What to Protect
Data Protection
Login mechanisms
MySQL
For access to the local instance of MySQL, one can add the entrypoint statement to docker-compose.yml.
version: '3'
services:
database:
image: xlp0/mariadb
restart: always
<red>entrypoint: mysqld_safe --skip-grant-tables --user=mysql</red>
environment:
# @see https://phabricator.wikimedia.org/source/mediawiki/browse/master/includes/DefaultSettings.php
MYSQL_DATABASE: my_wiki
MYSQL_USER: wikiuser
MYSQL_PASSWORD: example
MYSQL_RANDOM_ROOT_PASSWORD: 'yes'
volumes:
- ./mountPoint/mariadb:/var/lib/mysql
QRCode
QRCode-based login is popular in the WeChat user community. Open Source QRCode log-in code base can be found here[1][2][3].
Network Protection
Encryption and authentication are some basic network-based security measures. A practical tool for network protection is Reverse Proxy Service.
Nginx Reverse Proxy
A common practice to set up website is to use Nginx as a reverse proxy to direct web traffic through an encrypted channel, often called https. The following page on Nginx as Reverse Proxy shows how to do it.
License Protection
An article on how to set up licenses can be found here[4].
To add FooterIcons to MediaWiki, you may refer to this pageCite error: Invalid <ref>
tag; refs with no name must have content.