How to lock-down MediaWiki

From NixTheWorld

Quoted directly from the page here (used properly but without direct consent):

Lock Down (Poor Solution)

You can disallow editing by anonymous users. Force users to create an account with a username, and sign-in every time prior to editing. More extreme (better spam protection) is to create a "gated community" in which new users (and spammers) cannot create a new account. They have to request one from you.

People often naively suggest lock-down as best solution to wiki spam. It does reduce spam, but it is a poor solution and a Lazy Solution), because you are introducing something which massively inconveniences real users. Having to choose a username and password is a big turn off for many people. The wiki way is to be freely and openly editable. This "soft security" approach is one of the key strengths of the wiki concept. Are you going to let the spammers spoil that?

...if so, you can easily lock down your MediaWiki installation as follows:

Add the following to your LocalSettings.php

# Force people to register before they are allowed to edit
$wgGroupPermissions['*']['edit'] = false; 
$wgShowIPinHeader = false;

Note that this only reduces spam. In fact these days MediaWiki installations are routinely targetted by more advanced spam bots, which can perform automated registrations, and so this setting will mean you end up with a lot of bogus user accounts (where the name is just a set of random letters) in the database. You should combine this with the use of Captcha extension (above), which can keep bots out.

To take the lock down idea to extremes, MediaWiki allows you to create a "gated community" where new users can't even register without asking you to set up an account for them. To do this, add the following to your LocalSettings.php:

#Disallow creating accounts
$wgGroupPermissions['*']['createaccount'] = false;