網站建置技術文件
開放以LDAP帳號登入認證
1、在 /usr/local/etc/openldap/ldap.conf 中加上一行
- TLS_REQCERT never
2、修改MediaWiki設定檔LocalSettings.php,增加以下內容:
- require_once( 'extensions/LdapAuthentication.php');
- $wgAuth = new LdapAuthenticationPlugin();
- $wgLDAPDomainNames = array("Portal");
- $wgLDAPEncryptionType = array('Portal' => 'ssl');
- $wgLDAPServerNames = array("Portal"=>"140.115.17.30");
- $wgLDAPSearchStrings = array("Portal"=>"uid=USER-NAME,ou=People,dc=cc,dc=ncu");$wgLDAPUseLocal = true;
- $wgLDAPAddLDAPUsers = false;
- $wgLDAPUpdateLDAP = false;
- $wgLDAPMailPassword = false;
- $wgLDAPRetrievePrefs = false;
- $wgMinimalPasswordLength = 1;
開放上傳檔案,並設限檔案副檔名類別
1、修改MediaWiki設定檔LocalSettings.php,增加以下內容:
- $wgEnableUploads = true;
- $wgFileExtensions = array( 'png', 'gif', 'jpg', 'jpeg', 'doc', 'xls', 'ppt', 'pdf', 'docx', 'xlsx', 'pptx', 'vsd', 'pps' );
- $wgFileBlacklist = array('html', 'htm', 'js', 'jsb','php', 'phtml', 'php3', 'php4', 'phps','shtml', 'jhtml', 'pl', 'py', 'cgi','exe', 'scr', 'dll', 'msi', 'vbs', 'bat', 'com', 'pif', 'cmd', 'vxd', 'cpl' );
禁止一般使用者建立新帳號
1、修改MediaWiki設定檔LocalSettings.php,增加以下內容:
- $wgGroupPermissions['*']['createaccount'] = false;
- $wgGroupPermissions['sysop']['createaccount'] = true;