I installed MediaWiki today on my Pioneer FreedomBox and the install itself was succesful. However, I could not login to MediaWiki. Every login attempt from Firefox (on Ubuntu 18.04) and Safari gave an error message saying (roughly) “login canceled to prevent session hijacking”.
After trying a reinstallation which didn’t help I found the following thread where the same error message was discussed (but here not for the login but when using the password reset button)
One of the solutions mentioned there is to include the following to LocalSettings.php:
(a) $wgMainCacheType = CACHE_ACCEL;
(b) $wgSessionCacheType = CACHE_DB;
While (a) was already included in LocalSettings.php of the FreedomBox MediaWiki installation, (b) was not. After adding (b) now the login works.
Is this a bug? Should I file an issue?
Are there any unwanted consequences (e.g. regarding Security) when adding $wgSessionCacheType = CACHE_DB?