to help improve this site, please Contact Us and we will give you the password to edit pages.
Page last modified on September 06, 2006, at 10:55 AM PmWiki Info	Edit - History - Print - Recent Changes (All) - Search