[04:25:11] I am helping some people with a wiki and I need to know how to add an extension on Github. (it's forked from wikimedia/mediawiki). Anyone know how to do this? [04:26:37] and I don't have any access. So this has to be through a pull request. [04:30:30] Anyone have an idea? [05:02:13] I am helping some people with a wiki and I need to know how to add an extension on Github. (it's forked from wikimedia/mediawiki). Anyone know how to do this? [05:02:20] and I don't have any access. So this has to be through a pull request. [08:55:32] o/} [08:55:41] Im trying to host mediawiki on my local debian computer with nginx [08:55:48] and just confused on the serverblock part [08:56:09] in server name I put 127.0.0.1 [08:56:10] ? [09:16:47] Hello. I'm looking for a way to collapse long code blocks in wiki pages. The desired result can be seen at https://wiki.ubuntuusers.de/upstart#Systemstart (click on "vergrößern" to expand). Any clues? [09:20:39] garply: You can wrap the content in mw-collapsible class [09:20:54] !collapse [09:20:55] http://www.mediawiki.org/wiki/Manual:Collapsible_tables [09:24:27] Glaisher: Thanks. I already tried the mw-collapsible class but I would like the first lines to be shown and the code block to be scrollable, like in the example. I thought there could be an extension for that. [09:24:37] I guess I have to write one then :) [09:26:08] garply: You can make the first lines visible too [09:26:16] but I don't think you can make it scrollable [09:26:51] The page which I linked to has instructions on how to do that. [09:31:45] Glaisher: Do you mean by using mw-collapsible-content? [09:32:06] Yes [09:32:39] OK, then I would have to split the code block. [09:33:03] Glaisher: thanks [09:53:33] Glaisher: ever hosted a mediawiki on your local computer? [09:54:10] aelevadoan: dev environment [09:54:24] Glaisher: what does that mean? [09:54:29] I am helping some people with a wiki and I need to know how to add an extension on Github. (it's forked from wikimedia/mediawiki). Anyone know how to do this? [09:54:34] and I don't have any access. So this has to be through a pull request. [09:54:51] aelevadoan: for testing changes to code locally [09:55:18] Glaisher: oh ok [09:55:30] Glaisher: I tried setting it up on a debian laptop with nginx [09:55:39] Glaisher: but Im not too sure what to put in the serverblock at the end [09:55:52] I'm not too familiar with nginx myself [09:56:05] serverblock is nginx term for vhost? [09:56:09] yep [09:56:26] I will show you a pastebin [09:56:28] one sec [10:01:01] Glaisher: http://pastebin.com/qLBCTgqh [10:01:06] thats the serverblock for now [10:04:35] aelevadoan: and you can't access it? [10:04:44] nop [10:04:53] was thinking about trying with a localhost subdomain [10:08:22] aelevadoan: what do you get when you go to 127.0.0.1 on your browse? [10:08:44] browser* [10:09:02] 404 error [10:10:30] so it's actually up [10:11:00] is the docroot directory correct? [10:11:20] yep [10:20:25] aelevadoan: btw, if you don't get help here, you should ask at the nginx channel [10:20:39] I personally don't know why that's happening [10:20:49] not too familiar with nginx as I already said [10:21:03] ok, thanks [10:21:04] :) [13:17:14] hello [13:17:26] Im getting a blank screen when trying to open in localhost the mediawiki installation [13:20:42] aelevadoan: https://www.mediawiki.org/wiki/Manual:Errors_and_symptoms#You_see_a_Blank_Page [13:30:25] wmat: [13:30:26] thanks [13:46:09] "Authentication Required" - can't access mediawiki MediaWiki 1.25.1 PHP 5.5.9-1ubuntu4.11 (apache2handler) MySQL 5.5.44-0ubuntu0.14.04.1 I Just finished installing my mediawiki on my home server, I've pointed my domain name to my server ip address and edited $wgServer but the site keeps saying "Authentication Required" and I can't even view the wiki. How do I make the wiki public and get rid of "Authentication Required" ? [13:48:27] Any idea why my mediawiki keeps saying "Authentication Required"? I can't access my wiki at all. [13:48:56] take a look yourself www.qojop.org [13:50:19] qojop: I don't even get an "Authentication Required" - the website doesn't load for me at all. [13:51:08] In any case, I think that message is coming the web server, not from MediaWiki - see here: https://www.google.com/search?q=%22authentication+required%22 [15:24:32] Hi. I tried to add a cookie consent (yeah that pesky nonsense EU stuff) to one wiki i have, but so far I had no success. My question. Anybody tried to add one? Any chance that there's a extension that handles that? The one I tried is written in generic javascript https://silktide.com/tools/cookie-consent/ [15:25:26] Im trying to install mediawiki on my laptop [15:25:49] wmat: im not finding an answer in that link [15:25:57] wmat: i dont have a localsettings file yet [15:26:49] so it appears in an attempt to increase security on my wiki I managed to succeed beyond my wildest dreams, and no one can log in now. Is there any chance me upping the password encryption strength broke recognition? [15:34:19] so I put this line in LocalSettings.php: $wgPasswordConfig['pbkdf2']['length'] = 256 and now no one can log in. Is that bitlength not supported? or did I screw up something different [15:41:32] Ulfr: You may have exceeded the size of the password column [15:41:49] csteipp_afk: I only bumped it to 256, too big? [15:41:51] And the truncated hash doesn't match the calculated one.. [15:42:46] Yep! by 1 [15:42:53] Dooty. 255 is max size [15:43:19] Ulfr: You also need to store the salt there too [15:43:28] Which is 8 bytes, iirc.. [15:45:19] csteipp_afk: the person requesting this change is kinda persnickety, is it at all advisable to change the type of the password field to medium blob? [15:45:28] * Ulfr had to install TLS for this site. That's how paranoid [15:45:36] Ulfr: For better security, the length of the hash you store isn't going to increase safety too much (for the threat model of someone steals your hashes and is trying to reverse them) [15:45:50] Well, TLS should be mandatory :) [15:46:03] Yeah, changing to a mediumblob is fine [15:46:08] Shouldn't affect you at all [15:46:17] won't get changed back if I update or w/e? [15:46:44] No, only if you managed to drop the whole tabe [15:47:08] cool beans. a lot easier to acquiesce than to push back [15:47:16] The update.php script checks if the table/field exists, then runs the sql if not.. doesn't care about the definition, usually. [15:47:36] by the way, I know it's not the size that determines the actual security beyond a certain point [15:47:46] but these people are driving me up a wall [15:48:00] Yeah, number of rounds is really what determines security for pbkdf2 [15:48:02] and it's a site that mostly just hosts pictures from various company trips [15:48:20] Well, can't be too careful with those vacation pics ;) [15:50:24] For someone brute-forcing passwords, they only need to match the first block for pbkdf2, so increasing the size of the hash you store means you do more work, but an attacker doesn't have too. But yeah, if you're using pbkdf2 of any strength, brute forcing is really hard. [15:52:36] snort [15:52:42] they're super paranoid about brute forcing [15:52:59] I had to configure a 1 day ip temp ban if someone got it wrong 3 times within 2 minutes [15:53:24] how nice [15:54:00] you'd think so, up until all of morrocco got banned because one dude got impatient [15:54:01] that was a fun day [15:56:20] what script do I need to run to rebuild my password hashes? [15:57:01] in my experience, when there's some mayor leak in a site, 99% of the times is about some unpatched security issue or some 0 day [15:57:27] chances of getting some password by brute-force are very very very low [16:00:04] Ulfr: Unfortunately, the remainder of the hash is lost, so users will need to reset their passwords to login. [16:00:26] Unless you happen to know the password and can recalculate the hash.. [16:01:08] Ulfr: Did you use the password wrapping script to upgrade everyone? [16:01:56] csteipp: Negative. I modified an extension to import users out of a csv file [16:01:57] s [16:02:02] so* I can just reset them all [16:02:24] Ah, cool, that works [16:04:20] csteipp: thanks! checking database field length never ever would've occurred to me in 1000 years [16:04:50] * csteipp may have done the same thing at one point... ;) [16:06:06] anyone here uses mediawiki on debian? [16:08:27] probably [16:08:29] does ubuntu count? [16:08:38] what issue are you having exactly? [16:09:36] Krenair: blank page when I want to access via web browser to the installation setup [16:09:46] looked at your apache error logs? [16:10:23] Krenair: using nginx [16:10:31] no errors appearing there [16:10:38] neither in php5-fpm [16:11:28] <@ngxbot> A blank page returned from a php-handled url can mean SCRIPT_FILENAME is not set as it should be, or the script may have an error that is short-circuiting any output. Some scripts even disable php logging so that such errors won't show up in php error logs. | See: http://blog.martinfjordvald.com/2011/01/no-input-file-specified-with-php-and-nginx/ [16:11:37] the nginx bot is nice [16:11:44] er, #nginx