Tuesday, March 27, 2007

Okay, I'm posting the following as a work in progress, just to get it out there. Please let me know if you see anything obviously wrong. Also, (4) is just notes as to what else I'm going to put on here in the future, not part of the step-by-step. So at your own risk (and completely void of security)...

Installing MediaWiki on Windows Server 2003 (WIMP -- *Windows*IIS*MySQL*PHP*)

You need:
Windows Server 2003 (this includes IIS 6) -- I did this on version R2 SP2
MySQL 4.1.22 -- Next time I'll try using version 5, it's a windows 32-bit version of the zip
PHP 5.2.1 -- Or whatever is new, get the .msi file though
MedaiWiki 1.9.3 -- Again whatever is new, it's a .tar.gz file so you'll need something to extract it, like
7-Zip 4.42 -- Or whatever is new, for 32-bit it's an .exe

Note: Please don't download Beta versions when you're using dependent software like the above stack.
Note: MySQL Administrator is a dream for anyone who has love for the GUI.
Note: EditPlus is useful for looking at all that PHP and not going cross-eyed **SHAREWARE**.
Note: The following instructions assume that you've already installed Windows 2003 server on your system, though there's no reason you can't do this on a different version of Windows, say 2000, NT4 or XP which all have some flavor of IIS.
Note: Do installations of products as and administrator on the box.

1. Install IIS
-Start -> Control Panel -> Add or Remove Programs
-Click on "Add/Remove Windows Components"
-Select "Application Server" (Don't check th box) and click "Details"
-Check to box next to "Internet Information Services (IIS)"
-Click "OK" a few times to let it install (you'll need your Windows 2k3 Install Source - like a CD)

2. Install PHP
-Download the installer from the link above
-Run the installer
-Default install location is good
-On the "Web Server Setup" screen, choose "IIS ISAPI Module"
-On the "Choose Items to Install" screen, expand "Extensions", scroll down to "MySQL", click on it and select "Will be installed on local hard drive", do the same with "GD2"


More things to do (I'll write these up as I have the time):
-Secure IIS with a SSL certificate
-Problem with HTTPS/Cookie/Session Data (hijacking)
Remove session hijacking protection test in /include/user.php
function matchEditToken( $val, $salt = '' ) {
return true;
-Restrict web access based on user authentication or IP (or both)
-Back up your configurations, files and databases
-Create your own theme (with gotchas)

No comments: