SUBJECT
Presumeable error in DokuWiki online security guideline
TARGET
Page error found in location:
http://www.dokuwiki.org/security#web_access_security
DETAILS
A slight presumable error found in DokuWiki security guideline that discusses moving the conf file away from the document root in order to prevent unauthorized access. The documentation reads as follows
*************
conf Directory
1. Move the conf directory (and all its contents) out of the document root
2. Create a file named preload.php inside the inc directory and set the DOKU_CONF define to the new location of the conf directory.
For example, if the conf directory is moved to /home/yourname/conf, create the following inc/preload.php:
inc/preload.php
<?php
define('DOKU_CONF','/home/yourname/conf/');
***************
When creating a php document containing this exact code via the download snippet and adapting the path /home/yourname/conf/ to own server specifics, DokuWiki prompts an error message claiming the datadir is not writable. A follow-up check demonstrates that adequate permissions have been set on both server folders and files.
SOLUTION
Own tests proved that the problem is solved if a period sign '.' is included in the file path. This code now prompts DokuWiki to redirect onto the specified file path defined in preload.php. The code reads as follows:
*************
<?php
define('DOKU_CONF','./home/stoettner/conf/');
************
Best regards and sincere thanks for a great application
Wolfgang