MediaWiki and reverse proxy

I’ve been trying to ProxyPass from a primary server to a backend (but not firewalled) machine running MediaWiki 1.5.2 with very little luck.

I finally come across the solution. backend.machine.edu is the machine hosting MediaWiki. frontend.machine.edu is the machine acting as a reverse proxy.

1. Proxy machine, httpd.conf


ProxyPass /wiki http://backend.machine.edu/wiki

2. On backend.machine.edu edit DefaultSettings.php

$wgServer = ‘http://frontend.machine.edu’;

This *shouldn’t* be necessary as this variable can also be provided in LocalSettings.php. However, I found the early stages of the request cycle were not correctly resolved to the front end machine.

3. Edit LocalSettings.php

Add the (possibly redundant) $wgServer variable

$wgServer = ‘http://frontend.machine.edu’;

I also found that the absolute image path for the Wiki Logo was not resolving correctly through the proxy. Correct this (if necessary) by setting $wgLogo. This assumes that your backend machine is not behind a firewall.

$wgLogo = “http://backend.machine.edu/images/wikilogo.jpg”;

4. Edit squid.conf on squid.machine.org to exclude wiki content

I might want to revisit this decision in the future. For now, I’d rather not fill our cache with Wiki material, saving that space for the heavier acedb content.

acl wiki url_regex -i wiki
no_cache deny wiki

sudo timeout duration

I sudo many, many times a day. Just the act of typing “sudo” seems a suitable safeguard against using inappropriate privileges. I type it when I need it. However, the default 5 minute timeout of the sudo command becomes unbearable over the course of the day.

To increase this timeout value, add a defaults line for the user you wish to modify and increase the timestamp_timeout value. A value of 0 means that a password is always required. A value less than zero means a password is never required.

Defaults:todd timestamp_timeout=1000