Freephile Wiki

Pretty URL/mediawiki: Difference between revisions

Browse history interactively
← Older editNewer edit →
VisualWikitext
No edit summary
No edit summary
Line 212: Line 212:
== The Ultimate Pretty URL configuration for MediaWiki on Nginx ==
== The Ultimate Pretty URL configuration for MediaWiki on Nginx ==
<syntaxhighlight lang="php" line>
<syntaxhighlight lang="php" line>


server {
server {


        # [...]
    # [...]
 
    if (-f $document_root/maintenance.html) {
            return 503;
    }
    error_page 503 @maintenance;
    location @maintenance {
            rewrite ^(.*)$ /maintenance.html break;
    }
 
    # Disallow access to hidden files and directories, except `/.well-known/`
    # https://www.mnot.net/blog/2010/04/07/well-known
    # https://tools.ietf.org/html/rfc5785
    location ~ /\.(?!well-known/) {
            return 404;
    }


        if (-f $document_root/maintenance.html) {
    location = /nginx_status {
                 return 503;
            stub_status on;
            access_log off;
            allow 127.0.0.1/32;
            allow ::1/128;
            allow 67.205.190.17;
            allow 10.10.0.11;
            allow 10.136.225.163;
            deny all;
    }
    # Favicon
    location = /favicon.ico {
            alias /w/images/6/64/Favicon.ico;
            add_header Cache-Control "public";
            expires 7d;
            access_log off;
            log_not_found off;
    }
 
# Location for the wiki's root
location /w/ {
# Do this inside of a location so it can be negated
location ~ \.php$ {
try_files $uri $uri/ =404; # Don't let php execute non-existent php files
include fastcgi.conf;
                        #Mitigate HTTPOXY attacks (https://httpoxy.org)
                        fastcgi_param HTTP_PROXY "";
fastcgi_pass 127.0.0.1:9000;
}
        # MediaWiki assets (usually images)
        location ~ ^/w/resources/(assets|lib|src) {
                 try_files $uri 404;
                add_header Cache-Control "public";
                expires 7d;
         }
         }
         error_page 503 @maintenance;
         # Assets, scripts and styles from skins and extensions
         location @maintenance {
         location ~ ^/w/(skins|extensions)/.+\.(css|js|gif|jpg|jpeg|png|svg)$ {
                rewrite ^(.*)$ /maintenance.html break;
                try_files $uri 404;
                add_header Cache-Control "public";
                expires 7d;
         }
         }
}


        # Disallow access to hidden files and directories, except `/.well-known/`
# Separate location for images/ so .php execution won't apply
        # https://www.mnot.net/blog/2010/04/07/well-known
location /w/images {
        # https://tools.ietf.org/html/rfc5785
        location ~ /\.(?!well-known/) {
location ~ ^/w/images/thumb/(archive/)?[0-9a-f]/[0-9a-f][0-9a-f]/([^/]+)/([0-9]+)px-.*$ {
                return 404;
# Thumbnail handler for MediaWiki
        }
# This location only matches on a thumbnail's url
# If the file does not exist we use @thumb to run the thumb.php script
try_files $uri $uri/ @thumb;
}
}
    # Thumbnail 404 handler, only called by try_files when a thumbnail does not exist
location @thumb {
# Do a rewrite here so that thumb.php gets the correct arguments
rewrite ^/w/images/thumb/[0-9a-f]/[0-9a-f][0-9a-f]/([^/]+)/([0-9]+)px-.*$ /w/thumb.php?f=$1&width=$2;
rewrite ^/w/images/thumb/archive/[0-9a-f]/[0-9a-f][0-9a-f]/([^/]+)/([0-9]+)px-.*$ /w/thumb.php?f=$1&width=$2&archived=1;
# Run the thumb.php script
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root/w/thumb.php;
fastcgi_pass  127.0.0.1:9000;
}
 
# Deny access to deleted images folder
location /w/images/deleted { deny all; }
# Deny access to folders MediaWiki has a .htaccess deny in
location /w/cache      { deny all; }
location /w/languages  { deny all; }
location /w/maintenance { deny all; }
location /w/serialized  { deny all; }


        location = /nginx_status {
    # Deny access to the installer
                stub_status on;
location /w/mw-config { deny all; }
                access_log off;
                allow 127.0.0.1/32;
                allow ::1/128;
                allow 67.205.190.17;
                allow 10.10.0.11;
                allow 10.136.225.163;
                deny all;
        }


    # Handling for the article path
location /wiki {
include /etc/nginx/fastcgi_params;
# article path should always be passed to index.php
fastcgi_param SCRIPT_FILENAME $document_root/w/index.php;
fastcgi_pass  127.0.0.1:9000;
}


</syntaxhighlight>
</syntaxhighlight>
Retrieved from "https://wiki.freephile.org/wiki/Pretty_URL/mediawiki"