MediaWiki Configuration 101

Why a solid configuration matters

MediaWiki ships with a huge set of defaults in DefaultSettings.php. Changing the right few variables in LocalSettings.php tailors the wiki to your domain, improves performance, and hardens security. The checklist below follows the official Configuration settings manual and the practical DigitalOcean guide.

Core site identity

$wgSitename   = "My Company Wiki";               // shown in the header
$wgMetaNamespace = "My_Company_Wiki";              // internal namespace, no spaces
$wgLogo       = "$wgResourceBasePath/resources/assets/logo.svg"; // custom logo
$wgFavicon    = "$wgResourceBasePath/resources/assets/favicon.ico"; // fav icon
$wgLanguageCode = "en";                           // UI language
$wgServer     = "https://wiki.mycompany.com";    // base URL for feeds, email, etc.
$wgArticlePath = "/wiki/$1";                     // enable short URLs (requires web‑server rewrite)

These settings replace the placeholders created during the web‑based installer and are the first things most admins edit.

Database connection (MySQL/MariaDB example)

$wgDBtype       = "mysql";
$wgDBserver     = "db01.mycompany.com";   // host or IP
$wgDBname       = "mywiki";               // database name
$wgDBuser       = "wikiuser";             // read/write user
$wgDBpassword   = "REPLACE_WITH_STRONG_PASSWORD";
$wgDBprefix     = "";                     // optional table prefix
$wgDBtableOptions = "ENGINE=InnoDB, DEFAULT CHARSET=utf8mb4";

Do not edit DefaultSettings.php; keep all DB data in LocalSettings.php to survive upgrades.

File uploads & media handling

Enable uploads, pick an image library, and whitelist extensions you actually need.

$wgEnableUploads = true;                       // turn on the upload UI
$wgUseImageMagick = true;                     // ImageMagick is preferred for thumbnails
$wgImageMagickConvertCommand = "/usr/bin/convert";
$wgFileExtensions = [
    "png", "gif", "jpg", "jpeg",
    "pdf", "svg", "docx", "xlsx"
];
$wgMaxUploadSize = 1024*1024*100; // 100  per file

For security, also enable virus scanning (e.g. ClamAV) via $wgAntivirus – see the manual for the exact array syntax.

Cache configuration (Memcached example)

Cache dramatically reduces database load for read‑heavy wikis.

$wgMainCacheType = CACHE_MEMCACHED;
$wgMemCachedServers = [ "10.0.0.10:11211", "10.0.0.11:11211" ];
$wgCachePages = true;            // client‑side page cache for anonymous users
$wgCacheEpoch = time();          // bust the cache after a big change

Remember to install the php‑memcached extension on the web server.

Security hardening basics

• $wgSecretKey – a long random string; never share it.
• $wgForceHTTPS = true – redirect HTTP to HTTPS.
• $wgCookieSecure = true and $wgCookieHttpOnly = true – protect login cookies.
• $wgGroupPermissions['*']['edit'] = false – lock down anonymous editing, then grant edit to trusted groups.
• Enable ConfirmEdit or reCAPTCHA to fight spam.

Enabling extensions the “right” way

All extensions live under extensions/. After cloning or downloading the extension, add a single line to LocalSettings.php:

wfLoadExtension( 'VisualEditor' );   // example – adds a WYSIWYG editor
wfLoadExtension( 'ParserFunctions' ); // handy conditional logic

For extensions with Composer dependencies, create composer.local.json as described in the manual and run composer update --no-dev from the MediaWiki root.

Typical post‑install tasks

1. Run php maintenance/update.php after any config change that adds tables.
2. Visit Special:Version to verify PHP extensions, cache type, and loaded extensions.
3. Set up Special:Preferences defaults (e.g. enable the toolbar for all users) using $wgDefaultUserOptions.

Configure email (SMTP) if you need password resets or change notifications:

$wgSMTP = [
    'host' => 'mail.mycompany.com',
    'IDHost' => 'mycompany.com',
    'port' => 587,
    'auth' => true,
    'username' => 'wiki@mycompany.com',
    'password' => 'REPLACE_WITH_SMTP_PASSWORD',
];

Quick sanity‑check script

Paste this into a temporary maintenance/checkConfig.php and run it to spot the most common pitfalls:

#!/usr/bin/env php
<?php
require __DIR__ . '/../includes/Setup.php';

$required = [
    'wgSitename', 'wgServer', 'wgSecretKey',
    'wgDBtype', 'wgDBserver', 'wgDBname',
    'wgEnableUploads', 'wgUseImageMagick'
];
foreach ( $required as $var ) {
    if ( empty( $GLOBALS[$var] ) ) {
        echo "⚠️  $var is not set!\n";
    }
}

echo "✅  Configuration sanity check complete.\n";
?>

Run with php maintenance/checkConfig.php. Any warning means you should revisit the matching setting above.

Where to go next?

• Read the full list of Configuration settings for advanced tuning.
• Explore ParserFunctions and Semantic MediaWiki if you need structured data.
• Set up a CDN or reverse‑proxy (Varnish, Cloudflare) for large public wikis – see the $wgCdnServers section.

With these basics in place, your MediaWiki will be recognizable, fast, and secure – a solid foundation for any knowledge‑sharing project.