Mediawiki/Hardening
From r00tedvw.com wiki
Disable user self registration
Add the following to LocalSettings.php
# Prevent new user registrations except by sysops $wgGroupPermissions['*']['createaccount'] = false;
Uploads Dir security
add to the bottom of your Virtual site config, before you close it:
<Directory /var/www/yoursite.com/wiki/images/> # Ignore .htaccess files AllowOverride None # Serve HTML as plaintext, don't execute SHTML AddType text/plain .html .htm .shtml .php # Don't run arbitrary PHP code. php_admin_flag engine off # If you've other scripting languages, disable them too. </Directory>