Compare commits
9 Commits
1a5ce86de6
...
53a1567ebf
Author | SHA1 | Date |
---|---|---|
Ben Spiegel | 53a1567ebf | |
Starbeamrainbowlabs | 8ace93e518 | |
Starbeamrainbowlabs | 242a9909ec | |
Starbeamrainbowlabs | 34f003ace9 | |
Starbeamrainbowlabs | f787d39f45 | |
Starbeamrainbowlabs | 9ec386dc24 | |
Starbeamrainbowlabs | 11bc915990 | |
Starbeamrainbowlabs | f0289692d1 | |
Benjamin Spiegel | ff437562e3 |
|
@ -0,0 +1,12 @@
|
|||
{
|
||||
"cSpell.words": [
|
||||
"admindetails",
|
||||
"aeiou",
|
||||
"bcdfghjklmnpqrstvwxyz",
|
||||
"flameborn",
|
||||
"peppermintywiki",
|
||||
"returnto",
|
||||
"sitename",
|
||||
"sqlatenwiki"
|
||||
]
|
||||
}
|
|
@ -13,6 +13,7 @@ This is the next release of Pepperminty Wiki, that hasn't been released yet.
|
|||
- **Fixed:** [Rest API] Documented `redirect` and `redirected_from` GET params to the `view` action.
|
||||
- **Fixed:** Fixed bug where templating variables were not populated under some circumstances.
|
||||
- **Fixed:** Typo on credits page
|
||||
- **Fixed:** Typos in user table
|
||||
|
||||
## v0.24-beta1
|
||||
|
||||
|
|
|
@ -68,7 +68,7 @@ docker run -d sqlatenwiki/peppermintywiki:stable
|
|||
|
||||
|
||||
## Security
|
||||
If you've found a security issue, please don't open an issue. Instead, get in touch privately - e.g. via [Keybase](https://keybase.io/sbrl) or by email (`security [at sign] starbeamrainbowlabs [replace me with a dot] com`), and I'll try to respond ASAP.
|
||||
If you've found a security issue, please don't open an issue. Instead, get in touch privately - e.g. via email (`security [at sign] starbeamrainbowlabs [replace me with a dot] com`), and I'll try to respond ASAP.
|
||||
|
||||
If you would like to encrypt any communications with me, you can find my GPG key [here](https://starbeamrainbowlabs.com/sbrl.asc).
|
||||
|
||||
|
|
|
@ -9,4 +9,3 @@ Additional methods of contact:
|
|||
|
||||
- The email address attached to my commits
|
||||
- My various profiles listed on my website: <https://starbeamrainbowlabs.com/>
|
||||
- Twitter: <https://twitter.com/SBRLabs>
|
||||
|
|
|
@ -21,6 +21,9 @@
|
|||
4. See the [Configuring](06-Configuration.html) section for information on how to customise your installation, including the default login credentials.
|
||||
5. Ensure you configure your web server to block access to `peppermint.json`, as this contains all your account details (including your hashed password!)
|
||||
|
||||
### Blocking access to pepppermint.json
|
||||
|
||||
#### Nginx
|
||||
For those running Nginx, this configuration snippet should block access to `peppermint.json`:
|
||||
|
||||
```nginx
|
||||
|
@ -29,6 +32,7 @@ location /peppermint.json {
|
|||
}
|
||||
```
|
||||
|
||||
#### Apache
|
||||
If you are running Apache, then the following configuration snippet should block access to `peppermint.json` (credit: [@viradpt](https://github.com/sbrl/Pepperminty-Wiki/issues/224#issuecomment-912683114)):
|
||||
|
||||
```htaccess
|
||||
|
@ -38,6 +42,32 @@ If you are running Apache, then the following configuration snippet should block
|
|||
</Files>
|
||||
```
|
||||
|
||||
#### Lighttpd
|
||||
If you're running lighttpd, then you need to load the `mod_access` module:
|
||||
|
||||
```lighttpd
|
||||
server.modules += ( "mod_access" )
|
||||
```
|
||||
|
||||
If you already have a `server.modules` directive, simply add `mod_access` to the list if you haven't already. Then, just block access like so:
|
||||
|
||||
```lighttpd
|
||||
$HTTP["url"] =~ "^/peppermint.json" {
|
||||
url.access-deny = ("")
|
||||
}
|
||||
```
|
||||
|
||||
#### Caddy
|
||||
The Caddy web server makes it easy to block files. Add this to your `server` block if you have one, or if not just to the end of your Caddyfile:
|
||||
|
||||
```caddy
|
||||
@blocked {
|
||||
path *peppermint.json
|
||||
}
|
||||
respond @blocked 403
|
||||
```
|
||||
|
||||
#### Microsoft IIS
|
||||
For those running IIS, the following will grant the appropriate read and write permissions to the IIS_IUSRS group, and prevent the peppermint.json file from being retrieved.
|
||||
|
||||
Open an elevated (administrator) Command Prompt and run the following.
|
||||
|
@ -59,6 +89,7 @@ icacls . /grant IIS_IUSRS:(OI)(CI)RXWM
|
|||
ENDLOCAL
|
||||
```
|
||||
|
||||
#### Other web servers
|
||||
If you aren't running any of these web servers and have a configuration snippet to share for your web server, please [open an issue](https://github.com/sbrl/Pepperminty-Wiki/issues/new) to get in touch - and then we can add your configuration snippet to improve this documentation for everyone.
|
||||
|
||||
|
||||
|
|
|
@ -134,7 +134,7 @@ register_module([
|
|||
"timestamp" => time(),
|
||||
"page" => $env->page,
|
||||
"user" => $env->user,
|
||||
"reply_depth" => $comment_thread !== null ? count($comment_thread) : 0,
|
||||
"reply_depth" => isset($comment_thread) ? count($comment_thread) : 0,
|
||||
"comment_id" => $new_comment->id
|
||||
]);
|
||||
}
|
||||
|
|
|
@ -5,9 +5,9 @@
|
|||
|
||||
register_module([
|
||||
"name" => "User Organiser",
|
||||
"version" => "0.1.2",
|
||||
"version" => "0.1.3",
|
||||
"author" => "Starbeamrainbowlabs",
|
||||
"description" => "Adds a organiser page that lets moderators (or better) control the reegistered user accounts, and perform adminstrative actions such as password resets, and adding / removing accounts.",
|
||||
"description" => "Adds a organiser page that lets moderators (or better) control the registered user accounts, and perform administrative actions such as password resets, and adding / removing accounts.",
|
||||
"id" => "feature-user-table",
|
||||
"code" => function() {
|
||||
global $settings, $env;
|
||||
|
@ -149,7 +149,7 @@ https://github.com/sbrl/Pepperminty-Wiki/
|
|||
");
|
||||
|
||||
$content = "<h2>Add User</h2>
|
||||
<p>The new user was added to $settings->sitename sucessfully! Their details are as follows:</p>
|
||||
<p>The new user was added to $settings->sitename successfully! Their details are as follows:</p>
|
||||
<ul>
|
||||
<li>Username: <code>$new_username</code></li>";
|
||||
if(!empty($new_email))
|
||||
|
@ -282,7 +282,7 @@ Powered by Pepperminty Wiki
|
|||
});
|
||||
|
||||
|
||||
if($env->is_admin) add_help_section("949-user-table", "Managing User Accounts", "<p>As a moderator on $settings->sitename, you can use the <a href='?action=user-table'>User Table</a> to adminstrate the user accounts on $settings->sitename. It allows you to perform actions such as adding and removing accounts, and resetting passwords.</p>");
|
||||
if($env->is_admin) add_help_section("949-user-table", "Managing User Accounts", "<p>As a moderator on $settings->sitename, you can use the <a href='?action=user-table'>User Table</a> to administrate the user accounts on $settings->sitename. It allows you to perform actions such as adding and removing accounts, and resetting passwords.</p>");
|
||||
}
|
||||
]);
|
||||
/**
|
||||
|
|
Loading…
Reference in New Issue