Manual:MediaWiki Security Guide

This is the storage place of a book (collection of pages). You can load it from here, generate a PDF, let a book printed, edit it or otherwise update its content. Be reminded that when overwriting this book storage page with an updated version of the book, the previously assigned categories are not automatically copied to the recent version: you need to manually copy the categories from the former version. (Problem has been filed as enhancement request)
Please select an appropriate cover image for this book. See "Template:Saved book" for instructions."
This is a MediaWiki book, a collection of MediaWiki articles that can be easily saved, rendered electronically, and ordered as a printed book. For information and help on MediaWiki books in general, see Help:Books (general tips) and WikiProject Wikipedia-Books (questions and assistance).
PDF ]  [ epub ]  [ ODT ]  [ ZIM ]Open in Book Creator ]  [ Order Printed Book ]
[ About ] [ FAQ ] [ Feedback ] [ Help ] [ WikiProject ] [ Recent Changes ]

MediaWiki Security Guide (MSG) v1.7 2014-07-22 mwbook #02Edit

How to safely set up a MediaWiki server and write secure PHP and JavaScript code that is easy to review and auditEdit

Security for developers
Security for developers/Architecture
Security checklist for developers
Security (Manual and First-Aid advices)
Cross-site scripting (XSS, XSSI)
DOM-based XSS
Cross-site request forgery (CSRF)
Register globals
SQL injection (SQLi)
Database access
Securing database passwords
Configuring file uploads
Secure coding and code review for MediaWiki (Tutorial)