Security Guide

This guide lists the essential steps to securely deploy a public Moin2 wiki instance. It helps wiki admins and server admins review the security of their Moin2 installation.

Ensure these settings are in place before exposing your wiki to the internet.

Use Encrypted Transport (HTTPS)

  • Serve the wiki only via HTTPS

  • Redirect all HTTP traffic to HTTPS

  • Use a valid TLS certificate

See: Transmission security

Configure Secure Authentication

  • Ensure authentication is only used over HTTPS

  • Avoid insecure authentication mechanisms

See: Authentication

Enable Authorization (ACLs)

  • Configure Access Control Lists (ACLs)

  • Use a deny-by-default strategy

  • Restrict editing to authenticated users where possible

Typical baseline:

  • Anonymous users: read-only

  • Authenticated users: limited write access

  • Admin group: full access

See: Authorization

Use Groups for Permissions

  • Define groups for admins and editors

  • Assign permissions to groups instead of individual users

See: Groups

Configure Cryptographic Secrets

  • Set a strong, random SECRET_KEY

  • Do not reuse secrets across environments

  • Keep secrets out of version control

See: Framework Configuration

Enforce Strong Password Policies

  • Enable password strength checking

  • Require sufficient length and complexity

See: Password strength

Use Secure Password Storage

  • Ensure password hashing is properly configured

  • MoinMoin uses modern hashing (Argon2id) by default

See: Password storage

Configure Content Security Policy (CSP)

  • Enable CSP headers

  • Start with report-only mode, then enforce

See: Content security policy (CSP)

Use a Production-Ready Web Server

  • Do not use the built-in development server

  • Deploy using a WSGI server (e.g. gunicorn, uWSGI)

  • Place behind a reverse proxy (e.g. nginx, Apache)

  • Disable debug mode

See: Servers

Keep the System Updated

  • Regularly update MoinMoin and dependencies

  • Apply security fixes promptly

See: Installation

Verify Software Integrity

  • Verify downloads using GPG signatures when available

See: Verifying signed releases

Perform Regular Backups

  • Backup data before upgrades or major configuration changes

See: Backup and Restore

Enable Logging and Monitoring

  • Configure logging

  • Monitor authentication attempts and errors

See: Logging Configuration

Handle Migration Securely

  • Remove unsupported password hashes

  • Force password resets if needed

See: Upgrading

Validate Host Headers (TRUSTED_HOSTS)

  • Configure TRUSTED_HOSTS in wikiconfig.py

  • Allow only known domain names

  • Enforce validation at proxy or WSGI level

See: Framework Configuration

Further Considerations

  • Fine-tune CSP policies

  • Use a reverse proxy (nginx or Apache) with HTTPS

  • Apply rate limiting and firewall rules where appropriate

  • Monitor logs regularly and review user permissions

  • Test backups and recovery procedures

  • Keep the operating system and dependencies updated

  • Use a dedicated user account for running the wiki

  • Run the wiki with the least privileges required

  • Ensure configuration files are not writable by the web server user