PmWiki has built-in support for password-protecting various areas of the wiki site. Passwords can be applied to individual pages, to WikiGroups, or to the entire wiki site. Note that the password protection mechanisms described here are only a small part of overall system (and wiki) security, see PmWiki.Security for more discussion of this. When accessing a password-protected page, leave the Username field blank. PmWiki supports several levels of access to wiki pages:
readpasswords allow viewing the contents of wiki pages
editpasswords control editing and modification of wiki pages
attrpasswords control who is able to set passwords on pages (and potentially other future attributes)
if uploads are enabled,Finally, there is an
uploadpasswords control uploading of files and attachments
adminaccess for the entire wiki site that allows an administrator to override the passwords set for any individual page or group. All passwords are stored in an encrypted format so that other users on the system cannot simply browse the contents of files to determine the passwords. By default, PmWiki is configured with empty
editpasswords for the whole site (allowing anyone to view or edit pages), the
attrpassword is locked for the Main and PmWiki groups, and the
adminpassword is locked entirely. You can unlock the attr password for either of those groups by accessing that group's attributes page, and entering
clearin the appropriate field (you'll need to set the global admin password to do this, since it's also locked by default). Global passwords for the wiki site are controlled by the $DefaultPasswords array in config.php. To set an admin password to "
mysecret" for a site, you can add the following line to config.php:
Of course, anyone able to view config.php would be able to find out your secret password, so we'd like to encrypt it somehow. Add
$DefaultPasswords['admin'] = crypt('mysecret');
&action=cryptto the end of any PmWiki URL (or jump to ThisWiki:?action=crypt ) and you'll be presented with a form to give you the encrypted form of the password. For example, when the crypt action is given the password "
mysecret", PmWiki gives back a string like
$1$hMMhCdfT$mZSCh.BJOidMRn4SOUUSi1(it may be different on your system). This can then be put directly into config.php as:
$DefaultPasswords['admin'] = '$1$hMMhCdfT$mZSCh.BJOidMRn4SOUUSi1';(Note: The crypt keyword and parenthesis have been removed, since the inserted text is already encrypted. The sample-config.php has the crypt keyword present, be sure to remove this when switching your passwords to pre-encrypted.) Note that the encrypted password has to be enclosed in single-quotes. Here, the password is still "
mysecret", but somebody looking at config.php won't be able to see that just from looking at the encrypted form. Crypt may give you different encryptions for the same password--this is normal (and makes it harder for someone else to determine the original password). Similarly, you can set
$DefaultPasswords['attr']to control default
attrpasswords for the entire site. The default passwords are used only for pages and groups which do not have passwords set. Also, any of these values may be arrays of encrypted passwords. In PmWiki, page passwords override group passwords, group passwords override the default passwords, and the admin password always allows access. This gives a great deal of flexibility in controlling access to wiki pages in PmWiki. You can also use the special password "nopass" (defined by the $AllowPassword variable) to have a non-password protected page within a password-protected group, or a non-password protected group with a site-wide default password set. To use PmWiki itself to set passwords on individual wiki pages and WikiGroups, see PmWiki.Passwords. << PerGroupCustomizations | PmWiki.DocumentationIndex | UploadsAdmin >>