Summary: Setup internal wikis as https only
           Product: Wikimedia
           Version: unspecified
          Platform: All
        OS/Version: All
            Status: NEW
          Keywords: shell
          Severity: enhancement
          Priority: Normal
         Component: General/Unknown

>From wikitech-l thread:

Private wikis should require HTTPS by default.

Roughly this would need;
* Setup a server for this role and give it an external ip.
* Configure to answer https: with the star certificate and then perform the
normal wiki routing.
* Redirect http to https.
* Change usage of bits load.php to the local one (avoid mixed content warnings
and protect against active attackers).
* Change the dns records to the new ip.
* Profit!

No need for caching layer in front of it, as anonymous users can't read it. If
there were, $wgCookieSecure may need to be manually set.

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are on the CC list for the bug.

Wikibugs-l mailing list

Reply via email to