Peter & Melodye Bowers <[EMAIL PROTECTED]> wrote: > Can it be set up to use https or some other way of up'ing security?
https has nothing to do with pmwiki. Everything running behind http can be run tunneled using TLS/SSL. This is purely webserver config, and an issue between server and client. Using httpS is safer, because the access password to pmwiki admin would then not travel over the networks in the open. This issue is even of lesser importance with wiki systems, because 'damage' is reversible. It's much worse for webmail, webforums, webforms or CMSs, for example. > Are wikis inherently less secure than other types of web technology? > Is PmWiki in use in any environments that require significant security > that I could use as a recommendation for this guy? If its any consolation: I maintain/admin 6 separate websites based entirely on pmwiki for almost 5 years now, some for commercial use (people providing private data, sent through pmwiki-driven site by email) with actual third party companies behind it (not me, I only provided a pmwiki start for them, or hosting and/or serverspace with a pmwiki-base), and *none* of them have ever seen their websites compromised in ANY way! This is of particular importance because a couple of them are hosted at Servage, which has had some of their servers compromised, yet none of my pmwiki sites up there have suffered any issues because of it (other websites, based on Worpress, phpbb, and other CMSs, on the other hand DID suffer from those defacement and spam/phising problems). I think it is safe to say that pmwiki's security has not disappointed me, ever. Much of this is, I think, thanks to the splendid and elaborate explanations on hardening its security, which you can find all over the PMwiki website. -- Adios Julius http://jult.net _______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
