summaryrefslogtreecommitdiff
path: root/public/nginx-mediawiki.html
diff options
context:
space:
mode:
Diffstat (limited to 'public/nginx-mediawiki.html')
-rw-r--r--public/nginx-mediawiki.html82
1 files changed, 82 insertions, 0 deletions
diff --git a/public/nginx-mediawiki.html b/public/nginx-mediawiki.html
new file mode 100644
index 0000000..c046e14
--- /dev/null
+++ b/public/nginx-mediawiki.html
@@ -0,0 +1,82 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+ <meta charset="utf-8">
+ <title>An Nginx configuration for MediaWiki — Luke T. Shumaker</title>
+ <link rel="stylesheet" href="assets/style.css">
+ <link rel="alternate" type="application/atom+xml" href="./index.atom" name="web log entries"/>
+</head>
+<body>
+<header><a href="/">Luke T. Shumaker</a> » <a href=/blog>blog</a> » nginx-mediawiki</header>
+<article>
+<h1 id="an-nginx-configuration-for-mediawiki">An Nginx configuration for
+MediaWiki</h1>
+<p>There are <a href="http://wiki.nginx.org/MediaWiki">several</a> <a
+href="https://wiki.archlinux.org/index.php/MediaWiki#Nginx">example</a>
+<a
+href="https://www.mediawiki.org/wiki/Manual:Short_URL/wiki/Page_title_--_nginx_rewrite--root_access">Nginx</a>
+<a
+href="https://www.mediawiki.org/wiki/Manual:Short_URL/Page_title_-_nginx,_Root_Access,_PHP_as_a_CGI_module">configurations</a>
+<a href="http://wiki.nginx.org/RHEL_5.4_%2B_Nginx_%2B_Mediawiki">for</a>
+<a
+href="http://stackoverflow.com/questions/11080666/mediawiki-on-nginx">MediaWiki</a>
+floating around the web. Many of them don’t block the user from
+accessing things like <code>/serialized/</code>. Many of them also <a
+href="https://labs.parabola.nu/issues/725">don’t correctly handle</a> a
+wiki page named <code>FAQ</code>, since that is a name of a file in the
+MediaWiki root! In fact, the configuration used on the official Nginx
+Wiki has both of those issues!</p>
+<p>This is because most of the configurations floating around basically
+try to pass all requests through, and blacklist certain requests, either
+denying them, or passing them through to <code>index.php</code>.</p>
+<p>It’s my view that blacklisting is inferior to whitelisting in
+situations like this. So, I developed the following configuration that
+instead works by whitelisting certain paths.</p>
+<pre><code>root /path/to/your/mediawiki; # obviously, change this line
+
+index index.php;
+location / { try_files /var/empty @rewrite; }
+location /images/ { try_files $uri $uri/ @rewrite; }
+location /skins/ { try_files $uri $uri/ @rewrite; }
+location /api.php { try_files /var/empty @php; }
+location /api.php5 { try_files /var/empty @php; }
+location /img_auth.php { try_files /var/empty @php; }
+location /img_auth.php5 { try_files /var/empty @php; }
+location /index.php { try_files /var/empty @php; }
+location /index.php5 { try_files /var/empty @php; }
+location /load.php { try_files /var/empty @php; }
+location /load.php5 { try_files /var/empty @php; }
+location /opensearch_desc.php { try_files /var/empty @php; }
+location /opensearch_desc.php5 { try_files /var/empty @php; }
+location /profileinfo.php { try_files /var/empty @php; }
+location /thumb.php { try_files /var/empty @php; }
+location /thumb.php5 { try_files /var/empty @php; }
+location /thumb_handler.php { try_files /var/empty @php; }
+location /thumb_handler.php5 { try_files /var/empty @php; }
+location /wiki.phtml { try_files /var/empty @php; }
+
+location @rewrite {
+ rewrite ^/(.*)$ /index.php?title=$1&amp;$args;
+}
+
+location @php {
+ # obviously, change this according to your PHP setup
+ include fastcgi.conf;
+ fastcgi_pass unix:/run/php-fpm/wiki.sock;
+}</code></pre>
+<p>We are now using this configuration on <a
+href="https://wiki.parabola.nu/">ParabolaWiki</a>, but with an alias for
+<code>location = /favicon.ico</code> to the correct file in the skin,
+and with FastCGI caching for PHP.</p>
+<p>The only thing I don’t like about this is the
+<code>try_files /var/emtpy</code> bits—surely there is a better way to
+have it go to one of the <code>@</code> location blocks, but I couldn’t
+figure it out.</p>
+
+</article>
+<footer>
+<p>The content of this page is Copyright © 2015 <a href="mailto:lukeshu@lukeshu.com">Luke T. Shumaker</a>.</p>
+<p>This page is licensed under the <a href="https://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA 4.0</a> license.</p>
+</footer>
+</body>
+</html>