On Thu 03 Feb 2005, Jo Walsh jo@frot.org wrote:
briefly, i set up an OG for some collaborators; they're now threatening to switch to a different wiki, and make the existing one read-only, because the spam problem is so bad.
the time/energy i want to devote to fixing this, is minimal.
Put something like this in .htaccess in the same directory as the wiki.cgi:
<Limit POST> Order deny,allow Deny from all AuthType Basic AuthName "Username: " AuthUserFile /home/kake/.htpasswd-openguides require valid-user satisfy any </Limit>
All the edit forms are POST. I think there is a POST search form as well, but this really needs changing to GET - there's no reason for search results not to be linkable to, and a search doesn't change data. Um, hack that in your version pending a fix in the distro. I wouldn't normally recommend that, but you seem to be in dire straits, and it's a bugfix which will go in at some point.
They won't get the auth request until after they've submitted the edit form though. I think (but have not tested this) that you can get around this by making a little login.cgi that's protected by the same htpasswd file and adding a link to this somewhere.
That really is a bit of a hack, but it might do.
Kake