MySQL installation. According to MediaWiki's Manual:Securing database passwords: ...

We are trying to harden an Apache/MediaWiki/MySQL installation. According to MediaWiki's Manual:Securing database passwords:

... many Unix/Linux users can simply secure LocalSettings.php just by setting its permissions with chmod 600 as recommended in LocalSettings.php#Security. Such users need read no further.

I'm speculating the above presumes LocalSettings.php is owned by apache or similar. If ownership was root:apache, then I'm guessing the recommendation would probably be 0660.

Why does Apache need write access LocalSettings.php?

10.01% popularity Vote Up Vote Down

: How can I target specific countries with global site under gTLD using sub-directory for each targeted country? We're building a global platform for a large client who want a range of sites targeting

@Merenda212

Posted in: #Domains #Internationalization #Seo

2 Comments

: Will there be conflict if there is two account with the same domain? What will happen if more than one account on the same server is using the same domain? For instance in shared hosting,

@Merenda212

Posted in: #Dns #Domains #Server

1 Comments

: Is custom google Plus button allowed by Google? I wanted to know if it's allowed to use custom Google Plus and Twitter social share buttons. I've seen many jQuery plugins using custom designed

@Merenda212

Posted in: #SocialSharingButtons

1 Comments

: Does when configuring a new Google Analytics account from the old impact search engine optimization? The current Google Analytics account had been set-up by another party and we are looking at

@Merenda212

Posted in: #GoogleAnalytics #GoogleSearchConsole #Seo

1 Comments

Login to post a comment!

1 Comments

Sorted by latest first Latest Oldest Best

@Megan663

Some people on shared hosting or other hosting without SSH/FTP access may alter their configuration filed via a web interface. There are some extensions, like Configure, which perhaps need changing the configuration. The wiki sysadmin doesn't necessarily have root rights hence the file owner, whatever it is, needs to write on the file.

Simply, the advice on the manual is the most general one. 600 might be unneeded, but the point of the advice is to set 600.

10% popularity Vote Up Vote Down

Feed

: Why does Apache need write access to MediaWiki's LocalSettings.php? We are trying to harden an Apache/MediaWiki/MySQL installation. According to MediaWiki's Manual:Securing database passwords: ...

More posts by @Merenda212

: How can I target specific countries with global site under gTLD using sub-directory for each targeted country? We're building a global platform for a large client who want a range of sites targeting

: Will there be conflict if there is two account with the same domain? What will happen if more than one account on the same server is using the same domain? For instance in shared hosting,

: Is custom google Plus button allowed by Google? I wanted to know if it's allowed to use custom Google Plus and Twitter social share buttons. I've seen many jQuery plugins using custom designed

: Does when configuring a new Google Analytics account from the old impact search engine optimization? The current Google Analytics account had been set-up by another party and we are looking at

Login to post a comment!

1 Comments

Back to top | Use Dark Theme