I have a wiki set up on a TLS-only vhost. There is a companion vhost on
port 80, that makes a permanent redirect from / to
https://host.name.tld
This works fine, and the wiki can be browsed, edited &c.
However, I've noticed that sometimes, I had to purge a page manually, to
get rid of red links to pages. Today, I noticed what I belive is the cause.
A massive buildup of jobs in the queue, that didn't execute, until i ran
maintenance/runJobs.php
In the apache log file for vhosts without a log setup, I notice that I have
a lot of POST's like the one below, matching the number of unrun jobs.
host.name.tld:80 512.512.512.512 - - [05/Aug/2014:09:48:24 +0200]
"POST /w/index.php?title=Special3ARunJobs&tasks=jobs&maxjobs=1&
sigexpiry=1407224909&signature=1a51329b5936d6f0c8a287f9e1a74c241300dccc
HTTP/1.1" 301 830 "-" "-"
So it looks like the post to execute a job goes to the non-secure URL for
the site, even though $wgServer is set to TLS:
$wgServer = "https://host.name.tld";
This leads to two questions:
1) Why strip https from the server URL?
2) Why isn't the redirect from port 80 to port 443 honoured? The vhost is
set up with Server Name Indication, but I don't think that's the cause,
since I don't see the POST resent in the default servers log file.
3) What to do about this?
--
//Wegge