CINXE.COM

<!DOCTYPE html> <html lang="es" dir="ltr" class="no-js"> <head> <meta charset="utf-8" /> <title>es:security [DokuWiki]</title> <meta name="generator" content="DokuWiki"/> <meta name="theme-color" content="#008800"/> <meta name="robots" content="index,follow"/> <meta name="keywords" content="es,security"/> <link rel="search" type="application/opensearchdescription+xml" href="/lib/exe/opensearch.php" title="DokuWiki"/> <link rel="start" href="/"/> <link rel="contents" href="/es:security?do=index" title="Índice"/> <link rel="manifest" href="/lib/exe/manifest.php"/> <link rel="alternate" type="application/rss+xml" title="Cambios recientes" href="/feed.php"/> <link rel="alternate" type="application/rss+xml" title="Espacio de nombres actual" href="/feed.php?mode=list&ns=es"/> <link rel="edit" title="Editar esta página" href="/es:security?do=edit"/> <link rel="alternate" type="text/html" title="HTML sencillo" href="/_export/xhtml/es:security"/> <link rel="alternate" type="text/plain" title="Etiquetado Wiki" href="/_export/raw/es:security"/> <link rel="canonical" href="https://www.dokuwiki.org/es:security"/> <link rel="stylesheet" href="/lib/exe/css.php?t=dokuwiki&tseed=f1005bad3d81fc9c803c7f93d32a390e"/> <link rel="alternate" hreflang="en" href="https://www.dokuwiki.org/security"/> <link rel="alternate" hreflang="de" href="https://www.dokuwiki.org/de:security"/> <link rel="alternate" hreflang="fr" href="https://www.dokuwiki.org/fr:security"/> <link rel="alternate" hreflang="it" href="https://www.dokuwiki.org/it:security"/> <link rel="alternate" hreflang="ja" href="https://www.dokuwiki.org/ja:security"/> <link rel="alternate" hreflang="ko" href="https://www.dokuwiki.org/ko:security"/> <link rel="alternate" hreflang="pl" href="https://www.dokuwiki.org/pl:security"/> <link rel="alternate" hreflang="ru" href="https://www.dokuwiki.org/ru:security"/> <link rel="alternate" hreflang="uk" href="https://www.dokuwiki.org/uk:security"/> <link rel="alternate" hreflang="zh" href="https://www.dokuwiki.org/zh:security"/> <link rel="alternate" hreflang="x-default" href="https://www.dokuwiki.org/security"/> <script >var NS='es';var JSINFO = {"plugins":{"edittable":{"default columnwidth":""}},"id":"es:security","namespace":"es","ACT":"show","useHeadingNavigation":0,"useHeadingContent":0};(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement);</script> <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.4/jquery.min.js" defer="defer"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js" defer="defer"></script> <script src="/lib/exe/js.php?t=dokuwiki&tseed=f1005bad3d81fc9c803c7f93d32a390e&lang=es" defer="defer"></script> <meta name="viewport" content="width=device-width,initial-scale=1" /> <link rel="shortcut icon" href="/lib/tpl/dokuwiki/images/favicon.ico" /> <link rel="apple-touch-icon" href="/lib/tpl/dokuwiki/images/apple-touch-icon.png" /> <meta name="verify-v1" content="OVxl3gsCv2MhZqh1cBQyl0JytWXSwXMjyvwc+4w3WtA=" /> <meta name="google-site-verification" content="YhTVK69hW94ZXUtc2zSLPxTkZKbZIn0zK67mz5WQB-E" />  <script async src="https://www.googletagmanager.com/gtag/js?id=UA-83791-1"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'UA-83791-1', { 'anonymize_ip': true }); </script> </head> <body> <div id="dokuwiki__site"><div id="dokuwiki__top" class="site dokuwiki mode_show tpl_dokuwiki showSidebar hasSidebar">  <header id="dokuwiki__header"><div class="pad group"> <div class="headings group"> <ul class="a11y skip"> <li><a href="#dokuwiki__content">Saltar a contenido</a></li> </ul> <h1 class="logo"><a href="/start" accesskey="h" title="Inicio [h]"><img src="/lib/tpl/dokuwiki/images/logo.png" width="64" height="64" alt="" /><span>DokuWiki</span></a></h1> <p class="claim">It's better when it's simple</p> </div> <div class="tools group">  <div id="dokuwiki__usertools"> <h3 class="a11y">Herramientas de usuario</h3> <ul> <li class="action login"><a href="/es:security?do=login&sectok=" title="Conectarse" rel="nofollow"><span>Conectarse</span><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M10 17.25V14H3v-4h7V6.75L15.25 12 10 17.25M8 2h9a2 2 0 0 1 2 2v16a2 2 0 0 1-2 2H8a2 2 0 0 1-2-2v-4h2v4h9V4H8v4H6V4a2 2 0 0 1 2-2z"/></svg></a></li> </ul> </div>  <div id="dokuwiki__sitetools"> <h3 class="a11y">Herramientas del sitio</h3> <form action="/start" method="get" role="search" class="search doku_form" id="dw__search" accept-charset="utf-8"><input type="hidden" name="do" value="search" /><input type="hidden" name="id" value="es:security" /><div class="no"><input name="q" type="text" class="edit" title="[F]" accesskey="f" placeholder="Buscar" autocomplete="on" id="qsearch__in" value="" /><button value="1" type="submit" title="Buscar">Buscar</button><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form> <div class="mobileTools"> <form action="/doku.php" method="get" accept-charset="utf-8"><div class="no"><input type="hidden" name="id" value="es:security" /><select name="do" class="edit quickselect" title="Herramientas"><option value="">Herramientas</option><optgroup label="Herramientas de la página"><option value="edit">Editar esta página</option><option value="revisions">Revisiones antiguas</option><option value="backlink">Enlaces a esta página</option></optgroup><optgroup label="Herramientas del sitio"><option value="recent">Cambios recientes</option><option value="media">Administrador de Ficheros</option><option value="index">Índice</option></optgroup><optgroup label="Herramientas de usuario"><option value="login">Conectarse</option></optgroup></select><button type="submit">></button></div></form> </div> <ul> <li class="action recent"><a href="/es:security?do=recent" title="Cambios recientes [r]" rel="nofollow" accesskey="r">Cambios recientes</a></li><li class="action media"><a href="/es:security?do=media&ns=es" title="Administrador de Ficheros" rel="nofollow">Administrador de Ficheros</a></li><li class="action index"><a href="/es:security?do=index" title="Índice [x]" rel="nofollow" accesskey="x">Índice</a></li> </ul> </div> </div>  <div class="breadcrumbs"> <div class="trace"><span class="bchead">Traza:</span> <span class="bcsep">•</span> <span class="curid"><bdi><a href="/es:security" class="breadcrumbs" title="es:security">security</a></bdi></span></div> </div> <hr class="a11y" /> </div></header> <div class="wrapper group">  <nav id="dokuwiki__aside" aria-label="Barra lateral"><div class="pad aside include group"> <h3 class="toggle">Barra lateral</h3> <div class="content"><div class="group"> <div class="notify">Esta traducción es más antigua que la <a href="/security" class="wikilink1">página original</a> y podría estar obsoleta. Ver lo que <a href="/security?do=diff&rev=1655654861" class="wikilink1">ha cambiado</a>.</div><div class="plugin_translation is-dropdown"><span class="title">Traducciones de esta página<sup><a href="/localization" class="wikilink1" title="localization" data-wiki-id="localization">?</a></sup>: </span><ul><li class="a"><a class="wikilink1" title="English" href="/security">English (en)</a></li><li class="a"><a class="wikilink2" title="|العربية" href="/ar:security">|العربية (ar)</a></li><li class="a"><a class="wikilink2" title="Català" href="/ca:security">Català (ca)</a></li><li class="a"><a class="wikilink2" title="Česky" href="/cs:security">Česky (cs)</a></li><li class="a"><a class="wikilink2" title="Dansk" href="/da:security">Dansk (da)</a></li><li class="a"><a class="wikilink1" title="Deutsch" href="/de:security">Deutsch (de)</a></li><li class="a"><a class="wikilink2" title="Ελληνικά" href="/el:security">Ελληνικά (el)</a></li><li class="a"><a class="wikilink2" title="Esperanto" href="/eo:security">Esperanto (eo)</a></li><li class="span"><span class="wikilink1" title="Español">Español (es)</span></li><li class="a"><a class="wikilink2" title="فارسی" href="/fa:security">فارسی (fa)</a></li><li class="a"><a class="wikilink1" title="Français" href="/fr:security">Français (fr)</a></li><li class="a"><a class="wikilink2" title="עברית" href="/he:security">עברית (he)</a></li><li class="a"><a class="wikilink2" title="Magyar" href="/hu:security">Magyar (hu)</a></li><li class="a"><a class="wikilink1" title="Italiano" href="/it:security">Italiano (it)</a></li><li class="a"><a class="wikilink1" title="日本語" href="/ja:security">日本語 (ja)</a></li><li class="a"><a class="wikilink1" title="한국어" href="/ko:security">한국어 (ko)</a></li><li class="a"><a class="wikilink2" title="Lietuvių Kalba" href="/lt:security">Lietuvių Kalba (lt)</a></li><li class="a"><a class="wikilink2" title="Nederlands" href="/nl:security">Nederlands (nl)</a></li><li class="a"><a class="wikilink2" title="Norsk" href="/no:security">Norsk (no)</a></li><li class="a"><a class="wikilink1" title="Polski" href="/pl:security">Polski (pl)</a></li><li class="a"><a class="wikilink2" title="Português" href="/pt-br:security">Português (pt-br)</a></li><li class="a"><a class="wikilink2" title="Română" href="/ro:security">Română (ro)</a></li><li class="a"><a class="wikilink1" title="Русский" href="/ru:security">Русский (ru)</a></li><li class="a"><a class="wikilink2" title="Српски Језик" href="/sr:security">Српски Језик (sr)</a></li><li class="a"><a class="wikilink2" title="Svenska" href="/sv:security">Svenska (sv)</a></li><li class="a"><a class="wikilink2" title="ไทย" href="/th:security">ไทย (th)</a></li><li class="a"><a class="wikilink1" title="Українська" href="/uk:security">Українська (uk)</a></li><li class="a"><a class="wikilink1" title="中文" href="/zh:security">中文 (zh)</a></li><li class="a"><a class="wikilink2" title="繁體中文" href="/zh-tw:security">繁體中文 (zh-tw)</a></li></ul></div> <p> <strong>Learn about DokuWiki</strong> </p> <ul> <li class="level1"><div class="li"> <a href="/features" class="wikilink1" title="features" data-wiki-id="features">Features</a> & <a href="/blogroll" class="wikilink1" title="blogroll" data-wiki-id="blogroll">reviews</a> </div> </li> <li class="level1"><div class="li"> <a href="/install" class="wikilink1" title="install" data-wiki-id="install">Installation guide</a></div> </li> <li class="level1"><div class="li"> <a href="/manual" class="wikilink1" title="manual" data-wiki-id="manual">User manual</a> & <a href="/wiki:syntax" class="wikilink1" title="wiki:syntax" data-wiki-id="wiki:syntax">syntax</a></div> </li> <li class="level1"><div class="li"> <a href="/changes" class="wikilink1" title="changes" data-wiki-id="changes">Release notes</a></div> </li> <li class="level1"><div class="li"> <a href="/faq" class="wikilink1" title="faq" data-wiki-id="faq">FAQ</a></div> </li> </ul> <p> <strong>Advanced Use</strong> </p> <ul> <li class="level1"><div class="li"> <a href="/extensions" class="wikilink1" title="extensions" data-wiki-id="extensions">Extensions</a></div> </li> <li class="level1"><div class="li"> <a href="/development" class="wikilink1" title="development" data-wiki-id="development">Development manual</a></div> </li> </ul> <p> <strong>Corporate Use</strong> </p> <ul> <li class="level1"><div class="li"> <a href="/faq:support" class="wikilink1" title="faq:support" data-wiki-id="faq:support">Get support</a></div> </li> <li class="level1"><div class="li"> <a href="/donate" class="wikilink1" title="donate" data-wiki-id="donate">Donations</a></div> </li> </ul> <p> <strong>Our Community</strong> </p> <ul> <li class="level1"><div class="li"> <a href="/teams:getting_involved" class="wikilink1" title="teams:getting_involved" data-wiki-id="teams:getting_involved">Get involved</a></div> </li> <li class="level1"><div class="li"> <a href="/dokuinstall" class="wikilink1" title="dokuinstall" data-wiki-id="dokuinstall">Users</a></div> </li> <li class="level1"><div class="li"> <a href="http://forum.dokuwiki.org" class="urlextern" title="http://forum.dokuwiki.org">User forum</a></div> </li> <li class="level1"><div class="li"> <a href="/mailinglist" class="wikilink1" title="mailinglist" data-wiki-id="mailinglist">Development mailinglist</a></div> </li> </ul> <hr /> <p> Follow us on <a href="https://phpc.social/@dokuwiki" class="urlextern" title="https://phpc.social/@dokuwiki">Mastodon</a> and other <a href="/social" class="wikilink1" title="social" data-wiki-id="social">social networks</a>. </p> <p> <a href="/privacy" class="wikilink1" title="privacy" data-wiki-id="privacy">Our Privacy Policy</a> </p> </div></div> </div></nav>  <main id="dokuwiki__content"><div class="pad group"> <div class="pageId"><span>es:security</span></div> <div class="page group">   <div id="dw__toc" class="dw__toc"> <h3 class="toggle">Tabla de Contenidos</h3> <div> <ul class="toc"> <li class="level1"><div class="li"><a href="#seguridad">Seguridad</a></div> <ul class="toc"> <li class="level2"><div class="li"><a href="#alertas_de_seguridad">Alertas de seguridad</a></div></li> <li class="level2"><div class="li"><a href="#revelaciones_de_seguridad">Revelaciones de Seguridad</a></div></li> <li class="level2"><div class="li"><a href="#asegure_la_instalacion_de_dokuwiki_durante_la_configuracion">Asegure la instalación de DokuWiki durante la configuración</a></div></li> <li class="level2"><div class="li"><a href="#configuracion_de_seguridad_de_dokuwiki">Configuración de seguridad de Dokuwiki</a></div> <ul class="toc"> <li class="level3"><div class="li"><a href="#fmode_dmode">fmode / dmode</a></div></li> <li class="level3"><div class="li"><a href="#deshabilitar_la_salida_de_depuracion_debugging_output">Deshabilitar la salida de depuración (Debugging output)</a></div></li> <li class="level3"><div class="li"><a href="#prevencion_de_copiado_de_contenido_remoto">Prevención de copiado de contenido remoto</a></div></li> <li class="level3"><div class="li"><a href="#forzar_https_en_el_login">Forzar HTTPS en el Login</a></div></li> <li class="level3"><div class="li"><a href="#setting_some_wiki_pages_to_read-only">Setting some wiki pages to read-only</a></div></li> <li class="level3"><div class="li"><a href="#other_settings">Other settings</a></div></li> <li class="level3"><div class="li"><a href="#cleaning_the_access_control_lists">Cleaning the access control lists</a></div></li> </ul> </li> <li class="level2"><div class="li"><a href="#securing_the_install_directories">Securing the install directories</a></div> <ul class="toc"> <li class="level3"><div class="li"><a href="#confirming_apache_htaccess_works">Confirming Apache htaccess works</a></div></li> <li class="level3"><div class="li"><a href="#the__bin_directory">The ./bin directory</a></div></li> <li class="level3"><div class="li"><a href="#the__data_directory">The ./data directory</a></div></li> <li class="level3"><div class="li"><a href="#the__conf_directory">The ./conf directory</a></div></li> <li class="level3"><div class="li"><a href="#the__inc_directory">The ./inc directory</a></div></li> <li class="level3"><div class="li"><a href="#general_php_settings">General PHP Settings</a></div></li> </ul> </li> <li class="level2"><div class="li"><a href="#warning_on_plugins">Warning on Plugins</a></div></li> <li class="level2"><div class="li"><a href="#discussion">Discussion</a></div></li> </ul></li> </ul> </div> </div>  <h1 class="sectionedit1" id="seguridad">Seguridad</h1> <div class="level1"> <p> NEEDSATTENTION! (necesidades de atención! necesita un poco de trabajo en su diseño) </p> </div> <div class="secedit editbutton_section editbutton_1"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[Seguridad] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="seguridad" /><input type="hidden" name="codeblockOffset" value="0" /><input type="hidden" name="range" value="1-112" /><button type="submit" title="Seguridad">Editar</button></div></form></div> <h2 class="sectionedit2" id="alertas_de_seguridad">Alertas de seguridad</h2> <div class="level2"> <p> <strong>Para informarse sobre los problemas de seguridad con DokuWiki <a href="http://freshmeat.net/subscribe/48181/" class="urlextern" title="http://freshmeat.net/subscribe/48181/">subscribase</a> al proyecto DokuWiki en <a href="http://freshmeat.net/projects/dokuwiki/" class="urlextern" title="http://freshmeat.net/projects/dokuwiki/">freshmeat.net/projects/dokuwiki/</a> (asegúrese de dejar mensajes de correo electrónico de suscriptor). Necesita una cuenta Freshmeat para ello. Todos los problemas de seguridad están disponibles en el sistema de seguimiento de errores <a href="http://bugs.dokuwiki.org/index.php?tasks=all&project=1&type=1&cat=5&status=all&perpage=20" class="urlextern" title="http://bugs.dokuwiki.org/index.php?tasks=all&project=1&type=1&cat=5&status=all&perpage=20">bugtracking system</a>.</strong> </p> </div> <div class="secedit editbutton_section editbutton_2"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[Alertas de seguridad] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="alertas_de_seguridad" /><input type="hidden" name="codeblockOffset" value="0" /><input type="hidden" name="range" value="113-686" /><button type="submit" title="Alertas de seguridad">Editar</button></div></form></div> <h2 class="sectionedit3" id="revelaciones_de_seguridad">Revelaciones de Seguridad</h2> <div class="level2"> <p> Si usted encuentra un problema de seguridad con DokuWiki, <em> por favor </em> primero contacte con los mantenedores <strong> en privado </strong>. </p> <ul> <li class="level1"><div class="li"> Desarrollador principal: Los detalles de contacto con Andi están disponibles <a href="http://www.splitbrain.org/personal" class="urlextern" title="http://www.splitbrain.org/personal">Aquí</a>.</div> </li> <li class="level1"><div class="li"> ¿Quién si no?</div> </li> </ul> <p> <em> Puede </em> alternativamente considerar la publicación de un <a href="/es:bugs" class="wikilink2" title="es:bugs" rel="nofollow" data-wiki-id="es:bugs">bug</a>, en un espacio público. </p> </div> <div class="secedit editbutton_section editbutton_3"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[Revelaciones de Seguridad] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="revelaciones_de_seguridad" /><input type="hidden" name="codeblockOffset" value="0" /><input type="hidden" name="range" value="687-1115" /><button type="submit" title="Revelaciones de Seguridad">Editar</button></div></form></div> <h2 class="sectionedit4" id="asegure_la_instalacion_de_dokuwiki_durante_la_configuracion">Asegure la instalación de DokuWiki durante la configuración</h2> <div class="level2"> <p> De forma predeterminada, las instalaciones DokuWiki permiten que cualquiera pueda acceder y modificar la páginas wiki. Tan pronto como se instala DokuWiki, es posible que alguien pueda acceder a la wiki. Mientras se realiza la primera configuración, debe excluir a los visitantes externos. </p> <p> Si está utilizando el servidor web Apache, a menudo esto puede lograrse añadiendo las siguientes líneas en la parte superior del archivo .htaccess en la raíz de la instalación de DokuWiki: </p> <pre class="code">Deny from all Allow from 192.168.1.1</pre> <p> Cambie “192.168.1.1” por su dirección IP, puede determinarla accediendo a <a href="http://www.whatsmyip.org/" class="urlextern" title="http://www.whatsmyip.org/">http://www.whatsmyip.org/</a> </p> <p> <img src="/lib/images/smileys/exclaim.svg" class="icon smiley" alt=":!:" /> Si su dirección IP no está compartida con otros, también será capaz de acceder a DokuWiki. Este puede ser el caso si usted está detrás de un router inalámbrico o apoderado (en el trabajo, en la escuela, a través de tales ISPs como AOL, etc.) </p> <p> No se le olvide quitar las líneas añadidas al archivo .htaccess antes de lanzar su wiki.cc </p> </div> <div class="secedit editbutton_section editbutton_4"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[Asegure la instalación de DokuWiki durante la configuración] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="asegure_la_instalacion_de_dokuwiki_durante_la_configuracion" /><input type="hidden" name="codeblockOffset" value="0" /><input type="hidden" name="range" value="1116-2181" /><button type="submit" title="Asegure la instalación de DokuWiki durante la configuración">Editar</button></div></form></div> <h2 class="sectionedit5" id="configuracion_de_seguridad_de_dokuwiki">Configuración de seguridad de Dokuwiki</h2> <div class="level2"> <p> Las siguientes opciones de <a href="/es:config" class="wikilink1" title="es:config" data-wiki-id="es:config">configuración</a> deben ser tratadas con especial cuidado durante la configuración de Dokuwiki. </p> </div> <div class="secedit editbutton_section editbutton_5"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[Configuración de seguridad de Dokuwiki] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="configuracion_de_seguridad_de_dokuwiki" /><input type="hidden" name="codeblockOffset" value="1" /><input type="hidden" name="range" value="2182-2367" /><button type="submit" title="Configuración de seguridad de Dokuwiki">Editar</button></div></form></div> <h3 class="sectionedit6" id="fmode_dmode">fmode / dmode</h3> <div class="level3"> <p> (Es decir, modos de creación archivo/directorio.) Colóquelos lo más restrictivos posible. <strong> ¡Esta es una parte esencial de asegurar una instalación de DokuWiki! </strong> Por favor, consulte la página <a href="/install:permissions" class="wikilink1" title="install:permissions" data-wiki-id="install:permissions">permissions</a> . </p> </div> <div class="secedit editbutton_section editbutton_6"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[fmode / dmode] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="fmode_dmode" /><input type="hidden" name="codeblockOffset" value="1" /><input type="hidden" name="range" value="2368-2619" /><button type="submit" title="fmode / dmode">Editar</button></div></form></div> <h3 class="sectionedit7" id="deshabilitar_la_salida_de_depuracion_debugging_output">Deshabilitar la salida de depuración (Debugging output)</h3> <div class="level3"> <p> (<strong> Obligatorio </strong> - hay demasiada información disponible potencialmente peligrosa para exponer en público) </p> <p> En su directorio DokuWiki <code>config</code>, edite su archivo <code>conf/local.php</code> (crealo si no se encuentra) y añada la línea </p> <pre class="code php"><span class="re0">$conf</span><span class="br0">[</span><span class="st_h">'allowdebug'</span><span class="br0">]</span> <span class="sy0">=</span> <span class="nu0">0</span><span class="sy0">;</span></pre> <p> <img src="/lib/images/smileys/exclaim.svg" class="icon smiley" alt=":!:" /> Si configura el permiso como la página <a href="/install:permissions" class="wikilink1" title="install:permissions" data-wiki-id="install:permissions">permissions</a>, tiene la propiedad del archivo <code>conf/local.php</code> como usuario de Apache. El problema es si no tiene acceso de root. Si ha instalado DokuWiki en algún lugar de su home, bajo su nombre de usuario, todos los directorios son propiedad de usted. Al establecer los permisos de DokuWiki para trabajar sólo está cambiando de grupo para <code>conf</code> y dar al grupo acceso para escritura <code>conf</code>. Estado predeterminado después de la creación de <code>local.php</code> por Apache, es decir, que se puede leer y borrar, pero no puede cambiar. La solución es simple, abra <code>local.php</code> en el editor de texto, copie su contenido, guárdelo en algún lugar temporal, a continuación, elimine <code>local.php</code> y cree uno nuevo pegando el texto guardado. Establezca grupo para este nuevo <code>local.php</code> como usuario de Apache, y de acceso al grupo para escritura. Hecho. </p> </div> <div class="secedit editbutton_section editbutton_7"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[Deshabilitar la salida de depuración (Debugging output)] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="deshabilitar_la_salida_de_depuracion_debugging_output" /><input type="hidden" name="codeblockOffset" value="1" /><input type="hidden" name="range" value="2620-3879" /><button type="submit" title="Deshabilitar la salida de depuración (Debugging output)">Editar</button></div></form></div> <h3 class="sectionedit8" id="prevencion_de_copiado_de_contenido_remoto">Prevención de copiado de contenido remoto</h3> <div class="level3"> <p> Cosas como imágenes externas, enlazadas desde una página wiki, se copian en el servidor web local a través del script (secuencia de comandos) <code>lib/exe/fetch.php</code>, con el propósito de proporcionar un rendimiento uniforme y de ser capaz de cambiar el tamaño de imágenes remotas. Es posible que desee limitar el tamaño de los archivos extraídos de fuentes remotas autorizadas a utilizar la opción <code>$conf['fetchsize']</code> (dado en bytes). Si lo establece en <code>0</code>, desactiva eficazmente el almacenamiento en caché de fuentes externas. </p> </div> <div class="secedit editbutton_section editbutton_8"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[Prevención de copiado de contenido remoto] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="prevencion_de_copiado_de_contenido_remoto" /><input type="hidden" name="codeblockOffset" value="2" /><input type="hidden" name="range" value="3880-4480" /><button type="submit" title="Prevención de copiado de contenido remoto">Editar</button></div></form></div> <h3 class="sectionedit9" id="forzar_https_en_el_login">Forzar HTTPS en el Login</h3> <div class="level3"> <p> Usando mod_rewrite, podemos forzar al login a usar HTTPS, así prevenimos que las contraseñas viajen sin protección por la red. </p> <p> Añadir éstas líneas a la configuración de Apache (apache.conf): </p> <pre class="code">RewriteEngine On RewriteCond %{HTTPS} !on RewriteCond %{QUERY_STRING} \bdo=log(in|out)\b RewriteRule ^(.*) https://%{HTTP_HOST}/$1 [R,QSA,L]</pre> <p> Puede querer cambiarse <code>${HTTP_HOST}</code> a <code>${SERVER_NAME}</code>, cuando el nombre del servidor se equipara con el hostname en el certificado SSL. </p> <p> Posted by Travis Sidelinger: <a href="mailto:travis%20%5Bat%5D%20ilive4code%20%5Bdot%5D%20net" class="mail" title="travis [at] ilive4code [dot] net">travis [at] ilive4code [dot] net</a> - 2006Oct01 </p> <p> <strong>Question:</strong> is it possible through mod_rewrite magic somehow drop the user back to non-SSL right after the login? — <em><a href="mailto:alex%20%5Bat%5D%20seidlitz%20%5Bdot%5D%20ca" class="mail" title="alex [at] seidlitz [dot] ca">Alex Popov</a> 2007-10-31 14:03</em> </p> <blockquote><div class="no"> After some hacking, I figured this one out. To use non-ssl for all pages <em>except</em> the login/logout pages, insert the following after the lines above:</div></blockquote> <pre class="code">RewriteCond %{HTTPS} on RewriteCond %{QUERY_STRING} !do=log RewriteCond %{REQUEST_METHOD} GET RewriteRule ^(.*) http://%{HTTP_HOST}/$1 [R,QSA,L]</pre> <blockquote><div class="no"> Note the test for GET; without this, the login page will fail and drop you back to the main page (because it requires a POST to doku.php, which would otherwise be lost in the redirect).</div></blockquote> <p> — <em><a href="mailto:wirehead%20%5Bat%5D%20notapattern%20%5Bdot%5D%20net" class="mail" title="wirehead [at] notapattern [dot] net">wirehead [at] notapattern [dot] net</a> 2007-Jan-04 23:00</em> </p> <p> <strong> “Lost” cookie fix </strong><br/> I encountered a problem with the cookie that's set when you log in being “lost” when transitioning between HTTP/HTTPS. This applies to the 2007-06-26b release (and probably earlier ones). The problem is exhibited as follows – using the above code to rewrite the login/logout URLs to SSL-encrypted pages and then redirecting back to non-secure HTTP pages afterward, the cookie gets “lost”. What happens is that the cookie is being set with an absolute <abbr title="Uniform Resource Locator">URL</abbr> instead of a relative <abbr title="Uniform Resource Locator">URL</abbr>. So the cookie is only tied to the HTTPS version of the site; when going back to HTTP, you “never logged in”. Note that this applies when $conf['canonical'] = 0, which is the default. </p> <p> To fix this, the code in inc/init.php needs to be changed as follows: </p> <pre class="code">- if (!defined('DOKU_COOKIE')) define('DOKU_COOKIE', 'DW'.md5(DOKU_URL)); + if (!defined('DOKU_COOKIE')) define('DOKU_COOKIE', 'DW'.md5(DOKU_BASE));</pre> <p> Also I recommend the following rewrite conditions/rules to also encrypt the “update profile” page (where you can change your password) and the Administration menu, where stuff like the user manager resides.<br/> <strong>Updated 2008-03-28</strong>: minor change to RewriteRules. Previously they would not work properly if the wiki was hosted in a subfolder of the web server root. Now they should work fine with multiple DokuWiki installations, each in separate subfolders on the same web server. </p> <pre class="code"># We want to encrypt all pages over which passwords might be sent # Includes: login, logout, profile (password change), admin menu (user manager) RewriteCond %{HTTPS} !on RewriteCond %{QUERY_STRING} do=(log|profile|admin) RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,QSA,L] # Change back to non-secure for all other pages RewriteCond %{HTTPS} on RewriteCond %{QUERY_STRING} !do=(log|profile|admin) RewriteCond %{REQUEST_METHOD} GET RewriteRule ^(.*) http://%{HTTP_HOST}%{REQUEST_URI} [R,QSA,L]</pre> <p> I struggled with this for a while before finding the solution (which seems so simple!), so I hope that this helps to save someone from time and aggravation. I did search the website, but only found <a href="http://www.freelists.org/archives/dokuwiki/06-2007/msg00175.html" class="urlextern" title="http://www.freelists.org/archives/dokuwiki/06-2007/msg00175.html">this</a> with no solution…<br/> — <em><a href="mailto:poonh%20%5Bat%5D%20mcmaster%20%5Bdot%5D%20ca" class="mail" title="poonh [at] mcmaster [dot] ca">poonh [at] mcmaster [dot] ca</a> 2008-Jan-23 18:25 EST</em> </p> <p> <strong>A note on the “lost cookie” problem</strong> – this happened to me after an upgrade, and I eventually figured out that a new security setting was added. If you are serving the wiki over HTTP, but just securing the login pages, the cookie will now be “lost”. This is because the cookie by default is now being set in “secure” mode, which means it can't be sent over HTTP if it was set over HTTPS. To fix this, go into settings and disable “securecookie”. More info (and security thoughts): <a href="http://www.freelists.org/post/dokuwiki/CookieMonster,5" class="urlextern" title="http://www.freelists.org/post/dokuwiki/CookieMonster,5">http://www.freelists.org/post/dokuwiki/CookieMonster,5</a> — <em><a href="mailto:wirehead%20%5Bat%5D%20notapattern%20%5Bdot%5D%20net" class="mail" title="wirehead [at] notapattern [dot] net">wirehead [at] notapattern [dot] net</a> 2009-Feb-03 13:00 EST</em> </p> <p> Thanks for posting this solution, poonh, it was very helpful to me <img src="/lib/images/smileys/smile.svg" class="icon smiley" alt=":-)" />. The only thing is that now I am getting a “Warning: Contains unauthenticated content” warning in Firefox (equivalent in <abbr title="Internet Explorer">IE</abbr>). This is because the requests for js.php and css.php are being redirected back to the non-secure <abbr title="Uniform Resource Identifier">URI</abbr>. Might I suggest the following additions to the “send back” code:- </p> <pre class="code"># Change back to non-secure for all other pages RewriteCond %{HTTPS} on RewriteCond %{QUERY_STRING} !do=(log|profile|admin) RewriteCond %{REQUEST_URI} !\/css.php RewriteCond %{REQUEST_URI} !\/js.php RewriteCond %{REQUEST_METHOD} GET RewriteRule ^(.*) http://%{HTTP_HOST}/$1 [R,QSA,L]</pre> <p> Is there a security problem with doing this? Is there a security problem with leaving it as-is? Personally, I just prefer the thought of it being one way or the other. — <em><a href="mailto:public%20%5Bat%5D%20ssbd%20%5Bdot%5D%20net" class="mail" title="public [at] ssbd [dot] net">Andy Turner</a> 2008-Mar-25 13:48 GMT</em> </p> <p> Theoretically I don't think it really matters (security-wise) if some files are retrieved over an unencrypted connection, because normally they would be anyway and there's nothing confidential there; personally I just want to ensure that passwords are encrypted in transit. The additions you suggested above aren't sufficient to solve the problem (they only affect “send back” as you indicated); they don't address the mixed HTTPS/HTTP retrieval of content during the first redirect. </p> <blockquote><div class="no"> Is there mixed retrieval on the first redirect? I don't know this for sure, I'd be glad for somebody to explain it to me… anyhow, I thought of it like this: you request the login page via HTTP, and the server redirects you to the HTTPS login page. Only when you have this can you know which JS, <abbr title="Cascading Style Sheets">CSS</abbr> etc files to request; if these are given as links relative to the current page, your browser must then request them from the same (i.e. HTTPS) server. Without the changes I suggest, these JS etc requests are redirected back to the HTTP server; with these additions they are returned via HTTPS. So I'm not sure where mixed requests you mention occur. — <em><a href="mailto:public%20%5Bat%5D%20ssbd%20%5Bdot%5D%20net" class="mail" title="public [at] ssbd [dot] net">Andy Turner</a> 2008-Mar-28 17:45 GMT</em></div></blockquote> <p> I've spent a few more minutes looking at this. Page contents such as the numerous JavaScript and <abbr title="Cascading Style Sheets">CSS</abbr> include files are retrieved in plaintext, hence the browser warning for mixed HTTPS/HTTP. I do understand what you're saying about the relative URLs. The problem is that the exceptions you've included in the RewriteCond's you added aren't sufficient. You can observe the (numerous!) non-secure HTTP GET requests issued by your web browser if you use packet capture software like Wireshark. You'll also need to have exceptions for any JPGs, PNGs, ICOs, GIFs, and more. I don't know at what point the number of rewrite condition checks has a tangible performance impact but you probably don't want to have so many. There may be a more elegant way to deal with this; I haven't given it enough thought.<br/> — <em><a href="mailto:poonh%20%5Bat%5D%20mcmaster%20%5Bdot%5D%20ca" class="mail" title="poonh [at] mcmaster [dot] ca">poonh [at] mcmaster [dot] ca</a> 2008-Apr-01 02:23 EDT</em> </p> <p> Here is another take on split http/https operation: </p> <pre class="code"># Send to https on attempting to login etc. RewriteCond %{HTTPS} !=on RewriteCond %{QUERY_STRING} do=(admin|log|profile) RewriteRule ^(.*) https://%{HTTP_HOST}/$1 [R,QSA,L] # On showing, send back to http. RewriteCond %{HTTPS} =on RewriteCond %{QUERY_STRING} (do=show|^$) RewriteRule ^(.*) http://%{HTTP_HOST}/$1 [R,QSA,L]</pre> <p> Does not seem to have any issue (cookies, fetching other objects on the page, etc), and the main thing is for 'regular page views' to go non-https (so the body of the wiki is cacheable). Editing, searching, other operations are less important. </p> <p> In some cases, the above lines seem to be incomplete. In fact, Dokuwiki may not complete user authentication. So, you could add one more condition for the HTTPS rewrite rules to fix this: <br/> — <em><a href="mailto:thomas%20%5Bdot%5D%20chemineau%20%5Bat%5D%20gmail%20%5Bdot%5D%20com" class="mail" title="thomas [dot] chemineau [at] gmail [dot] com">thomas [dot] chemineau [at] gmail [dot] com</a> 2009-Mar-31 13:02 GMT</em> </p> <pre class="code"># On showing, send back to http. RewriteCond %{HTTPS} =on RewriteCond %{QUERY_STRING} (do=show|^$) RewriteCond %{THE_REQUEST} !^POST RewriteRule ^(.*) http://%{HTTP_HOST}/$1 [R,QSA,L]</pre> </div> <div class="secedit editbutton_section editbutton_9"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[Forzar HTTPS en el Login] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="forzar_https_en_el_login" /><input type="hidden" name="codeblockOffset" value="2" /><input type="hidden" name="range" value="4481-12767" /><button type="submit" title="Forzar HTTPS en el Login">Editar</button></div></form></div> <h3 class="sectionedit10" id="setting_some_wiki_pages_to_read-only">Setting some wiki pages to read-only</h3> <div class="level3"> <p> See <a href="/faq:pageprotect" class="wikilink1" title="faq:pageprotect" data-wiki-id="faq:pageprotect">this FAQ entry</a>. </p> </div> <div class="secedit editbutton_section editbutton_10"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[Setting some wiki pages to read-only] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="setting_some_wiki_pages_to_read-only" /><input type="hidden" name="codeblockOffset" value="9" /><input type="hidden" name="range" value="12768-12856" /><button type="submit" title="Setting some wiki pages to read-only">Editar</button></div></form></div> <h3 class="sectionedit11" id="other_settings">Other settings</h3> <div class="level3"> <p> In addition to settings listed on this page, the following settings may impact security and/or privacy. This is not necessarily an exhaustive list. </p> <ul> <li class="level1"><div class="li"> <a href="/config:fullpath" class="wikilink1" title="config:fullpath" data-wiki-id="config:fullpath">fullpath</a>, <a href="/config:signature" class="wikilink1" title="config:signature" data-wiki-id="config:signature">signature</a>, all <a href="/config:authentication_settings" class="wikilink2" title="config:authentication_settings" rel="nofollow" data-wiki-id="config:authentication_settings">authentication_settings</a>, <a href="/config:usewordblock" class="wikilink1" title="config:usewordblock" data-wiki-id="config:usewordblock">usewordblock</a>, <a href="/config:mailguard" class="wikilink1" title="config:mailguard" data-wiki-id="config:mailguard">mailguard</a>, <a href="/config:iexssprotect" class="wikilink1" title="config:iexssprotect" data-wiki-id="config:iexssprotect">iexssprotect</a>, <a href="/config:htmlok" class="wikilink1" title="config:htmlok" data-wiki-id="config:htmlok">htmlok</a>, <a href="/config:phpok" class="wikilink1" title="config:phpok" data-wiki-id="config:phpok">phpok</a>, <a href="/config:hidepages" class="wikilink1" title="config:hidepages" data-wiki-id="config:hidepages">hidepages</a>, <a href="/config:safemodehack" class="wikilink1" title="config:safemodehack" data-wiki-id="config:safemodehack">safemodehack</a>, <a href="/config:ftp" class="wikilink1" title="config:ftp" data-wiki-id="config:ftp">ftp</a> </div> </li> </ul> </div> <div class="secedit editbutton_section editbutton_11"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[Other settings] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="other_settings" /><input type="hidden" name="codeblockOffset" value="9" /><input type="hidden" name="range" value="12857-13292" /><button type="submit" title="Other settings">Editar</button></div></form></div> <h3 class="sectionedit12" id="cleaning_the_access_control_lists">Cleaning the access control lists</h3> <div class="level3"> <p> When deleting pages or users, the access definitions for them remain. This can be considered a feature or a security risk. If you want to clean up the <abbr title="Access Control List">ACL</abbr>, you can run the script <a href="/tips:clean_acl" class="wikilink1" title="tips:clean_acl" data-wiki-id="tips:clean_acl">clean_acl.php </a>. </p> </div> <div class="secedit editbutton_section editbutton_12"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[Cleaning the access control lists] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="cleaning_the_access_control_lists" /><input type="hidden" name="codeblockOffset" value="9" /><input type="hidden" name="range" value="13293-13551" /><button type="submit" title="Cleaning the access control lists">Editar</button></div></form></div> <h2 class="sectionedit13" id="securing_the_install_directories">Securing the install directories</h2> <div class="level2"> <p> The following steps are highly recommended - even if marked Optional, it's worth the effort. </p> <p> The purpose is to move everything possible outside your document root<sup><a href="#fn__1" id="fnt__1" class="fn_top">1)</a></sup> — excepting those scripts which absolutely must be there. </p> <p> It is proposed that, given a typical Unix / shared host account where your home directory is <code>/home/yourname</code> and your document root directory is, say, <code>/home/yourname/www</code>, you should create a directory <code>/home/yourname/dokuwiki</code> which would be <em>outside</em> of the document root directory, and locate parts of Dokuwiki under there, as described in the steps below. </p> <p> IIS-Users: </p> <ul> <li class="level1"><div class="li"> They don't need to move the directories, only change the configuration for security/authentication.</div> </li> <li class="level1"><div class="li"> In the IIS console, open the “Properties” dialog of the virtual directory for the wiki site</div> </li> <li class="level1"><div class="li"> Then, in the “Directory Security” tab, click the Edit button in the “Anonymous access and authentication control” section</div> </li> <li class="level1"><div class="li"> In the “Authentication” dialog, uncheck “Anonymous access”, then click OK on both dialogs</div> </li> <li class="level1"><div class="li"> <img src="/lib/images/smileys/exclaim.svg" class="icon smiley" alt=":!:" /> Not really tested, but should work. So no warranty!</div> </li> </ul> </div> <div class="secedit editbutton_section editbutton_13"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[Securing the install directories] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="securing_the_install_directories" /><input type="hidden" name="codeblockOffset" value="9" /><input type="hidden" name="range" value="13552-14747" /><button type="submit" title="Securing the install directories">Editar</button></div></form></div> <h3 class="sectionedit14" id="confirming_apache_htaccess_works">Confirming Apache htaccess works</h3> <div class="level3"> <p> The direct reading of data files like <a href="http://www.yoursite.de/wiki/data/start.txt" class="urlextern" title="http://www.yoursite.de/wiki/data/start.txt">http://www.yoursite.de/wiki/data/start.txt</a> is prevented by dokuwiki through the .htaccess file in data/ that says: </p> <pre class="code"> order allow, deny deny from all</pre> <p> <strong>FIX ME: There is no such file “start.txt” in my ./data dir. Please check this point. IF i understand this correctly, a simple visitor should not be able to read the content of a dir like <a href="http://localhost/dokuwiki/conf/" class="urlextern" title="http://localhost/dokuwiki/conf/">http://localhost/dokuwiki/conf/</a> - if you can see files in here you should go and fix this. make sure your webserver does not list the files in here or anywhere in a dokuwiki directory. </strong> </p> <p> This works in most of the installations (and on apache default installations), but some servers are configured in a way not to allow this feature in .htaccess. Test this by trying to access the start.txt. If htaccess-deny works the browser should yield a 403 HTTP-error. </p> <p> In other cases ⇒ Read under <a href="/es:rewrite#some_notes" class="wikilink2" title="es:rewrite" rel="nofollow" data-wiki-id="es:rewrite">URL rewriting</a> how to configure Apache so that it honors htaccess configuration and prevents the reading of files in and below data/. </p> </div> <div class="secedit editbutton_section editbutton_14"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[Confirming Apache htaccess works] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="confirming_apache_htaccess_works" /><input type="hidden" name="codeblockOffset" value="9" /><input type="hidden" name="range" value="14748-15832" /><button type="submit" title="Confirming Apache htaccess works">Editar</button></div></form></div> <h3 class="sectionedit15" id="the__bin_directory">The ./bin directory</h3> <div class="level3"> <p> (<strong>Required</strong> - although it's protected by <code>.htaccess</code> there is no reason why you should <em>ever</em> leave this exposed publicly) </p> <p> <img src="/lib/images/smileys/exclaim.svg" class="icon smiley" alt=":!:" /> Move the <code>bin</code> out of the document root or simply delete it. This directory contains scripts intended for use on the command line <em>only</em> and <strong>should not</strong> be left exposed. </p> <p> If you do not have shell access or have no reason to use these scripts (e.g. you don't know what they are for), you could also simply delete the directory - doing so will not break anything (they are not required for DokuWiki to work). </p> </div> <div class="secedit editbutton_section editbutton_15"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[The ./bin directory] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="the__bin_directory" /><input type="hidden" name="codeblockOffset" value="10" /><input type="hidden" name="range" value="15833-16414" /><button type="submit" title="The ./bin directory">Editar</button></div></form></div> <h3 class="sectionedit16" id="the__data_directory">The ./data directory</h3> <div class="level3"> <p> (<em>Optional</em> - directory protected by <code>.htaccess</code> but this is not <em>always</em> a safe solution) </p> <p> Move <code>data</code>, <code>media</code> and <code>attic</code> out of the document root. </p> <p> The easiest way to do this is: </p> <ol> <li class="level1"><div class="li"> Move the <code>data</code> directory (and all its contents) out of the document root</div> </li> <li class="level1"><div class="li"> Edit the <a href="/config:savedir" class="wikilink1" title="config:savedir" data-wiki-id="config:savedir">savedir</a> setting to point to the new location of the <code>data</code> directory.</div> </li> </ol> <p> For example, if the <code>data</code> directory is moved to <code>/home/yourname/data</code>, add the following line to <code>conf/local.php</code>: </p> <pre class="code php"><span class="re0">$conf</span><span class="br0">[</span><span class="st_h">'savedir'</span><span class="br0">]</span> <span class="sy0">=</span> <span class="st_h">'/home/yourname/data'</span><span class="sy0">;</span></pre> <p> The <code>media</code> and <code>attic</code> directories reside within the <code>data</code> directory, so following the steps above will secure those as well. </p> </div> <div class="secedit editbutton_section editbutton_16"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[The ./data directory] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="the__data_directory" /><input type="hidden" name="codeblockOffset" value="10" /><input type="hidden" name="range" value="16415-17139" /><button type="submit" title="The ./data directory">Editar</button></div></form></div> <h3 class="sectionedit17" id="the__conf_directory">The ./conf directory</h3> <div class="level3"> <p> (<em>Optional</em> - directory protected by <code>.htaccess</code> but this is not <em>always</em> a safe solution) </p> <p> Move the config subdirectory out of your document root. This is a little harder to achieve in current DokuWiki versions but the easiest approach right now is to use PHP's <a href="http://www.php.net/manual/en/ini.core.php#ini.auto-prepend-file" class="urlextern" title="http://www.php.net/manual/en/ini.core.php#ini.auto-prepend-file">auto-prepend-file</a> ini setting, to load a simple PHP script that defines a constant pointing at the new config directory location. </p> <p> On a typical shared host, create a file like <code>/home/yourname/dokuwiki/prepend.php</code> containing just; </p> <pre class="code php"><span class="kw2"><?php</span> <a href="http://www.php.net/define"><span class="kw3">define</span></a><span class="br0">(</span><span class="st_h">'DOKU_CONF'</span><span class="sy0">,</span><span class="st_h">'/home/yourname/dokuwiki/conf/'</span><span class="br0">)</span><span class="sy0">;</span></pre> <p> (Terminating PHP processing instruction deliberately left out - do not add this <code>?></code> at the end) </p> <p> Move the <code>conf</code> directory to <code>/home/yourname/dokuwiki/</code> so it makes <code>/home/yourname/dokuwiki/conf</code>. </p> <p> Now edit the <code>.htaccess</code> file in your document root (e.g. <code>/home/yourname/www/.htaccess</code>) and add the following; </p> <pre class="code">php_value auto_prepend_file /home/yourname/dokuwiki/prepend.php</pre> <p> What this does is tell PHP to run the <code>prepend.php</code> script <em>before</em> any other script. By defining the constant, it overrides what later gets set by Dokuwiki's <code>inc/init.php</code> script. </p> <p> <strong>2008.12.28</strong> Following the instructions above removed all <abbr title="Cascading Style Sheets">CSS</abbr> styling. The fault seems to be related to the <code>php_value auto_prepend_file</code> line. Even prepending <code><?php</code> alone with no future instructions was enough. Instead, go into <code>inc/init.php</code> and redefine <code>DOKU_CONF</code> as follows: </p> <pre class="code"> // define config path (packagers may want to change this to /etc/dokuwiki/) if(!defined('DOKU_CONF')) define('DOKU_CONF',fullpath(dirname(__FILE__).'/../../').'/dokuwiki/conf/');</pre> <p> where <code>__FILE__</code> refers to the location of <code>init.php</code>. </p> </div> <div class="secedit editbutton_section editbutton_17"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[The ./conf directory] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="the__conf_directory" /><input type="hidden" name="codeblockOffset" value="11" /><input type="hidden" name="range" value="17140-18978" /><button type="submit" title="The ./conf directory">Editar</button></div></form></div> <h3 class="sectionedit18" id="the__inc_directory">The ./inc directory</h3> <div class="level3"> <p> (<em>Optional</em> - directory protected by <code>.htaccess</code> but this is not <em>always</em> a safe solution) </p> <p> In theory there shouldn't be anything dangerous here but there's also no reason to leave this code publicly exposed - better safe than sorry. Be warned this step pretty much requires shell access to the server - most of the other steps above could be managed purely with an <abbr title="File Transfer Protocol">FTP</abbr> client. </p> <p> Assuming you've performed the step to move your <code>config</code> directory out of the document root, simply update the <code>prepend.php</code> file with an additional line to become; </p> <pre class="code php"><span class="kw2"><?php</span> <a href="http://www.php.net/define"><span class="kw3">define</span></a><span class="br0">(</span><span class="st_h">'DOKU_CONF'</span><span class="sy0">,</span><span class="st_h">'/home/yourname/dokuwiki/conf/'</span><span class="br0">)</span><span class="sy0">;</span> <a href="http://www.php.net/define"><span class="kw3">define</span></a><span class="br0">(</span><span class="st_h">'DOKU_INC'</span><span class="sy0">,</span><span class="st_h">'/home/yourname/dokuwiki/'</span><span class="br0">)</span><span class="sy0">;</span></pre> <p> Move the inc directory to <code>/home/yourname/dokuwiki</code> to make <code>/home/yourname/dokuwiki/inc</code>. </p> <p> <img src="/lib/images/smileys/fixme.svg" class="icon smiley" alt="FIXME" /> Moved all other directories successfully but the ./inc directory turned out to be not so easy. DokuWiki started looking for plugins and includes where they weren't and, particularly, it seemed to be looking for the ./lib directory in the same location as my ./inc directory . It can probably work but there are a few more definitions to be added to prepend.php, such as, possibly having to point the contents of the ./inc directory back to the web-accessible root. I did that for plugins as follows: </p> <pre class="code php"><a href="http://www.php.net/define"><span class="kw3">define</span></a><span class="br0">(</span><span class="st_h">'DOKU_PLUGIN'</span><span class="sy0">,</span><span class="st_h">'/home/yourname/www/dokuwiki/lib/plugins/'</span><span class="br0">)</span><span class="sy0">;</span></pre> <p> There are a few other functional directories inside the ./lib directory which are misreferenced when ./inc is moved out of the web root but I did not try to fix them all. As soon as I moved the ./inc directory back to my web root and deleted define('DOKU_INC','/home/yourname/dokuwiki/'); from prepend.php, everything went back to normal. </p> <p> Another possibility (NOT TESTED! A developer needs to comment if this is at all doable!) is to move the ./lib directory out of the web root as well but prepend.php will need to be modified accordingly. </p> </div> <div class="secedit editbutton_section editbutton_18"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[The ./inc directory] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="the__inc_directory" /><input type="hidden" name="codeblockOffset" value="14" /><input type="hidden" name="range" value="18979-20924" /><button type="submit" title="The ./inc directory">Editar</button></div></form></div> <h3 class="sectionedit19" id="general_php_settings">General PHP Settings</h3> <div class="level3"> <p> <img src="/lib/images/smileys/fixme.svg" class="icon smiley" alt="FIXME" /> this should be merged into <a href="/install:php" class="wikilink1" title="install:php" data-wiki-id="install:php">wiki:config:php</a> and be linked from here. </p> <p> The following are general “good practice”. A good read on locking down PHP in general is Chapter 3 of <a href="http://www.apachesecurity.net/" class="urlextern" title="http://www.apachesecurity.net/">Apache Security</a>, available in PDF form for free <a href="http://www.apachesecurity.net/download/apachesecurity-ch03.pdf" class="urlextern" title="http://www.apachesecurity.net/download/apachesecurity-ch03.pdf">here</a>. </p> <p> Note that if you are running DokuWiki / PHP on a server you fully control, you may want to consider a <a href="https://en.wikipedia.org/wiki/Chroot" class="interwiki iw_wp" title="https://en.wikipedia.org/wiki/Chroot">chroot</a> jail. There are various ramblings online for how to do this but the most complete / accurate / effective it probably <a href="http://www.seaoffire.net/fcgi-faq.html" class="urlextern" title="http://www.seaoffire.net/fcgi-faq.html">Apache + Chroot + FastCGI + PHP FAQ</a> </p> <p> You should be able to set them by editing your main .htaccess file at <code>/home/yourname/www/.htaccess</code>. </p> <p> IIS-User-Approach: </p> <ul> <li class="level1"><div class="li"> modify php.ini in then PHP-Installation-Directory (i.e. C:\Program Files\PHP\) </div> </li> <li class="level1"><div class="li"> For Error-Loggin you can use the System-Log (“error_log = syslog” in the php.ini)</div> </li> </ul> </div> <h4 id="private_error_logging">Private Error Logging</h4> <div class="level4"> <p> (<em>Optional</em> this is a good idea - the more information you give an attacker, the easier it is) </p> <p> Add the following to <code>.htaccess</code> in your public document root directory (e.g. <code>/home/yourname/www/.htaccess</code> - the directory that's directly exposed to HTTP requests and contains <code>index.php</code> and <code>doku.php</code>) </p> <pre class="code"># Disable display of public PHP error messages php_flag display_errors "off" # Log all PHP errors to a file in private directory (and not in the DokuWiki data directory either!) # here you'd need to create the directory and the file then make sure the file has world write # permissions php_flag error_log "/home/yourname/logs/errors.log" # Don't keep reporting the same error again and again (keep log file smaller) php_flag ignore_repeated_errors On # Dokuwiki generates a lot of notices... best prevent reporting them # in .htaccess files E_ALL, E_NOTICE have no effect, you must use the # values from http://www.php.net/manual/en/function.error-reporting.php # E_ALL & ~E_NOTICE => 2047 - 8 => 2039 (Note: E_ALL is different for 5.2.x and above, see # http://www.php.net/manual/en/ref.errorfunc.php#errorfunc.constants.errorlevels.e-all) php_flag error_reporting 2039 </pre> <p> You need to create the directory and log file above, which (logged in via shell) can be done like; </p> <pre class="code">$ mkdir ~/logs $ touch ~/logs/errors.log $ chmod 662 ~/logs/errors.log</pre> <p> If PHP finds the file doesn't exist, it won't automatically create it for you (i.e. the error messages disappear into the void). Meanwhile you need to make sure it doesn't get too big (it will grow if you don't do something to stop it). A simple way to reduce it's size is; </p> <pre class="code">$ tail -100 ~/logs/errors.log > ~/logs/errors.log</pre> <p> That takes the last 100 lines from the log and overwrites the original with them - you might place this in, say, a weekly cron job. </p> </div> <h4 id="enable_safe_mode_and_open_basedir">Enable safe_mode and open_basedir</h4> <div class="level4"> <p> <em>Instructions for DokuWiki running on Linux/Unix and Apache. Tested on Centos 4.4</em> </p> <p> Two options are very important in PHP regarding security: <sup><a href="#fn__2" id="fnt__2" class="fn_top">2)</a></sup> </p> <ul> <li class="level1"><div class="li"> safe_mode: which restrict the execution of system commands from PHP (works in PHP3, PHP4, PHP5)</div> </li> <li class="level1"><div class="li"> open_basedir: which restrict the PHP script to only open file from inside a directory</div> </li> </ul> <p> Add this lines to your httpd.conf, sometimes it can be added in the file /wiki/.htaccess too: </p> <pre class="code"># dokuwiki is installed in : /var/www/html/wiki/ # your php pear packages are in : /usr/share/pear/ # php is installed in : /usr/lib/php4/ # use a new tmp directory in : /var/www/html/wiki/tmp/ <Directory /var/www/html/wiki> php_admin_flag safe_mode On php_admin_value safe_mode_exec_dir "/usr/lib/php4" php_admin_value safe_mode_include_dir "/usr/share/pear/" php_admin_value open_basedir "/var/www/html/wiki/:/var/www/wiki/:/usr/share/pear/" php_admin_value upload_tmp_dir "/var/www/html/wiki/tmp/" </Directory></pre> <p> Then, you should configure all the permissions of the wiki directory with this command in Linux/Unix: </p> <pre class="code"># chown apache:apache -R /var/www/html/wiki/</pre> <p> If you don't have a shell account in your hosting provider or you use only ftp to upload DokuWiki, then all permissions should be configured automatically. There is no need to run the chown command in those cases. </p> <p> <img src="/lib/images/smileys/fixme.svg" class="icon smiley" alt="FIXME" /> Is the above line something one has to do with telnet? My presence provider doesn't provide a command line… Over-all, all I got out of this page was to delete the .bin directory and moving the ./data directory. By the way, I've been unable to delete the old ./data on the server with FileZilla; it tells me “directory not empty” and when I go to the subdirectories, and to the files in them, all my attempts to delete seem to result in PWD commands. No apparent way to get rid of them. The rest of the stuff on this page either didn't work for me, or was too obscure to follow. Need to explain things with dummies in mind. We dummies are a majority <img src="/lib/images/smileys/wink.svg" class="icon smiley" alt=";-)" /> </p> <blockquote><div class="no"> Don't know whether there are ftp-clients with the ability to change owner and group attributes as with <code>chown</code> on the command line, but probably your provider will not grant you the right to change owner and group attributes of your files. This also may be the reason why you can't get rid of 'your' files in the data dir (presumably they aren't yours <img src="/lib/images/smileys/wink.svg" class="icon smiley" alt=";-)" /> ). If you set the fmode/dmode param too restrictive (lesser okt. values than 666/777, esp. in 3rd position) you won't be able to del files written and hence owned by the webserver (i.e. files created via DokuWiki) cf. <a href="/install:permissions" class="wikilink1" title="install:permissions" data-wiki-id="install:permissions">permissions</a>, <a href="/config:fmode" class="wikilink1" title="config:fmode" data-wiki-id="config:fmode">fmode</a> and <a href="/install:hosted" class="wikilink1" title="install:hosted" data-wiki-id="install:hosted">hosted</a> /Leif</div></blockquote> <p> Assuming your webserver is apache and is running as the user apache. This is needed because safe_mode runs the PHP script as the user that is the owner of the .php files. </p> </div> <div class="secedit editbutton_section editbutton_19"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[General PHP Settings] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="general_php_settings" /><input type="hidden" name="codeblockOffset" value="16" /><input type="hidden" name="range" value="20925-27432" /><button type="submit" title="General PHP Settings">Editar</button></div></form></div> <h2 class="sectionedit20" id="warning_on_plugins">Warning on Plugins</h2> <div class="level2"> <p> DokuWiki has <a href="/es:plugins" class="wikilink1" title="es:plugins" data-wiki-id="es:plugins">lots of community contributed plugins</a>. These are distributed separately from DokuWiki in an entirely ad-hoc manner, and are not subject to the same degree of attention / review that the core DokuWiki code base gets. Some tips / things you should be aware of; </p> <ul> <li class="level1"><div class="li"> If you can, review the plugin source code yourself, <em>before</em> installing it.</div> </li> <li class="level1"><div class="li"> If in doubt, ask on the <a href="/es:mailinglist" class="wikilink2" title="es:mailinglist" rel="nofollow" data-wiki-id="es:mailinglist">mailing list</a>.</div> </li> <li class="level1"><div class="li"> Plugins are installed under the DokuWiki <code>lib</code> directory, which is required to be exposed under your document root. You need to review <em>very carefully</em> what code a plugin contains, an lock down with .htaccess files as appropriate.</div> </li> <li class="level1"><div class="li"> Plugins are authored by developers not directly related to the DokuWiki project - they may have malicious intent or may host the plugin source code on a server that has been compromised. <strong>Be careful whom you trust</strong></div> </li> </ul> </div> <div class="secedit editbutton_section editbutton_20"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[Warning on Plugins] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="warning_on_plugins" /><input type="hidden" name="codeblockOffset" value="21" /><input type="hidden" name="range" value="27433-28350" /><button type="submit" title="Warning on Plugins">Editar</button></div></form></div> <h2 class="sectionedit21" id="discussion">Discussion</h2> <div class="level2"> <p> Block useragent libwww using .htaccess (also implement the <a href="http://perishablepress.com/press/2009/03/16/the-perishable-press-4g-blacklist" class="urlextern" title="http://perishablepress.com/press/2009/03/16/the-perishable-press-4g-blacklist">4G</a>): </p> <pre class="code">SetEnvIfNoCase User-Agent "Jakarta Commons" keep_out SetEnvIfNoCase User-Agent "Y!OASIS/TEST" keep_out SetEnvIfNoCase User-Agent "libwww-perl" keep_out SetEnvIfNoCase User-Agent "MOT-MPx220" keep_out SetEnvIfNoCase User-Agent "MJ12bot" keep_out SetEnvIfNoCase User-Agent "Nutch" keep_out SetEnvIfNoCase User-Agent "cr4nk" keep_out deny from env=keep_out</pre> <p> <strong>I have the following code in a file and just include it at the top of the entry page to my site. (i.e. index.php). However it will not help when someone it attacking a file that does not have the include in it. Doing the ban via .htaccess would be a better way to filter out these requests. But this might help while we wait for someone who knows how to create the filter to post.</strong> <sup><a href="#fn__3" id="fnt__3" class="fn_top">3)</a></sup> </p> <pre class="code php"> <span class="re0">$aBadUserAgents</span> <span class="sy0">=</span> <a href="http://www.php.net/array"><span class="kw3">array</span></a><span class="br0">(</span><span class="br0">)</span><span class="sy0">;</span> <span class="re0">$aBadUserAgents</span><span class="br0">[</span><span class="br0">]</span> <span class="sy0">=</span> <span class="st_h">'libwww'</span><span class="sy0">;</span>   <span class="kw1">foreach</span> <span class="br0">(</span><span class="re0">$aBadUserAgents</span> <span class="kw1">as</span> <span class="re0">$variable</span><span class="br0">)</span> <span class="br0">{</span> <span class="kw1">if</span> <span class="br0">(</span><a href="http://www.php.net/strpos"><span class="kw3">strpos</span></a><span class="br0">(</span><span class="re0">$_SERVER</span><span class="br0">[</span><span class="st0">"HTTP_USER_AGENT"</span><span class="br0">]</span><span class="sy0">,</span> <span class="re0">$variable</span><span class="br0">)</span> <span class="sy0">!==</span> <span class="kw4">false</span><span class="br0">)</span> <span class="br0">{</span> <a href="http://www.php.net/die"><span class="kw3">die</span></a><span class="br0">(</span><a href="http://www.php.net/header"><span class="kw3">header</span></a><span class="br0">(</span><span class="st0">"HTTP/1.0 403 Forbidden"</span><span class="br0">)</span><span class="br0">)</span><span class="sy0">;</span> <span class="br0">}</span> <span class="br0">}</span></pre> </div> <div class="secedit editbutton_section editbutton_21"><form class="button btn_secedit" method="post" action="/es:security"><div class="no"><input type="hidden" name="do" value="edit" /><input type="hidden" name="rev" value="1657900377" /><input type="hidden" name="summary" value="[Discussion] " /><input type="hidden" name="target" value="section" /><input type="hidden" name="hid" value="discussion" /><input type="hidden" name="codeblockOffset" value="21" /><input type="hidden" name="range" value="28351-" /><button type="submit" title="Discussion">Editar</button></div></form></div><div class="footnotes"> <div class="fn"><sup><a href="#fnt__1" id="fn__1" class="fn_bot">1)</a></sup> <div class="content">the filespace directly accessible via normal web browsing</div></div> <div class="fn"><sup><a href="#fnt__2" id="fn__2" class="fn_bot">2)</a></sup> <div class="content">Note: use of safe_mode / open_basedir is a subject for debate. Fundamentally it is not 100% secure (lots of workarounds such as DokuWiki's own safemode bypass) and it sometimes complicates configurations / installations of some applications, etc. See <a href="http://ilia.ws/archives/18-PHPs-safe_mode-or-how-not-to-implement-security.html" class="urlextern" title="http://ilia.ws/archives/18-PHPs-safe_mode-or-how-not-to-implement-security.html">PHP's safe_mode or how not to implement security</a>. Furthermore, safe mode has been <a href="http://www.php.net/~derick/meeting-notes.html#safe-mode" class="urlextern" title="http://www.php.net/~derick/meeting-notes.html#safe-mode">dropped from PHP6</a>, it's already <a href="http://news.php.net/php.cvs/37189" class="urlextern" title="http://news.php.net/php.cvs/37189">gone from the PHP6 CVS branch</a>, if general you're probably better of chrooting your PHP (see link in this page <a href="/es:security#general_php_settings" class="wikilink1" title="es:security" data-wiki-id="es:security">here</a>) </div></div> <div class="fn"><sup><a href="#fnt__3" id="fn__3" class="fn_bot">3)</a></sup> <div class="content"><a href="http://uber.leetphp.com" class="urlextern" title="http://uber.leetphp.com">Code contributed by php|uber.leet </a></div></div> </div>  </div> <div class="docInfo"><bdi>es/security.txt</bdi> · Última modificación: <time datetime="2022-07-15T17:52:57+0200">2022-07-15 17:52</time> por <bdi>189.217.67.82</bdi></div> <hr class="a11y" /> </div></main>  <nav id="dokuwiki__pagetools" aria-labelledby="dokuwiki__pagetools__heading"> <h3 class="a11y" id="dokuwiki__pagetools__heading">Herramientas de la página</h3> <div class="tools"> <ul> <li class="edit"><a href="/es:security?do=edit" title="Editar esta página [e]" rel="nofollow" accesskey="e"><span>Editar esta página</span><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M20.71 7.04c.39-.39.39-1.04 0-1.41l-2.34-2.34c-.37-.39-1.02-.39-1.41 0l-1.84 1.83 3.75 3.75M3 17.25V21h3.75L17.81 9.93l-3.75-3.75L3 17.25z"/></svg></a></li><li class="revs"><a href="/es:security?do=revisions" title="Revisiones antiguas [o]" rel="nofollow" accesskey="o"><span>Revisiones antiguas</span><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M11 7v5.11l4.71 2.79.79-1.28-4-2.37V7m0-5C8.97 2 5.91 3.92 4.27 6.77L2 4.5V11h6.5L5.75 8.25C6.96 5.73 9.5 4 12.5 4a7.5 7.5 0 0 1 7.5 7.5 7.5 7.5 0 0 1-7.5 7.5c-3.27 0-6.03-2.09-7.06-5h-2.1c1.1 4.03 4.77 7 9.16 7 5.24 0 9.5-4.25 9.5-9.5A9.5 9.5 0 0 0 12.5 2z"/></svg></a></li><li class="backlink"><a href="/es:security?do=backlink" title="Enlaces a esta página" rel="nofollow"><span>Enlaces a esta página</span><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M10.59 13.41c.41.39.41 1.03 0 1.42-.39.39-1.03.39-1.42 0a5.003 5.003 0 0 1 0-7.07l3.54-3.54a5.003 5.003 0 0 1 7.07 0 5.003 5.003 0 0 1 0 7.07l-1.49 1.49c.01-.82-.12-1.64-.4-2.42l.47-.48a2.982 2.982 0 0 0 0-4.24 2.982 2.982 0 0 0-4.24 0l-3.53 3.53a2.982 2.982 0 0 0 0 4.24m2.82-4.24c.39-.39 1.03-.39 1.42 0a5.003 5.003 0 0 1 0 7.07l-3.54 3.54a5.003 5.003 0 0 1-7.07 0 5.003 5.003 0 0 1 0-7.07l1.49-1.49c-.01.82.12 1.64.4 2.43l-.47.47a2.982 2.982 0 0 0 0 4.24 2.982 2.982 0 0 0 4.24 0l3.53-3.53a2.982 2.982 0 0 0 0-4.24.973.973 0 0 1 0-1.42z"/></svg></a></li><li class="top"><a href="#dokuwiki__top" title="Volver arriba [t]" rel="nofollow" accesskey="t"><span>Volver arriba</span><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M13 20h-2V8l-5.5 5.5-1.42-1.42L12 4.16l7.92 7.92-1.42 1.42L13 8v12z"/></svg></a></li> </ul> </div> </nav> </div>  <footer id="dokuwiki__footer"><div class="pad"> <div class="license">Excepto donde se indique lo contrario, el contenido de este wiki esta bajo la siguiente licencia: <bdi><a href="https://creativecommons.org/licenses/by-sa/4.0/deed.en" rel="license" class="urlextern">CC Attribution-Share Alike 4.0 International</a></bdi></div> <div class="buttons"> <a href="https://creativecommons.org/licenses/by-sa/4.0/deed.en" rel="license"><img src="/lib/images/license/button/cc-by-sa.png" alt="CC Attribution-Share Alike 4.0 International" /></a> <a href="https://www.dokuwiki.org/donate" title="Donate" ><img src="/lib/tpl/dokuwiki/images/button-donate.gif" width="80" height="15" alt="Donate" /></a> <a href="https://php.net" title="Powered by PHP" ><img src="/lib/tpl/dokuwiki/images/button-php.gif" width="80" height="15" alt="Powered by PHP" /></a> <a href="//validator.w3.org/check/referer" title="Valid HTML5" ><img src="/lib/tpl/dokuwiki/images/button-html5.png" width="80" height="15" alt="Valid HTML5" /></a> <a href="//jigsaw.w3.org/css-validator/check/referer?profile=css3" title="Valid CSS" ><img src="/lib/tpl/dokuwiki/images/button-css.png" width="80" height="15" alt="Valid CSS" /></a> <a href="https://dokuwiki.org/" title="Driven by DokuWiki" ><img src="/lib/tpl/dokuwiki/images/button-dw.png" width="80" height="15" alt="Driven by DokuWiki" /></a> </div> <div style="margin-top: 2em; font-size:90%" class="dokuwiki"><div style="float:right"><a href="http://www.splitbrain.org/personal#imprint" style="float:right; text-decoration: none; color:#333">Imprint</a></div></div> <style type="text/css"> @media screen { body { padding-top: 30px; } #global__header { position: absolute; top: 0; left: 0; text-align: left; vertical-align: middle; line-height: 1.5; background-color: #333; box-shadow: 0 0 8px rgba(0,0,0,0.5); width: 100%; margin: 0; padding: 5px 20px; -moz-box-sizing: border-box; -webkit-box-sizing: border-box; box-sizing: border-box; white-space: nowrap; overflow: hidden; } #global__header h2 { position: absolute; left: -99999em; top: 0; overflow: hidden; display: inline; } #global__header ul, #global__header li { margin: 0; padding: 0; list-style: none; display: inline; line-height: 1.5; } #global__header a { color: #bbb; text-decoration: none; margin-right: 20px; font-size: 14px; font-weight: normal; } #global__header a:hover, #global__header a:active, #global__header a:focus { color: #fff; text-decoration: underline; } #global__header form { float: right; margin: 0 0 0 20px; } #global__header input { background-color: #333; background-image: none; border: 1px solid #bbb; color: #fff; box-shadow: none; border-radius: 2px; margin: 0; line-height: normal; padding: 1px 0 1px 0; height: auto; } #global__header input.button { border: none; color: #bbb; } #global__header input.button:hover, #global__header input.button:active, #global__header input.button:focus { color: #fff; text-decoration: underline; } } /* /@media */ @media only screen and (min-width: 601px) { /* changes specific for www.dokuwiki.org */ #dokuwiki__header { padding-top: 3em; } #dokuwiki__usertools { top: 3em; } /* changes specific for bugs.dokuwiki.org */ div#container div#showtask { top: 40px; } } /* /@media */ @media only screen and (max-width: 600px) { body { padding-top: 0; } #global__header { position: static; white-space: normal; overflow: auto; } #global__header form { float: none; display: block; margin: 0 0 .4em; } } /* /@media */ @media print { #global__header { display: none; } } /* /@media */ </style> <div id="global__header"> <h2>Global DokuWiki Links</h2> <form method="get" action="https://search.dokuwiki.org/" target="_top"> <input type="text" name="q" title="Search all DokuWiki sites at once" class="input" /> <input type="submit" title="Search all DokuWiki sites at once" value="Search" class="button" /> </form> <ul> <li><a href="https://download.dokuwiki.org" title="Download the latest release" target="_top">Download</a></li> <li><a href="https://www.dokuwiki.org" title="Read the DokuWiki documentation" target="_top">Wiki</a></li> <li><a href="https://forum.dokuwiki.org" title="Ask questions in the DokuWiki forum" target="_top">Forum</a></li> <li><a href="https://irc.dokuwiki.org" title="Check IRC chat logs or join the chat" target="_top">IRC</a></li> <li><a href="https://github.com/splitbrain/dokuwiki/issues" title="Report and track bugs" target="_top">Bugs</a></li> <li><a href="https://translate.dokuwiki.org/" title="Help translating the DokuWiki interface" target="_top">Translate</a></li> <li><a href="https://github.com/splitbrain/dokuwiki" title="Access the most recent git commits" target="_top">Git</a></li> <li><a href="https://xref.dokuwiki.org/reference/dokuwiki/" title="Cross-Reference of the DokuWiki source code" target="_top">XRef</a></li> <li><a href="https://codesearch.dokuwiki.org/" title="Search through the sources of DokuWiki, plugins and templates" target="_top">Code Search</a></li> </ul> </div>  </div></footer> </div></div> <div class="no"><img src="/lib/exe/taskrunner.php?id=es%3Asecurity&1743750295" width="2" height="1" alt="" /></div> <div id="screen__mode" class="no"></div></body> </html>