InitialPasswords
Default Setting
Out of the box, PmWiki's password setup is this:
- The read and edit actions are unlocked.
- Note: The edit action also covers page history, because restoring a page involves editing it.
- Exception: the Site wikigroup is locked for the edit, change page attributes, and upload actions.
- Exception: the SiteAdmin wikigroup is locked for the read, edit, change page attributes, and upload actions.
- The change page attributes action is locked for the Main, PmWiki, SiteAdmin, and Site wikigroups.
- The upload action is locked for the entire site.
These are good defaults, since normally you should not let just anyone edit pages in the Site and SiteAdmin groups, muck about with the permissions on Main, PmWiki, SiteAdmin, and Site, or upload files.
- Note
- The default SideBar is Site.SideBar and is locked for editing by default. If you want others to be able to edit the SideBar you will need to set on Site.SideBar?action=attr the edit password
@nopass:
(meaning NO password). You would first need to set an admin password in
config.php
.
What Passwords to Set
Let us assume that the wiki administrator should be able to
- Edit the Site group
- Change permissions on the Main, PmWiki, SiteAdmin, and Site groups
- Upload files.
Regular users should be able to
- Upload files.
To make this possible, the wiki administrator should:
- Set an admin password. This password will be accepted by all PmWiki password prompts, across the entire site, for all actions.
- Set an upload password. This will allow users who know the password to upload files. If there should not be an upload password, just set it to empty...after reading Uploads Admin.
If you don't want random strangers editing the wiki, you should also set an edit password.
Instructions on setting the passwords are in Passwords Admin.
Categories: Security
This page may have a more recent version on pmwiki.org: PmWiki:InitialPasswords, and a talk page: PmWiki:InitialPasswords-Talk.