Written by:David Aldridge3/29/2011 12:17 PM
Media Wiki is a great piece of code. However if you are setting one up then its default settings are very permissive indeed for posting. On a site the size of wikipedia this is fine as you have tons of editors keeping it all in check. If its on your own little site then you will need to add some extensions and settings to keep your site safe from spam postings. For spam control, add the following Extensions: ConfirmEdit - Implements Captcha for signup http://www.mediawiki.org/wiki/Extension:ConfirmEdit NewUserNotif - Notification on user signup http://www.mediawiki.org/wiki/Extension:New_User_Email_Notification Nuke - Allow mass delete of user postings http://www.mediawiki.org/wiki/Nuke UserMerge - Merge one users postings into anothers http://www.mediawiki.org/wiki/Extension:User_Merge_and_Delete (a full listing of all of the extensions available can be found at http://www.mediawiki.org/wiki/Extension_Matrix) And then make the following changes to make to LocalSettings.php: #Require Valid Email to edit $wgEmailConfirmToEdit = true; #Nuke Extension - mass deletes require_once("$IP/extensions/Nuke/SpecialNuke.php"); #UserMerge Extension - allow deletes require_once( "$IP/extensions/UserMerge/UserMerge.php" ); $wgGroupPermissions['bureaucrat']['usermerge'] = true; #Captcha Extension require_once( "$IP/extensions/ConfirmEdit/ConfirmEdit.php" ); #New User Notification Extension require_once( "{$IP}/extensions/NewUserNotif/NewUserNotif.php" ); // Prevent anonymous users from editing $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['*']['createpage'] = false; $wgGroupPermissions['*']['createtalk'] = false; // Prevent registered, non-confirmed users from editing $wgGroupPermissions['user' ]['move'] = false; $wgGroupPermissions['user' ]['edit'] = false; $wgGroupPermissions['user' ]['createpage'] = false; $wgGroupPermissions['user' ]['createtalk'] = false; $wgGroupPermissions['user' ]['upload'] = false; $wgGroupPermissions['user' ]['reupload'] = false; $wgGroupPermissions['user' ]['reupload-shared'] = false; $wgGroupPermissions['user' ]['minoredit'] = false; $wgGroupPermissions['user' ]['delete'] = false; // Allow confirmed users to edit $wgGroupPermissions['confirmed' ]['move'] = false; $wgGroupPermissions['confirmed' ]['edit'] = true; $wgGroupPermissions['confirmed' ]['createpage'] = true; $wgGroupPermissions['confirmed' ]['createtalk'] = true; $wgGroupPermissions['confirmed' ]['upload'] = true; $wgGroupPermissions['confirmed' ]['reupload'] = true; $wgGroupPermissions['confirmed' ]['reupload-shared'] = true; $wgGroupPermissions['confirmed' ]['minoredit'] = true; $wgGroupPermissions['confirmed' ]['delete'] = true; Now a user will have to pass a captcha to sign up, you will be notified by mail when users do sign up and even after they do sucessfully sign up you will still need to add them to the 'confirmed' group before they can edit.
0 comment(s) so far...