MediaWiki
MediaWiki (hereinafter, the Software) is a free and open-source wiki software. The Software was originally developed for Wikipedia, but now the Software runs on many websites and has become the dominant software in its category. The Software is written in the PHP programming language and stores the contents into a set of databases.
The software is optimized to efficiently handle large projects, which can have terabytes of content and hundreds of thousands of hits per second. According to MediaWiki, achieving scalability through multiple layers of caching and database replication has been a major concern for developers. The software has more than 900 configuration settings and more than 1,900 extensions available for enabling various features to be added or changed.
On Wikipedia alone, more than 1000 automated and semi-automated bots and other tools have been developed to assist in editing. It has also been deployed by some companies as an internal knowledge management system, and some educators have assigned students to use the Software for collaborative group projects.
Contents
Permitted user roles
Permitted user roles are specific access and ability permissions that can be assigned to customizable user groups.
Any user
- Any user (including anonymous) is permitted to use the following functions in the version of the Software that is used for CNM Wikiware.
Category Right Description User groups that have this right Reading read When set to false, override for specific pages with WhitelistRead *, user Editing createaccount createaccount - register / registration *, sysop createpage createpage - requires the edit right *, user createtalk createtalk - requires the edit right *, user edit edit *, user Management editmyoptions editmyoptions * editmyprivateinfo editmyprivateinfo * editmyusercss editmyusercss * editmyuserjs editmyuserjs * editmywatchlist editmywatchlist * viewmyprivateinfo viewmyprivateinfo * viewmywatchlist viewmywatchlist * Technical writeapi writeapi *, user, bot
Registered user
- Any user with his or her registered account, when he or she is identified, is permitted to use the following functions in the version of the Software that is used for CNM Wikiware.
Category Right Description User groups that have this right Reading read When set to false, override for specific pages with WhitelistRead *, user Editing applychangetags applychangetags user createpage requires the edit right *, user createtalk requires the edit right *, user edit edit *, user upload requires the edit right user, sysop reupload requires the upload right user, sysop reupload-shared (if one is set up) with local files (requires the upload right) user, sysop sendemail sendemail user Management changetags changetags - currently unused by extensions user editmyuserjson editmyuserjson user Technical minoredit minoredit user purge purge - URL parameter user writeapi writeapi *, user, bot
Autoconfirmed
- Any user with his or her registered account, when he or she is identified, (1) confirmed that his or her age confirms requirements established by the Software and has at least as many edits as established by the Software, is permitted to use the following functions in the version of the Software that is used for CNM Wikiware.
Category Right Description User groups that have this right Editing editsemiprotected editsemiprotected - without cascading protection autoconfirmed, sysop Technical autoconfirmed autoconfirmed - used for the 'autoconfirmed' group, see the other table below for more information autoconfirmed, bot, sysop
Bot
accounts with the bot right (intended for automated scripts). |autoconfirmed, autopatrol, apihighlimits, bot, editsemiprotected, nominornewtalk, suppressredirect, writeapi
Category Right Description User groups that have this right Administration autopatrol $wgUseRCPatrol must be true bot, sysop Technical apihighlimits apihighlimits bot, sysop autoconfirmed used for the 'autoconfirmed' group, see the other table below for more information autoconfirmed, bot, sysop bot bot - can optionally be viewed bot nominornewtalk nominornewtalk - requires minor edit right bot suppressredirect suppressredirect bot, sysop writeapi writeapi *, user, bot
Sysop
users who by default can delete and restore pages, block and unblock users, et cetera.
Category Right Description User groups that have this right Editing editprotected editprotected - without cascading protection sysop editsemiprotected editsemiprotected - without cascading protection autoconfirmed, sysop createaccount createaccount - register / registration *, sysop move requires the edit right sysop move-categorypages requires the move right sysop move-rootuserpages requires the move right sysop move-subpages requires the move right sysop movefile requires the move right and $wgAllowImageMoving to be true sysop upload upload - requires the edit right user, sysop upload_by_url upload_by_url - requires the upload right sysop reupload reupload - requires the upload right user, sysop reupload-shared reupload-shared - (if one is set up) with local files (requires the upload right) user, sysop Management bigdelete bigdelete sysop block Block options include preventing editing and registering new accounts, and autoblocking other users on the same IP address sysop blockemail allows preventing use of the Emailuser interface when blocking sysop browsearchive through Special:Undelete sysop delete allows the deletion or undeletion of pages. For undeletions, there is now the 'undelete' right, see below sysop deletedhistory deletedhistory sysop deletedtext deletedtext sysop editinterface contains interface messages sysop markbotedits see Rollback sysop mergehistory mergehistory sysop patrol patrol - $wgUseRCPatrol must be true sysop protect protect sysop rollback rollback sysop unblockself Without it, an administrator that has the capability to block cannot unblock themselves if blocked by another administrator sysop undelete undelete sysop editsitecss editsitecss sysop editsitejs editsitejs sysop Administration autopatrol $wgUseRCPatrol must be true bot, sysop import transwiki sysop importupload importupload sysop managechangetags currently unused by extensions sysop unwatchedpages lists pages that no user has watchlisted sysop Technical apihighlimits apihighlimits bot, sysop autoconfirmed used for the 'autoconfirmed' group, see the other table below for more information autoconfirmed, bot, sysop ipblock-exempt ipblock-exempt sysop noratelimit not affected by rate limits sysop, bureaucrat suppressredirect suppressredirect bot, sysop
Bureaucrat
Users who by default can change other users' rights.
Category Right Description User groups that have this right Management userrights Allows the assignment or removal of all* groups to any user. With $wgAddGroups and $wgRemoveGroups, you can set the possibility to add/remove certain groups instead of all bureaucrat Administration noratelimit Not affected by rate limits sysop, bureaucrat
Legacy functions and roles
Category Right Description User groups that have this right Editing autocreateaccount a more limited version of createaccount reupload-own requires the upload right (note that this is not needed if the group already has the reupload right) Management deletelogentry allows deleting/undeleting information (action text, summary, user who made the action) of specific log entries (not available by default) editcontentmodel editcontentmodel editsitejson editsitejson interface-admin edituserjson edituserjson interface-admin hideuser (not available by default) Only users with 1000 edits or less can be suppressed by default. Use HideUserContribLimit to disable. pagelang $wgPageLanguageUseDB must be true patrolmarks patrolmarks suppressionlog suppressionlog suppressrevision (not available by default) userrights-interwiki userrights-interwiki viewsuppressed i.e. a more narrow alternative to "suppressrevision" (not available by default) Administration siteadmin which blocks all interactions with the web site except viewing. Disabled by default
Security
As any open-source software, the Wiki is vulnerable to external attacks:
- https://www.mediawiki.org/wiki/Manual:Security
- https://www.mediawiki.org/wiki/Security_for_developers