msgbartop
A chronological documentation test project, nothing serious, really!
msgbarbottom

17 Nov 2009 Create a temporary “Site Down” notice in Apache

This post describes how to make a “Site down for maintenance” notice using Apache .htaccess and the mod_rewrite module.
I assume you know how to enable the Apache htaccess directive and the mod_rewrite module.

First you need to create a .htaccess file in your root level of your website.
Next you add the following lines to it

Options +FollowSymlinks
RewriteEngine on
RewriteCond %{REQUEST_URI} !/sitedown.html$
RewriteRule $ /sitedown.html [R=302,L] 

The .htaccess file should be “active” immediately and you should see the content of your sitedown.html file. If not, try clearing your browsers cache.

If you as a maintenance user would like to access the site without seeing the sitedown.html file, add the following line to enable IP address exception

RewriteCond %{REMOTE_HOST} !^192\.168\.0\.12
 

Remember to replace the IP address with your address.

The .htaccess file should now look something like this.

Options +FollowSymlinks
RewriteEngine on
RewriteCond %{REQUEST_URI} !/sitedown.html$
RewriteCond %{REMOTE_HOST} !^192\.168\.0\.12
RewriteRule $ /sitedown.html [R=302,L] 

Just delete the .htaccess file when you are done with your maintenance and your site will be available again.

Tags: ,

Posted by

30 Jan 2009 Enable secure / https SSL login on mediaWiki 1.13.3

This is how I’ve enabled secure SSL login through https on a mediaWiki 1.13.3 installation. This description might work on other versions of mediaWiki, but that has not been tested.
mediWiki doesn’t support SSL login out of the box so a little hack has to be performed.

First you need to tell the webserver, in my case my Apache server that mediaWiki login requests should be redirected to the SSL page
Add the following code lines to your Apache config files or the mediaWiki .htaccess file

Rewrite login url to use httpsRewriteEngine On

RewriteCond %{REQUEST_URI} ^/index.php$
RewriteCond %{QUERY_STRING} ^title=Special:UserLogin
RewriteCond %{REQUEST_METHOD} ^GET$
RewriteRule ^(.*)$ https://%{SERVER_NAME}/$1 [R]

Rewrite non login url to use normal http

RewriteEngine On
RewriteCond %{QUERY_STRING} ^(?!title=Special:Userlogin)
RewriteRule ^(.*)$ http://%{SERVER_NAME}$1 [R]

Source: http://wiki.epfl.ch/cfavi/mediawiki

In addition to the above configuration you have to create a PHP script to fix some cookies problems since the cookie was made on an https address but normal surfing is done on http mode.

Create a file named ssl_login.php and insert the following code into it

# Secure the login page.

# Secure cookies hurt us because they are set on the https page
# but inaccessible from the http page, so we lose our previous session.
$wgCookieSecure = false;

# Don't process JavaScript and CSS files.
# Otherwise, a secure page will be tagged as "partially secure" because these
# files are being hit via http.
if (checkQS('gen', 'js')) {return;}
if (checkQS('gen', 'css') || checkQS('ctype', 'text/css')) {return;}

# Get page title from query string.
$pageTitle = array_key_exists('title', $_GET)
     ? $_GET['title']
     : "";

# Get server variables
$domain = $_SERVER['HTTP_HOST'];
$uri = $_SERVER['REQUEST_URI'];

# Are we on the sign-in page or not?
# Logic works for everything except Special pages which apparently don't
# even run LocalSettings.php.
$onSignInPage = false;
$signInPageName = 'special:userlogin';  // lowercase on purpose
if ( strtolower($pageTitle) == $signInPageName ) {
  $onSignInPage = true;
} elseif ( strstr(strtolower($uri), "/$signInPageName") ) {
  $onSignInPage = true;
} else {
  $onSignInPage = false;
}

# Secure only the Special:Userlogin page.
# Un-secure all other pages.
if ( !checkServerVariable('HTTPS', 'on') && $onSignInPage ) {
  header('Location: https://' . $domain . $uri);
} elseif ( checkServerVariable('HTTPS', 'on') && ! $onSignInPage ) {
  header('Location: http://' . $domain . $uri);
} else {
  // nothing
}

function checkQS($key, $value) {
  return checkArrayValue($_GET, $key, $value);
}

function checkServerVariable($var, $value) {
  return checkArrayValue($_SERVER, $var, $value);
}

function checkArrayValue($arr, $key, $value) {
  return array_key_exists($key, $arr) && $arr[$key] == $value;
}

Include this file in your LocalSettings.php file like this

# Fix to use SSL login
include '/full/path/to/htdocs/ssl_login.php';

Source: http://www.mediawiki.org/wiki/Manual:Configuration_tips_and_tricks#HTTPS_on_Login_only

Remember to restart your apache webserver to see the changes.

Tags: , , , , ,

Posted by

30 Aug 2007 Blocking Image Bandwidth Theft/Hotlinking with URL Rewriting

You can stop others from hotlinking your site’s files by placing a file called .htaccess in your Apache site root (main) directory. The period before the name means the file is hidden, so you may want to edit your file as htaccess.txt, upload it to your server, then rename the txt file to .htaccess in your directory or Apache config file httpd.conf
Contact your web host on how to access your directories and configure your .htaccess file.
(more…)

Tags: ,

Posted by