Pretty URL/mediawiki: Difference between revisions

From Freephile Wiki
Browse history interactively
← Older editNewer edit →
VisualWikitext
No edit summary
No edit summary
Line 212: Line 212:
== The Ultimate Pretty URL configuration for MediaWiki on Nginx ==
== The Ultimate Pretty URL configuration for MediaWiki on Nginx ==
<syntaxhighlight lang="php" line>
<syntaxhighlight lang="php" line>


server {
server {


        # [...]
    # [...]
 
    if (-f $document_root/maintenance.html) {
            return 503;
    }
    error_page 503 @maintenance;
    location @maintenance {
            rewrite ^(.*)$ /maintenance.html break;
    }
 
    # Disallow access to hidden files and directories, except `/.well-known/`
    # https://www.mnot.net/blog/2010/04/07/well-known
    # https://tools.ietf.org/html/rfc5785
    location ~ /\.(?!well-known/) {
            return 404;
    }


        if (-f $document_root/maintenance.html) {
    location = /nginx_status {
                 return 503;
            stub_status on;
            access_log off;
            allow 127.0.0.1/32;
            allow ::1/128;
            allow 67.205.190.17;
            allow 10.10.0.11;
            allow 10.136.225.163;
            deny all;
    }
    # Favicon
    location = /favicon.ico {
            alias /w/images/6/64/Favicon.ico;
            add_header Cache-Control "public";
            expires 7d;
            access_log off;
            log_not_found off;
    }
 
# Location for the wiki's root
location /w/ {
# Do this inside of a location so it can be negated
location ~ \.php$ {
try_files $uri $uri/ =404; # Don't let php execute non-existent php files
include fastcgi.conf;
                        #Mitigate HTTPOXY attacks (https://httpoxy.org)
                        fastcgi_param HTTP_PROXY "";
fastcgi_pass 127.0.0.1:9000;
}
        # MediaWiki assets (usually images)
        location ~ ^/w/resources/(assets|lib|src) {
                 try_files $uri 404;
                add_header Cache-Control "public";
                expires 7d;
         }
         }
         error_page 503 @maintenance;
         # Assets, scripts and styles from skins and extensions
         location @maintenance {
         location ~ ^/w/(skins|extensions)/.+\.(css|js|gif|jpg|jpeg|png|svg)$ {
                rewrite ^(.*)$ /maintenance.html break;
                try_files $uri 404;
                add_header Cache-Control "public";
                expires 7d;
         }
         }
}


        # Disallow access to hidden files and directories, except `/.well-known/`
# Separate location for images/ so .php execution won't apply
        # https://www.mnot.net/blog/2010/04/07/well-known
location /w/images {
        # https://tools.ietf.org/html/rfc5785
        location ~ /\.(?!well-known/) {
location ~ ^/w/images/thumb/(archive/)?[0-9a-f]/[0-9a-f][0-9a-f]/([^/]+)/([0-9]+)px-.*$ {
                return 404;
# Thumbnail handler for MediaWiki
        }
# This location only matches on a thumbnail's url
# If the file does not exist we use @thumb to run the thumb.php script
try_files $uri $uri/ @thumb;
}
}
    # Thumbnail 404 handler, only called by try_files when a thumbnail does not exist
location @thumb {
# Do a rewrite here so that thumb.php gets the correct arguments
rewrite ^/w/images/thumb/[0-9a-f]/[0-9a-f][0-9a-f]/([^/]+)/([0-9]+)px-.*$ /w/thumb.php?f=$1&width=$2;
rewrite ^/w/images/thumb/archive/[0-9a-f]/[0-9a-f][0-9a-f]/([^/]+)/([0-9]+)px-.*$ /w/thumb.php?f=$1&width=$2&archived=1;
# Run the thumb.php script
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root/w/thumb.php;
fastcgi_pass  127.0.0.1:9000;
}
 
# Deny access to deleted images folder
location /w/images/deleted { deny all; }
# Deny access to folders MediaWiki has a .htaccess deny in
location /w/cache      { deny all; }
location /w/languages  { deny all; }
location /w/maintenance { deny all; }
location /w/serialized  { deny all; }


        location = /nginx_status {
    # Deny access to the installer
                stub_status on;
location /w/mw-config { deny all; }
                access_log off;
                allow 127.0.0.1/32;
                allow ::1/128;
                allow 67.205.190.17;
                allow 10.10.0.11;
                allow 10.136.225.163;
                deny all;
        }


    # Handling for the article path
location /wiki {
include /etc/nginx/fastcgi_params;
# article path should always be passed to index.php
fastcgi_param SCRIPT_FILENAME $document_root/w/index.php;
fastcgi_pass  127.0.0.1:9000;
}


</syntaxhighlight>
</syntaxhighlight>

Revision as of 17:19, 14 November 2019

The purpose of this page is to merge two different configurations for Pretty URLs for MediaWiki on Nginx into the ultimate configuration. The first is my current configuration which is a combination of what comes from DebOps, and the code found on MediaWiki.org. The second is the suggested configuration from shorturls.redwerks.com


My Nginx Conf[edit]

server {

        # [...]

        if (-f $document_root/maintenance.html) {
                return 503;
        }
        error_page 503 @maintenance;
        location @maintenance {
                rewrite ^(.*)$ /maintenance.html break;
        }

        # Disallow access to hidden files and directories, except `/.well-known/`
        # https://www.mnot.net/blog/2010/04/07/well-known
        # https://tools.ietf.org/html/rfc5785
        location ~ /\.(?!well-known/) {
                return 404;
        }

        #location = /favicon.ico {
        #        try_files /favicon.ico =204;
        #        access_log off;
        #        log_not_found off;
        #}

        location = /nginx_status {
                stub_status on;
                access_log off;
                allow 127.0.0.1/32;
                allow ::1/128;
                allow 67.205.190.17;
                allow 10.10.0.11;
                allow 10.136.225.163;
                deny all;
        }

        location ~ ^(?!.+\.php/)(?<script_name>.+\.php)$ {
                try_files $script_name =404;

                include fastcgi.conf;

                # Mitigate HTTPOXY attacks (https://httpoxy.org/)
                fastcgi_param HTTP_PROXY "";

                fastcgi_index index.php;
                fastcgi_pass php5_www-data;
        }

        location ~ ^(?<script_name>.+\.php)(?<path_info>/.*)$ {
                try_files $script_name =404;

                include fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$script_name;
                fastcgi_param PATH_INFO $path_info;
                #fastcgi_param PATH_TRANSLATED $document_root$path_info;

                # Mitigate HTTPOXY attacks (https://httpoxy.org/)
                fastcgi_param HTTP_PROXY "";

                fastcgi_index index.php;
                fastcgi_pass php5_www-data;
        }
        #### All the following rules added for pretty URLs
        location ~ ^/w/(index|load|api|thumb|opensearch_desc)\.php$ {
                include /etc/nginx/fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_pass 127.0.0.1:9000; # or whatever port your PHP-FPM listens on
        }
        
        # Images
        location /w/images {
                # Separate location for images/ so .php execution won't apply
        }
        location /w/images/deleted {
                # Deny access to deleted images folder
                deny all;
        }
        # MediaWiki assets (usually images)
        location ~ ^/w/resources/(assets|lib|src) {
                try_files $uri 404;
                add_header Cache-Control "public";
                expires 7d;
        }
        # Assets, scripts and styles from skins and extensions
        location ~ ^/w/(skins|extensions)/.+\.(css|js|gif|jpg|jpeg|png|svg)$ {
                try_files $uri 404;
                add_header Cache-Control "public";
                expires 7d;
        }
        # Favicon
        location = /favicon.ico {
                alias /w/images/6/64/Favicon.ico;
                add_header Cache-Control "public";
                expires 7d;
                access_log off;
                log_not_found off;
        }
        
        ## Uncomment the following code if you wish to use the installer/updater
        ## installer/updater
        #location /w/mw-config/ {
        #       # Do this inside of a location so it can be negated
        #       location ~ \.php$ {
        #               include /etc/nginx/fastcgi_params;
        #               fastcgi_param SCRIPT_FILENAME $document_root/w/mw-config/$fastcgi_script_name;
        #               fastcgi_pass 127.0.0.1:9000; # or whatever port your PHP-FPM listens on
        #       }
        #}
        
        # Handling for the article path (pretty URLs)
        location /wiki/ {
                rewrite ^/wiki(?:/(?<pagename>.*))$ /w/index.php;
        }

        # Allow robots.txt in case you have one
        location = /robots.txt {
        }
        # Explicit access to the root website, redirect to main page (adapt as needed)
        # location = / {
        #       return 301 /wiki/Main_Page;
        # }

        # # Every other entry point will be disallowed.
        # # Add specific rules for other entry points/images as needed above this
        # location / {
        #       return 404;
        # }
        #### All the above rules added for pretty URLs
        client_max_body_size 500m;
}

RedWerks Short URL[edit]

from https://shorturls.redwerks.org/?url=https%3A%2F%2Fwww.slicer.org%2Fwiki%2F 


server {
	# [...]

	# Location for the wiki's root
	location /w/ {
		# Do this inside of a location so it can be negated
		location ~ \.php$ {
			try_files $uri $uri/ =404; # Don't let php execute non-existent php files
			include /etc/nginx/fastcgi_params;
			fastcgi_pass 127.0.0.1:9000;
		}
	}
	
	location /w/images {
		# Separate location for images/ so .php execution won't apply
		
		location ~ ^/w/images/thumb/(archive/)?[0-9a-f]/[0-9a-f][0-9a-f]/([^/]+)/([0-9]+)px-.*$ {
			# Thumbnail handler for MediaWiki
			# This location only matches on a thumbnail's url
			# If the file does not exist we use @thumb to run the thumb.php script
			try_files $uri $uri/ @thumb;
		}
	}
	location /w/images/deleted {
		# Deny access to deleted images folder
		deny	all;
	}
	
	# Deny access to folders MediaWiki has a .htaccess deny in
	location /w/cache       { deny all; }
	location /w/languages   { deny all; }
	location /w/maintenance { deny all; }
	location /w/serialized  { deny all; }
	
	# Just in case, hide .svn and .git too
	location ~ /.(svn|git)(/|$) { deny all; }
	
	# Hide any .htaccess files
	location ~ /.ht { deny all; }
	
	# Uncomment the following code if you wish to hide the installer/updater
	## Deny access to the installer
	#location /w/mw-config { deny all; }
	
	# Handling for the article path
	location /wiki {
		include /etc/nginx/fastcgi_params;
		# article path should always be passed to index.php
		fastcgi_param SCRIPT_FILENAME	$document_root/w/index.php;
		fastcgi_pass  127.0.0.1:9000;
	}
	
	# Thumbnail 404 handler, only called by try_files when a thumbnail does not exist
	location @thumb {
		# Do a rewrite here so that thumb.php gets the correct arguments
		rewrite ^/w/images/thumb/[0-9a-f]/[0-9a-f][0-9a-f]/([^/]+)/([0-9]+)px-.*$ /w/thumb.php?f=$1&width=$2;
		rewrite ^/w/images/thumb/archive/[0-9a-f]/[0-9a-f][0-9a-f]/([^/]+)/([0-9]+)px-.*$ /w/thumb.php?f=$1&width=$2&archived=1;
		
		# Run the thumb.php script
		include /etc/nginx/fastcgi_params;
		fastcgi_param SCRIPT_FILENAME	$document_root/w/thumb.php;
		fastcgi_pass  127.0.0.1:9000;
	}
	
	# [...]
}

The Ultimate Pretty URL configuration for MediaWiki on Nginx[edit]

server {

    # [...]

    if (-f $document_root/maintenance.html) {
            return 503;
    }
    error_page 503 @maintenance;
    location @maintenance {
            rewrite ^(.*)$ /maintenance.html break;
    }

    # Disallow access to hidden files and directories, except `/.well-known/`
    # https://www.mnot.net/blog/2010/04/07/well-known
    # https://tools.ietf.org/html/rfc5785
    location ~ /\.(?!well-known/) {
            return 404;
    }

    location = /nginx_status {
            stub_status on;
            access_log off;
            allow 127.0.0.1/32;
            allow ::1/128;
            allow 67.205.190.17;
            allow 10.10.0.11;
            allow 10.136.225.163;
            deny all;
    }
    # Favicon
    location = /favicon.ico {
            alias /w/images/6/64/Favicon.ico;
            add_header Cache-Control "public";
            expires 7d;
            access_log off;
            log_not_found off;
    }

	# Location for the wiki's root
	location /w/ {
		# Do this inside of a location so it can be negated
		location ~ \.php$ {
			try_files $uri $uri/ =404; # Don't let php execute non-existent php files
			include fastcgi.conf;
                        #Mitigate HTTPOXY attacks (https://httpoxy.org)
                        fastcgi_param HTTP_PROXY "";
			fastcgi_pass 127.0.0.1:9000;
		}
        # MediaWiki assets (usually images)
        location ~ ^/w/resources/(assets|lib|src) {
                try_files $uri 404;
                add_header Cache-Control "public";
                expires 7d;
        }
        # Assets, scripts and styles from skins and extensions
        location ~ ^/w/(skins|extensions)/.+\.(css|js|gif|jpg|jpeg|png|svg)$ {
                try_files $uri 404;
                add_header Cache-Control "public";
                expires 7d;
        }
	}

	# Separate location for images/ so .php execution won't apply
	location /w/images {
		
		location ~ ^/w/images/thumb/(archive/)?[0-9a-f]/[0-9a-f][0-9a-f]/([^/]+)/([0-9]+)px-.*$ {
			# Thumbnail handler for MediaWiki
			# This location only matches on a thumbnail's url
			# If the file does not exist we use @thumb to run the thumb.php script
			try_files $uri $uri/ @thumb;
		}
	}
    # Thumbnail 404 handler, only called by try_files when a thumbnail does not exist
	location @thumb {
		# Do a rewrite here so that thumb.php gets the correct arguments
		rewrite ^/w/images/thumb/[0-9a-f]/[0-9a-f][0-9a-f]/([^/]+)/([0-9]+)px-.*$ /w/thumb.php?f=$1&width=$2;
		rewrite ^/w/images/thumb/archive/[0-9a-f]/[0-9a-f][0-9a-f]/([^/]+)/([0-9]+)px-.*$ /w/thumb.php?f=$1&width=$2&archived=1;
		
		# Run the thumb.php script
		include /etc/nginx/fastcgi_params;
		fastcgi_param SCRIPT_FILENAME	$document_root/w/thumb.php;
		fastcgi_pass  127.0.0.1:9000;
	}

	# Deny access to deleted images folder
	location /w/images/deleted { deny	all; }
	
	# Deny access to folders MediaWiki has a .htaccess deny in
	location /w/cache       { deny all; }
	location /w/languages   { deny all; }
	location /w/maintenance { deny all; }
	location /w/serialized  { deny all; }

    # Deny access to the installer
	location /w/mw-config { deny all; }

    # Handling for the article path
	location /wiki {
		include /etc/nginx/fastcgi_params;
		# article path should always be passed to index.php
		fastcgi_param SCRIPT_FILENAME	$document_root/w/index.php;
		fastcgi_pass  127.0.0.1:9000;
	}

Uniform Resource Locator = an address of a web page or other component, including the protocol.

HyperText Transfer Protocol = the foundation of data communication for the World Wide Web. See HTML

PHP is the HyperText Preprocessor = the most popular programming language for the web

Uniform Resource Locator = an address of a web page or other component, including the protocol.

Retrieved from "https://wiki.freephile.org/wiki/index.php?title=Pretty_URL/mediawiki&oldid=9478"
Powered by QualityBox
Powered by Semantic MediaWiki