mediawiki.conf 1.5 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061
  1. server {
  2. listen 80 default_server;
  3. listen [::]:80 default_server;
  4. root /var/www/wiki;
  5. # Add index.php to the list if you are using PHP
  6. index index.php index.html index.htm;
  7. server_name localhost;
  8. access_log /var/log/nginx/wiki-access.log;
  9. error_log /var/log/nginx/wiki-error.log;
  10. # Activate HSTS (HTTP Strict Transport Security)
  11. # Note: reinclude if in a location a header is set
  12. include snippets/hsts.conf;
  13. # Allow favicon.ico, robots.txt, .well-known/
  14. # Deny *.txt, *.log, .*/*.php, .*, *.json, .lock, *.ht
  15. include snippets/allowed.conf;
  16. include snippets/denied.conf;
  17. location / {
  18. # First attempt to serve request as file, then
  19. # as directory, then fall back to displaying a 404.
  20. try_files $uri $uri/ =404;
  21. error_page 404 = @mediawiki;
  22. }
  23. # Rewrite for Short-URL
  24. location @mediawiki {
  25. rewrite ^/wiki([^?]*)(?:\?(.*))? /index.php?title=$1&$2 last;
  26. }
  27. # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
  28. #
  29. location ~ \.php$ {
  30. include snippets/fastcgi-php.conf;
  31. # # With php7.2-fpm:
  32. fastcgi_pass unix:/run/php/php7.2-fpm.sock;
  33. }
  34. # Disable php in /images/ (security)
  35. location ^~ /images/ {
  36. #Served like static files
  37. }
  38. # Deny access to deleted images folder
  39. location ^~ /images/deleted/ {
  40. deny all;
  41. }
  42. # Deny access to MediaWiki dirs
  43. location ^~ /cache/ { deny all; }
  44. location ^~ /languages/ { deny all; }
  45. location ^~ /maintenance/ { deny all; }
  46. location ^~ /serialized/ { deny all; }
  47. location ^~ /mw-config/ { deny all; }
  48. # Deny .svn and .git
  49. location ~ /.(svn|git)(/|$) { deny all; }
  50. }