Thanks for the info Ian. Your suggestion to use <Limit POST> worked great..
My other questions relate around permissions. I would like to
be able to lock down my site so that it's read only to the
general public, with only a group of editorshaving permission
to make changes. Any idea how I would go about doing this?
This is probably the most requested feature of Kwiki and I can
assure you that Brian is hacking away at it. In the meantime,
you might want to try limiting POST methods to Kwiki in a
.htaccess file:
<Limit POST>
AuthType Basic
AuthName 'Kwiki editors'
...
</Limit>
While this wouldn't stop a determined hacker -- e.g., one that was determined enough to push a page change through a really long URL request -- this might provide a temporary deterrant.
(This is in theory, as I actually haven't tried it yet. If you need further assistance, please ask.)
