I run two Private MediaWiki which do not allow unauthenticated users to create accounts, edit pages, or read pages. I have whitelisted a few special pages including the login page. An example configuration is displayed below.
$wgGroupPermissions['*']['createaccount'] = false; $wgGroupPermissions['*']['read'] = false; $wgGroupPermissions['*']['edit'] = false; $wgWhitelistRead = array ( "Special:Userlogin", "MediaWiki:Common.css", "MediaWiki:Common.js", "MediaWiki:Monobook.css", "MediaWiki:Monobook.js", "-" );
The problem with this is that I want to be able to monitor these private wikis in my RSS client. Therefore, I added another two lines to the configuration to allow my desktop unauthenticated access to the recent changes RSS feed on my wikis. This could be changed to make it easy to punch a hole for multiple clients. The additions are shown below.
if ($_SERVER['REMOTE_ADDR'] == "192.168.1.42") $wgWhitelistRead[] = "Special:RecentChanges";
Now I can monitor both of my private wikis from my RSS client on my desktop computer. However, all other machines will still require authentication to get to the wiki.
Hello there,
I was pleased to find this, because I’m trying to set up exactly the same thing for a wiki that I administrate. Do you know whether this method will work for users whose RSS client is Google Reader? I expect that it would be a Google IP, not their own one, querying the server.
@Deecie, unfortunately, yes, it will be a Google IP address, which means you are opening up a private wiki to anyone using Google Reader. Only a desktop RSS Reader or some sort will allow you to keep the wiki private.
I did not need this complex of a setup. However, I did consider using a reverse proxy to allow access and then either obscuring the new URL or using some sort of HTTP authentication. The MySQL Auth Module for Apache would be a good way to use the same credentials as the MediaWiki.
Another solution:
http://goran.tornqvist.ws/access-mediawiki-rss-recent-changes-on-a-private-wiki-without-authentication/