Wiki's are an incredibly flexible and convenient way of disseminating data, however, they are not without their problems. Some can be difficult to install, manage, backup, rebuild or even use. Security is also a major issue of concern.
This document makes no attempt to recommend a particular wiki, neither does it attempt to stop you using one (that would be pointless), However, what it does attempt to do is to offer some help in setting up one particular wiki and to warn you of the dangers of using them and what could go wrong (for you and the Department) should you ignore those warnings.
Now, please read on.
Security implications of wikis
Fundamentally, in configuring a wiki you are setting up a system that allows other individuals to install files, add, delete or modify web pages and any of many other things directly into your home directory or other filestores. A wiki should be secured against unauthorised log in.
POLICY 1: If you install an unsecured (open access) wiki into your home directory (or other web-enabled filestore) we reserve the right to delete it. End of discussion. Do not violate this rule.
Wikis can provide many ways of ensuring only authorised users can write to the filestore. We don't mind if you allow individuals from outside the Department to access your wiki. That's up to you. Obviously, we have a preference for only Departmental staff and students having access, but in this new brave world of large collaborative projects, this isn't always viable. However, if you set up a wiki, it is your responsibility to police it. If you don't and something nasty happens as a result, POLICY 1 will come into force and we'll remove the offending wiki. Remember, our responsibility is to the Department as a whole and if your wiki puts the Departmental IT systems in jeopardy, then our responsibility is completely clear and well-defined.
ADVICE: Even when you have configured your wiki to allow named individuals access upon typing in a password, there is the issue of safe transportation of that password across the internet. Passwords can be snooped over an unencrypted connection. If you wish to enable SSL on your wiki, we can help with this, please ask us.
Intellectual Property and Illegal files
If someone has put onto your wiki a file that they should not have (be aware that once something is on an internet-facing wiki, it is out there in the wild and anyone can see it), we are under obligation to remove it.
Such items are:
- Copyrighted material belonging to another organisation (software, films, music, data belonging to someone else, anything that might fall foul the DPA (Data Protection Act), FAST (Federation Against Software Theft) or FACT (Federation Against Copyright Theft) amongst many others).
- Data pertaining to individuals that is of a private or confidential nature.
- Anything that could bring the University into disrepute.
POLICY 2: If, because if your wiki, we get a "cease and desist" order from a company or organisation we will be under legal obligation to react instantly. We will not ask permission, we'll simply wipe it out.
If your wiki is not going to be a huge affair, then we would recommend that you do not install one at all, but instead, look at the latest offering from OUCS. Weblearn-beta is the new version of Weblearn, based on the Sakai software and comes with it's own powerful embedded wiki.
ADVICE: If your wiki needs are modest, we strongly recommend that instead of managing your own wiki, you go to:
https://beta.weblearn.ox.ac.uk and try it out.
Formally supported wiki in the Department
This wiki is internal to the department and will never be made public. It is strongly SSL-encrypted and all Departmental users automatically have an account on the wiki and can use it. Changes cannot be made to this wiki without logging in.
What to bear in mind if you wish to run your own Wiki:
- You are on your own!
If you break it, you solve it. We will not help you. The exception to this is if you wish to use SSL. We can help with that, but any configuration changes to your wiki are your responsibility, not ours.
- Running a wiki from pub_html and quota issues
If you run a wiki from ~username/pub_html you could go over-quota. We class this as "data usage" not home file space usage and reserve the right to deny you an increase in quota. If you (or a user you have authorised to use your wiki) start dumping massive files into your wiki (under your home directory), we will refuse to back them up. This constitutes inappropriate use of the home filestore.
- Running a wiki from the portal webservice.
If you need a wiki with more space than available to your home directory quota, we have a service we can offer. http://portal.stats.ox.ac.uk/userdata is an area with a large RAID6 disk array (1TB file store - unquota'd). Upon request, we can create a directory for you here. The only restriction to this service is that the system is under HFS backup. The limits of HFS explicitly state that the system can only backup 200GB maximum a day. If you go over this, the backups will fail and we'll have to have words with you. Remember that there are other users of the system and the 200GB limit per day applies to the whole system, so please don't assume you can change 200GB of files in a day. You may not be able to.
- Authentication- or making sure only legitimate people can update your wiki.
If you have to run a wiki, do not leave it as open access. Open access means anyone on the internet can put stuff into your wiki. We will intervene and remove your wiki if we discover you have set it up in this way. You have been warned.
- Make sure what you publish is what you are allowed to publish!
If you publish something you have no right to publish on your wiki, then the Department, the University, the police or many of several other authorities could become involved. Please be careful that you are allowed to publish what it is you are publishing. Also remember, your wiki is your responsibility. You could be called to account for postings made by other people to your wiki. Police it sensibly. We really don't want you to get in trouble.
Installing your own wiki:
[These instructions were kindly provided by Quin Wills.]
At the moment I've kept the welcome page as public access, but any deeper links need a login.
- Download the wiki plugin and manual at www.dokuwiki.org
- Unpack all the files in the provided directory: e.g.
- Make sure the unpacked files have their permissions correct for general access. Please NOTE: this does not mean 777 permissions. Those permissions are for those who wish to give universal access to everybody, everywhere at any time. Don't do this. Correct permissions require to be set by the root user and need to be done as directed below. Please contact firstname.lastname@example.org to set the correct permissions:
- chmod -R u+rw,g+rw directory
- chmod -R o-w directory
- chgrp -R apache directory
- chown -R username directory
- chmod g+s directory
Managing the users etc. is pretty simple, menu-driven, and self-explanatory on the doku-wiki website, but the basic story is:
The initial opening set-up page e.g.
http://portal.stats.ox.ac.uk/msc/install.php, is to enter your details as the administrator and to decide how open to the public the wiki should be by default. My default is to keep it public and then restrict access from within the wiki.
Clicking 'Admin' bottom right is mainly useful for:
- "User Manager": setting up the user list (also all menu driven)
- "Access Control List Management": setting up which users can access what (menu driven)
- "Configuration Settings": which I really only use to change the start page name (also all menu driven)
- "Manage Plugins": by uploading any of the thousands of plugins available on the website. My favourite is "gallery" to allow slide show viewing of lots of graphical data output. How all plugins work is detailed on the doku-wiki website.
One tip is that all graphics are stored in the "media" directory, so you can have any analysis output all of the results to a sub-directory there, which the wiki can already link too for "automatic" viewing of results.