12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 |
- server {
- listen 80 default_server;
- listen [::]:80 default_server;
- root /var/www/wiki;
- # Add index.php to the list if you are using PHP
- index index.php index.html index.htm;
- server_name localhost;
- access_log /var/log/nginx/wiki-access.log;
- error_log /var/log/nginx/wiki-error.log;
- # Activate HSTS (HTTP Strict Transport Security)
- # Note: reinclude if in a location a header is set
- include snippets/hsts.conf;
- # Allow favicon.ico, robots.txt, .well-known/
- # Deny *.txt, *.log, .*/*.php, .*, *.json, .lock, *.ht
- include snippets/allowed.conf;
- include snippets/denied.conf;
- location / {
- # First attempt to serve request as file, then
- # as directory, then fall back to displaying a 404.
- try_files $uri $uri/ =404;
- error_page 404 = @mediawiki;
- }
- # Rewrite for Short-URL
- location @mediawiki {
- rewrite ^/wiki([^?]*)(?:\?(.*))? /index.php?title=$1&$2 last;
- }
- # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
- #
- location ~ \.php$ {
- include snippets/fastcgi-php.conf;
- # # With php7.2-fpm:
- fastcgi_pass unix:/run/php/php7.2-fpm.sock;
- }
-
- # Disable php in /images/ (security)
- location ^~ /images/ {
- #Served like static files
- }
- # Deny access to deleted images folder
- location ^~ /images/deleted/ {
- deny all;
- }
- # Deny access to MediaWiki dirs
- location ^~ /cache/ { deny all; }
- location ^~ /languages/ { deny all; }
- location ^~ /maintenance/ { deny all; }
- location ^~ /serialized/ { deny all; }
- location ^~ /mw-config/ { deny all; }
- # Deny .svn and .git
- location ~ /.(svn|git)(/|$) { deny all; }
- }
|