How To Make Your MediaWiki Private

USE THIS INFORMATION AT YOUR OWN RISK. Any information found on this website is offered only as informational and includes no warranty, guarantees or support. The author claims no authority on any subject whatsoever.

I've been using an amalgamation of hacks to track all the information I want to be able to recall later: for bookmarks, gmail for contacts and random notes, private blog entries for some organized content, and tracks for tracking projects. Blech. It's just too much. My memory is too weak. What I really want is a comprehensive PIM (Personal Informatio Manager). And so I installed MediaWiki because that's what Wikipedia uses and that's what Dreamhost offers as a One-Click Install (e.g. the path of least resistance).

I thought I'd share with you all the the process of customizing the default install to create a private wiki. Following are the specifics to my install but this will probably be helpful to many with a different host or newer version.

  • Create a subdomain for your MediaWiki install, such as, Select PHP 5.x (not 4.4.2) and leave Extra Web Security.
  • Install MediaWiki. Dreamhost walks you through this and it's also covered at the Dreamhost Wiki so I'm not going to go into detail here. But be sure to move the newly generated LocalSettings.php to the parent directory, and delete the config directory with its content.
  • Chmod LocalSettings.php to 600
  • Create a backup copy of LocalSettings.php, rename it something like .BAK instead of .PHP or something. Put it back in your Wiki install directory right away so it's safe and available if you need it later.

Restrict Wiki Access

Before bothering to put up our own cute logo or other fun stuff like enabling image linking and using clean urls, we're going to lock down our install. I didn't find a lot for this particular intent on the official MediaWiki Docs or the Dreamhost Wiki, but I did find this old Meta Wiki Article

  • Prevent new user registrations. Add the following line to the bottom of LocalSettings.PHP:
    # This snippet prevents new registrations from anonymous users
    # (Sysops can still create user accounts)
    $wgGroupPermissions['*']['createaccount'] = false;
  • Make sure it's working by trying to create an account. You should receive an error message that says username not found, please create an account. To change the message login as yourself (you should have set up a Sysop login when you configured your wiki) and point your browser to
    I changed my message to:
    There is no user by the name "$1". This wiki is private and therefore closed to new accounts. Please contact Mahalie if you have any questions.
    I intentionally failed to provide contact information. If a user doesn't even know how to contact me, they really don't need an account on my private wiki!
  • Prevent anonymous users from reading by adding the following to LocalSettings.php: # Disable reading line, for anonymous (not-logged-in => * ) :
    $wgGroupPermissions['*']['read'] = false;

    # ... and enable anonymous to read the followings pages :
    $wgWhitelistRead = array( "Main Page", "Special:Userlogin", "-", "MediaWiki:Monobook.css" );

    # ... same in an other language (French, with one UTF-8 special characteres) :
    # $wgWhitelistRead = array( "Page Principale", "Special:Userlogin", utf8_encode('Aide en français'));
  • Verify setting by logging out of your wiki and attempting to browse. You should get a 'Login Required. You must login to view other pages.' when clicking on any local link and the page should redirect to the main page after a few seconds.
  • If you want to hide the side navigation if the user isn't logged in (because, perhaps you have private project names or something) edit includes/Skin.php and change the function buildSidebar(). Add these lines near the very top, after the globals.: global $wgUser; if (! $wgUser->isLoggedIn()) { return array(); } This will hide the navigation on sup-pages (not the default main page)

p.s. WebWorkerDaily just published 15 Productive Uses for a Wiki in case you're wondering why someone would want to do this!

Update: Check out a new tutorial on Lifehacker, Customize Mediawiki Into Your Ultimate Collaborative Website - it's not a PIM implementation but it offers some good information on quickly re-skinning and mods to consider.

56 thoughts on “How To Make Your MediaWiki Private”

  1. 2012 & still running strong! I found this page incredibly useful for locking down our wiki that’s begin sued for a knowledgebase. Thank you for taking the time to share this information!

  2. 2012 & still running strong! I found this page incredibly useful for locking down our wiki that’s begin used for a knowledgebase. Thank you for taking the time to share this information!

    ** fixed a type-o, we’re not being sued, it’s being used **

  3. Thank you. I couldn’t find “How to prevent user creation” anywhere in the documentation.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>