I've added Lighttpd support to the shorturl tool now. Complete with a port
of the IE6 XSS fix we have in images/.htaccess.
--
~Daniel Friesen (Dantman, Nadir-Seen-Fire) [
]
On Thu, 23 Feb 2012 03:48:10 -0800, Daniel Friesen
<lists(a)nadir-seen-fire.com> wrote:
In my spare time at Redwerks I've been working on
a Short URL
configuration tool:
http://shorturls.redwerks.org/
Our Short URL manual pages have been VERY bad for quite awhile. Every
last one of them has bad practice on them and I only managed to fix one
of them.
Considering how we have so many different manual pages simply because
people have slightly different configuration requirements (eg: One for
/w and /wiki/ another for / and /wiki/, another for /subpath/wiki,
etc... One for .htaccess, another for Alias in Apache config, another
for RewriteRule in Apache config, another for Nginx, etc...) rather than
trying to fix I started writing a tool to build the configuration
instead.
The tool tries to auto-detect as much as possible (practically
everything in fact). Everything from the type of server, the sapi
(mod_php vs. ?), your scriptpath, etc... it even tries to jump ahead of
you and guess what kind of article path you were intending to use. It
even has an early feature to try and preemptively detect if you're
likely to have root access or no root access (The idea is to detect what
kind of host you're on using the reverse dns for the server you're on).
The configuration generator actually isn't really a simple thing. There
are a lot of conditionals involved in the tool. It can handle the
special cases needed for root /$1 style urls. It knows how to add an
extra rewrite when you use /w and /wiki and need / to redirect to your
wiki. It uses Apache's %{DOCUMENT_ROOT} in RewriteRules but also lets
you expand an absolute docroot when you use an Alias (you can't use
%{DOCUMENT_ROOT} there). I've loaded the Nginx config full of deny rules
and conditions that most people never bothered to properly configure
(and yes, it can handle root urls, and even knows how to stop Nginx from
executing php in uploaded files). Heck, this tool can actually handle
TWN's wacky /w/i.php script path.
The tool is definitely beta right now. I have Apache and Nginx support
written. I'll probably want to have some discussion with Lighttpd and
ISS users to fix the configuration some of them are using and add code
to the tool to support those types of servers. There are still some
conditions it might not handle just yet. For example I haven't written
the code to handle root style urls in root Apache config files.
Feel free to start using it when you setup a MediaWiki installation. I'd
love to know when configuration doesn't work and what kind of tweaks I
need to make to it. As well I'd like to see how the configurations
handle different shared host setups, etc... I'd also like to see people
on different hosts, both shared host users and VPS, Dedicated, etc...
users running Apache jump in and make use of the yellow message's
question on whether you're in a root or shared environment. If you use
that specific feature it keeps track of reverse dns and the response,
which I can use to try and preload rules to indicate what host's reverse
dns patterns are for shared hosting users and what are for VPS servers
and the like.