diff options
Diffstat (limited to 'public/nginx-mediawiki.html')
| -rw-r--r-- | public/nginx-mediawiki.html | 82 |
1 files changed, 82 insertions, 0 deletions
diff --git a/public/nginx-mediawiki.html b/public/nginx-mediawiki.html new file mode 100644 index 0000000..c046e14 --- /dev/null +++ b/public/nginx-mediawiki.html @@ -0,0 +1,82 @@ +<!DOCTYPE html> +<html lang="en"> +<head> + <meta charset="utf-8"> + <title>An Nginx configuration for MediaWiki — Luke T. Shumaker</title> + <link rel="stylesheet" href="assets/style.css"> + <link rel="alternate" type="application/atom+xml" href="./index.atom" name="web log entries"/> +</head> +<body> +<header><a href="/">Luke T. Shumaker</a> » <a href=/blog>blog</a> » nginx-mediawiki</header> +<article> +<h1 id="an-nginx-configuration-for-mediawiki">An Nginx configuration for +MediaWiki</h1> +<p>There are <a href="http://wiki.nginx.org/MediaWiki">several</a> <a +href="https://wiki.archlinux.org/index.php/MediaWiki#Nginx">example</a> +<a +href="https://www.mediawiki.org/wiki/Manual:Short_URL/wiki/Page_title_--_nginx_rewrite--root_access">Nginx</a> +<a +href="https://www.mediawiki.org/wiki/Manual:Short_URL/Page_title_-_nginx,_Root_Access,_PHP_as_a_CGI_module">configurations</a> +<a href="http://wiki.nginx.org/RHEL_5.4_%2B_Nginx_%2B_Mediawiki">for</a> +<a +href="http://stackoverflow.com/questions/11080666/mediawiki-on-nginx">MediaWiki</a> +floating around the web. Many of them don’t block the user from +accessing things like <code>/serialized/</code>. Many of them also <a +href="https://labs.parabola.nu/issues/725">don’t correctly handle</a> a +wiki page named <code>FAQ</code>, since that is a name of a file in the +MediaWiki root! In fact, the configuration used on the official Nginx +Wiki has both of those issues!</p> +<p>This is because most of the configurations floating around basically +try to pass all requests through, and blacklist certain requests, either +denying them, or passing them through to <code>index.php</code>.</p> +<p>It’s my view that blacklisting is inferior to whitelisting in +situations like this. So, I developed the following configuration that +instead works by whitelisting certain paths.</p> +<pre><code>root /path/to/your/mediawiki; # obviously, change this line + +index index.php; +location / { try_files /var/empty @rewrite; } +location /images/ { try_files $uri $uri/ @rewrite; } +location /skins/ { try_files $uri $uri/ @rewrite; } +location /api.php { try_files /var/empty @php; } +location /api.php5 { try_files /var/empty @php; } +location /img_auth.php { try_files /var/empty @php; } +location /img_auth.php5 { try_files /var/empty @php; } +location /index.php { try_files /var/empty @php; } +location /index.php5 { try_files /var/empty @php; } +location /load.php { try_files /var/empty @php; } +location /load.php5 { try_files /var/empty @php; } +location /opensearch_desc.php { try_files /var/empty @php; } +location /opensearch_desc.php5 { try_files /var/empty @php; } +location /profileinfo.php { try_files /var/empty @php; } +location /thumb.php { try_files /var/empty @php; } +location /thumb.php5 { try_files /var/empty @php; } +location /thumb_handler.php { try_files /var/empty @php; } +location /thumb_handler.php5 { try_files /var/empty @php; } +location /wiki.phtml { try_files /var/empty @php; } + +location @rewrite { + rewrite ^/(.*)$ /index.php?title=$1&$args; +} + +location @php { + # obviously, change this according to your PHP setup + include fastcgi.conf; + fastcgi_pass unix:/run/php-fpm/wiki.sock; +}</code></pre> +<p>We are now using this configuration on <a +href="https://wiki.parabola.nu/">ParabolaWiki</a>, but with an alias for +<code>location = /favicon.ico</code> to the correct file in the skin, +and with FastCGI caching for PHP.</p> +<p>The only thing I don’t like about this is the +<code>try_files /var/emtpy</code> bits—surely there is a better way to +have it go to one of the <code>@</code> location blocks, but I couldn’t +figure it out.</p> + +</article> +<footer> +<p>The content of this page is Copyright © 2015 <a href="mailto:lukeshu@lukeshu.com">Luke T. Shumaker</a>.</p> +<p>This page is licensed under the <a href="https://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA 4.0</a> license.</p> +</footer> +</body> +</html> |