Just installed DokuWiki today, and it looks very promising for what we need. I just completed all the steps on the
security page, including moving all of the pre-installed subdirectories out of the www folder, and that leaves me with just a few, (hopefully) simple questions on directory and file permissions:
1. Is there any reason I can't set fmode and dmode to dissallow read/write/execute access to anyone other than owner? If all the files are "owned" and manipulated only by the PHP process, it seems like there's no reason to give access to anyone else.
2. Is there any reason I can't do the same thing with the pre-installed directories (give only the owner read/write/execute permission)?
3. Since I've moved all the directories out of the www directory, does any of this even matter? Wasn't the whole point of moving them to prevent unauthorized access (other than through the DokuWiki program itself)?
Thanks in advance!