403 instead of location 404? #5
Description
Hi!
Thanks for this extensions. We installed it yesterday and was testing it today on https://wiklou.org
We noticed that some pages redirect to URL/404 instead of a 403 forbidden with login link maybe?
Example 404 links:
- https://www.wiklou.org/wiki/Accueil/history
- https://www.wiklou.org/w/index.php?title=Cat%C3%A9gorie:Mat%C3%A9riel&oldid=12742
- https://www.wiklou.org/wiki/Sp%C3%A9cial:Pages_li%C3%A9es/Cat%C3%A9gorie:Mat%C3%A9riel
- https://www.wiklou.org/wiki/Sp%C3%A9cial:Suivi_des_liens/Cat%C3%A9gorie:Mat%C3%A9riel
If plugin is deactivated, these links are working as expected.
FYI: We use debian + nginx + php-fpm.
our nginx config:
location ~ /index\.php/(.*$) {
rewrite ^/index\.php/(.*$) /wiki/$1 permanent;
}
location ~ ^/w/(index|load|api|thump|opensearch_desc)\.php$ {
try_files $uri $uri/ =404; # Don't let php execute non-existent php files
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php8.2/fpm/php_wiklou_mediawiki;
fastcgi_index index.php ;
include /etc/nginx/conf.d/fastcgi.conf;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location /w/images {
# Separate location for images/ so .php execution won't apply
location ~ ^/w/images/thumb/(archive/)?[0-9a-f]/[0-9a-f][0-9a-f]/([^/]+)/([0-9]+)px-.*$ {
# Thumbnail handler for MediaWiki
# This location only matches on a thumbnail's url
# If the file does not exist we use @thumb to run the thumb.php script
try_files $uri $uri/ @thumb;
}
}
location /w/images/deleted {
# Deny access to deleted images folder
deny all;
}
# Deny access to folders MediaWiki has a .htaccess deny in
location /w/cache { deny all; }
location /w/languages { deny all; }
location /w/maintenance { deny all; }
location /w/serialized { deny all; }
# Just in case, hide .svn and .git too
location ~ /w/.(svn|git)(/|$) { deny all; }
# Hide any .htaccess files
location ~ /w/.ht { deny all; }
# Handling for the article path
location /wiki/ {
rewrite ^/wiki/(?<pagename>.*)$ /w/index.php;
}
# Thumbnail 404 handler, only called by try_files when a thumbnail does not exist
location @thumb {
# Do a rewrite here so that thumb.php gets the correct arguments
rewrite ^/w/images/thumb/[0-9a-f]/[0-9a-f][0-9a-f]/([^/]+)/([0-9]+)px-.*$ /w/thumb.php?f=$1&width=$2;
rewrite ^/w/images/thumb/archive/[0-9a-f]/[0-9a-f][0-9a-f]/([^/]+)/([0-9]+)px-.*$ /w/thumb.php?f=$1&width=$2&archived=1;
# Run the thumb.php script
include /etc/nginx/conf.d/fastcgi.conf;
fastcgi_param SCRIPT_FILENAME $document_root/w/thumb.php;
fastcgi_pass unix:/run/php8.2/fpm/php_wiklou_mediawiki;
}
location = /w/_.gif {
expires max;
empty_gif;
}
location ^~ /w/cache/ {
deny all;
}
location /w/dumps {
root /var/www/mediawiki/local;
autoindex on;
}
# Explicit access to the root website, redirect to main page (adapt as needed)
location = / {
return 301 /wiki/Accueil;
}
# Every other entry point will be disallowed.
# Add specific rules for other entry points/images as needed above this
location / {
return 404;
}