Template for mediawiki
This commit is contained in:
Erik Gustafson
90
mediawiki/nginx_site/mediawiki.conf
Normal file
90
mediawiki/nginx_site/mediawiki.conf
Normal file
@ -0,0 +1,90 @@
|
||||
server {
|
||||
listen ${WEBSITE.PORT};
|
||||
root /usr/local/www/${WEBSITE.NAME};
|
||||
index index.php;
|
||||
|
||||
# Location for wiki's entry points
|
||||
location ~ ^/(index|load|api|thumb|opensearch_desc|rest|img_auth)\.php$ {
|
||||
# Mitigate https://httpoxy.org/ vulnerabilities
|
||||
fastcgi_param HTTP_PROXY "";
|
||||
fastcgi_pass 127.0.0.1:9000;
|
||||
fastcgi_index index.php;
|
||||
# include the fastcgi_param setting
|
||||
include fastcgi_params;
|
||||
# SCRIPT_FILENAME parameter is used for PHP FPM determining
|
||||
# the script name. If it is not set in fastcgi_params file,
|
||||
# i.e. /etc/nginx/fastcgi_params or in the parent contexts,
|
||||
# please comment off following line:
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
}
|
||||
|
||||
# Images
|
||||
location /images {
|
||||
# Separate location for images/ so .php execution won't apply
|
||||
}
|
||||
location /images/deleted {
|
||||
# Deny access to deleted images folder
|
||||
deny all;
|
||||
}
|
||||
# MediaWiki assets (usually images)
|
||||
location ~ ^/resources/(assets|lib|src) {
|
||||
try_files $uri 404;
|
||||
add_header Cache-Control "public";
|
||||
expires 7d;
|
||||
}
|
||||
# Assets, scripts and styles from skins and extensions
|
||||
location ~ ^/(skins|extensions)/.+\.(css|js|gif|jpg|jpeg|png|svg|wasm)$ {
|
||||
try_files $uri 404;
|
||||
add_header Cache-Control "public";
|
||||
expires 7d;
|
||||
}
|
||||
# Favicon
|
||||
location = /favicon.ico {
|
||||
alias /images/6/64/Favicon.ico;
|
||||
add_header Cache-Control "public";
|
||||
expires 7d;
|
||||
}
|
||||
|
||||
# License and credits files
|
||||
location ~ ^/(COPYING|CREDITS)$ {
|
||||
default_type text/plain;
|
||||
}
|
||||
|
||||
## Uncomment the following code if you wish to use the installer/updater
|
||||
## installer/updater
|
||||
location /mw-config/ {
|
||||
# Do this inside of a location so it can be negated
|
||||
location ~ \.php$ {
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass 127.0.0.1:9000; # or whatever port your PHP-FPM listens on
|
||||
}
|
||||
}
|
||||
|
||||
# Handling for Mediawiki REST API, see [[mw:API:REST_API]]
|
||||
location /rest.php/ {
|
||||
try_files $uri $uri/ /rest.php?$query_string;
|
||||
}
|
||||
|
||||
## Uncomment the following code for handling image authentication
|
||||
## Also add "deny all;" in the location for /w/images above
|
||||
#location /w/img_auth.php/ {
|
||||
# try_files $uri $uri/ /w/img_auth.php?$query_string;
|
||||
#}
|
||||
|
||||
|
||||
# Allow robots.txt in case you have one
|
||||
location = /robots.txt {
|
||||
}
|
||||
# Explicit access to the root website, redirect to main page (adapt as needed)
|
||||
location = / {
|
||||
return 301 /index.php;
|
||||
}
|
||||
|
||||
# Every other entry point will be disallowed.
|
||||
# Add specific rules for other entry points/images as needed above this
|
||||
location / {
|
||||
return 404;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user