Can the
password be encrypted, or is there some other security
measure I
should take?
Create a new mysql-user for the Mediawiki only or pu tthe
LocalSettings-php
in a path not accessible for the apache and make sure it's included
via php.
Advantage is that it's secure against a failure of php but honestly,
that happens
so seldom that it's not worth the work.
The more fundamental issue, of course, is that if security is a major
concern, you'd not be running a Wiki in the first place.
BTW, I've been prototyping a departmental Wiki for the Intranet at work,
and it's working quite well: I'm using IIS and Integrated Windows
authentication to control the basic "can you access the site or not"
process. In an intranet environment with everyone using IE, this is
transparent to the user, so they only see the Wiki user login - as long
as they're permitted to use it.
Andy