[pmwiki-users] Fwd: pmwiki-users Digest, Vol 107, Issue 11
Jont Allen
jontalle at illinois.edu
Sun May 25 16:14:52 CDT 2014
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Sun, 25 May 2014 00:02:19 +0200
> From: Petko Yotov <5ko at 5ko.fr>
> To: pmwiki-users <pmwiki-users at pmichaud.com>
> Subject: Re: [pmwiki-users] pmwiki-users Digest, Vol 107, issue 9
> Message-ID: <cone.1400968939.492673.32209.1000 at pc4>
> Content-Type: text/plain; format=flowed; delsp=yes; charset="UTF-8"
>
> Sorry for the late reply. I hope that you had the chance to browse the
> documentation of Apache and PmWiki, and to test stuff, and everything is
> probably clearer to you now. If not, read below.
> Jont Allen writes:
>
> I suppose that if users who ask questions to the mailing list disable the
> "Digest" mode, they will receive the replies faster. This will also make it
> easier for all readers, as the subsequent questions and replies will not
> break the threads in people's e-mail software and in the mailing list
> archives - and this would be very very kind.
>
> This is not an obligation, just an observation
I agree, its just the time to make the change, and then change it back.
If this goes on, I'll do that.
>
>> I am very happy to try again, but there are SO many possibilities, that I
>> couldnt try them all. Furthermore I was confused about several things, that
>> I suspect/hope you can clear up immediately.
>>
>> Can we go 1 step at a time?
>>
>> That first step is apache config.
>> The second step is the wiki config.
>>
>> I attache my config.php stripped of comments. I had tried
>
> You have attached a file listing your passwords in clear.
ARG!!! I changed them. ;-(
> I suggest you
> change them ASAP and read the page PasswordsAdmin on how to store encrypted
> hashes of the passwords into config.php.
>
> If you use the same passwords for other accounts (e-mail, banking,
> paypal...) you should change them everywhere.
no I didnt do that. Important suggestion however. Thanks.
>> $EnablePathInfo = 1;
>> along with "alias /wiki"
>> but that was the line that seemed to introduce the instability wrt skins.
>> The skin problem was for everything, not just uploads. The skins randomly
>> stopped working once I added this option.
>>
>> 1) You mention the index.php:.
>> WHAT I HAVE NOW: /var/www/index.php
>> <?php chdir('./wiki/'); include_once('pmwiki.php');
>>
>> In the past: /var/www/wiki/index.php contained
>> <?php include_once('pmwiki.php');
>> but it had no effect so I removed it.
>
> Because your $ScriptUrl variable wasn't configured to use it.
according to the config.php file, it was set:
$ScriptUrl = 'http://hear.beckman.illinois.edu/';
$EnablePathInfo = 1; #Option on
It would work for a while, and then suddenly stop working, maybe after
getting some error (as best I recall).
After making the other changes you suggest below, I'll go back to his
more difficult option (that failed for me).
First the simple changes, below:
>
>> There is a: /var/www/wiki/pmwiki.php
>
> Do not modify this file or any file in the scripts directory.
I did not, and will not.
>
>> 2) These lines are commented and dont seem relevant to my problems:
>> > ## uncomment below if skins/attached files seem broken
>> > # $FarmPubDirUrl = $PubDirUrl =
>> 'http://hear.beckman.illinois.edu/wiki/pub';
>> > # $UploadUrlFmt = 'http://hear.beckman.illinois.edu/wiki/uploads';
>
> Indeed, they are commented out. I wrote to uncomment them if you have
> problems with the appearance of skins and downloading of attached files.
agreed and understood: no change
>
>> 3) I own the system and have root, so I configure apache directly, with the
>> config file rather than use .htaccess? From my reading of the docs, apache
>> strong recomends that the admin (me) config apache, rather than scatter
>> about many .htaccess files. Is that your understanding as well? In
>
> Yes. But the .htaccess file is very specific to the PmWiki installation you
> have, so you may find it better to have PmWiki-specific configuration files
> near the PmWiki installation, rather than scattered about in /var/www,
> /etc/apache2, and/or elsewhere.
but there is only one apache2 config file.
>
>> otherwords, what ever can go in a .htaccess file, can alternatively go in
>> the config file. I have been operating under this guidance by the apache
>> docs. If my assumption is wrong, where do I put the .htaccess file, in
>> /var/www/ or /var/www/wiki/ ?
>
> In /var/www - the DOCUMENT_ROOT of Apache.
>
>> So my assumption, and question is, can I put all the rewrite rules in the
>> apache config file? I'm asking about the following rules:
>
> Yes, but it is probably better to keep them with the PmWiki installation,
> and to keep your Apache installation as close to the standard as possible. I
> would. This way, if some day you need to migrate your wiki to a different
> hosting, eg. a faster/larger server or a low cost shared hosting provider,
> your wiki will work very easily.
I do understand your point. However I get confused if the files are in
too many places. I only touch these file once a year, or so, so my long
term memory fails.
>
>> RewriteEngine On
>> RewriteBase /
>> RewriteRule ^$ /wiki/pmwiki.php [QSA,L]
>> RewriteCond %{REQUEST_FILENAME} !-f
>> RewriteCond %{REQUEST_FILENAME} !-d
>> RewriteCond %{REQUEST_FILENAME} !-l
>> RewriteRule ^([A-Z0-9\x80-\xFF].*)$ /wiki/pmwiki.php?n=$1 [QSA,L]
>>
>> I did not try this, mostly because I didn't understand it.
>
> All these rules are explained in the page CleanUrls which you said you read.
> Which of the above line(s) are not suffuciently documented in
> Cookbook/CleanUrls?
>
>> I am very happy
>> to do it, but would like to keep all such rules in one place, such as the
>> config file. Else it all becomes so scattered I cant figure out whats going
>> on 6 mos from now.
>
> You have root access, and there is a detailed free documentation of Apache
> so you can read the documentation and configure it the way you want.
>
> Or, you don't change anything in Apache config (or the strict minimum), and
> keep all PmWiki-related configuration in one place: /var/www .
>
>
>> 2) On my ubuntu system, this apache config file is:
>> /etc/apache2/sites-available/default
>> In that file I have placed the following lines (plus many others ...):
>>
>> <VirtualHost *:80>
>> ServerAdmin jont at mimosaacoustics.com
>>
>> DocumentRoot /var/www
>>
>> <IfModule mod_access.c>
>> <Files ~ "^\.ht">
>> Order allow,deny
>> Deny from all
>> </Files>
>> </IfModule>
>>
>> ...
>>
>> #block .htaccess: <--- note these are commented out
>> # AllowOverride None
>> # Order allow,deny
>> # allow from all
>> # </Directory>
>>
>> ... blah blah
>
> The above ones are pretty standard and you can read about every line in the
> excellent Apache documentation. These below are not, are probably not needed
> and/or may be dangerous.
>
>
>> #PMWIKI JBA
>> #JBA changed -Indexes to +Indexes so to see ECE493...
>> <Directory /var/www/wiki/>
Options -Indexes FollowSymLinks MultiViews
>> AllowOverride None
>> Order allow,deny
>> allow from All
>> </Directory>
>
> This is not needed and potentially dangerous as it unprotects locally
> protected directories.
I changed the +Indexes to -Indexes
The university asked that I add this, but when was not working, I had
changed the - to +. Is this ok now?
>
>
>> # this is where the main problem seems to be: <--NOTE comment
>> #This almost worked but was unstable, The skins to randomly failed.
>> # "Alias /wiki ..." worked with $EnablePathInfo = 1;,
>> # Alias lines:
>> # <IfModule mod_alias.c>
>> # Alias /wiki /var/www/wiki/pmwiki.php
>> # </IfModule>
>
> If you use RewriteRules instead of Alias, your installation will be more
> portable, as more hosting providers allow URL rewriting than Aliases.
Portable is great, but right now its failing. I can switch to portable
once its working.
>
>> <Directory /var/www/wiki.d/>
>> Options +Indexes FollowSymLinks MultiViews
Options -Indexes FollowSymLinks MultiViews <--change
>> AllowOverride None
>> Order allow,deny
>> allow from All
>> </Directory>
>
> This one wiki.d needs to be removed or changed. You actually leave your
> wiki.d directory unprotected and anyone can get all pages and history
> without any password.
I'll change to -Indexes (the univ security asked for this)
>
>
>> <Directory /var/www/wiki/Courses/ECE5372013SpeechProcessing/>
>> Options +Indexes FollowSymLinks MultiViews
>> AllowOverride None
>> Order allow,deny
>> allow from All
>> </Directory>
>
> This is not needed, there is no such directory.
I totally removed this, and others like it
>
>
>> <Directory /var/www/wiki/uploads/>
>> Options -Indexes FollowSymLinks
>> Allow from All
>> </Directory>
>
> This is not needed, and if some day you want to protect downloads, this will
> keep them unprotected.
I removed this.
I have attached my latest config file (comments stripped), as modified
as you suggest. Once this is working I'll attack the real problem of URL
editing.
I tried the attached script, and it seems to be working fine.
So then I then tried the following changes to
/wiki/local/config.php
...
$ScriptUrl = 'http://hear.beckman.illinois.edu/';
$EnablePathInfo = 1; #Option on
Namely, I turned on the EnablePathInfo since scriptUrl was already set.
Once this option is on, I cannot access my pages.
Here is the apache2 error message, which actualy looks useful:
[Sun May 25 15:55:52 2014] [error] [client 50.81.134.248] File does not
exist: /var/www/Courses, referer:
http://hear.beckman.illinois.edu/?n=Courses.ECE537-2013SpeechProcessing
It is true, /var/www/Courses does not exist. Maybe that means
ScriptUrl
is set wrong (as you have suggested at the top)
So I changed it to:
$ScriptUrl = 'http://hear.beckman.illinois.edu/wiki/pmwiki.php';
Now it works, and gives a resolution name such as:
http://hear.beckman.illinois.edu/wiki/pmwiki.php/Courses/ECE403-2013AudioEngineering
this is close to working, if I could/can just remove "/wiki/pmwiki.php"
In summary:
I made all the changes you suggested, with the exception of adding the
.htaccess file (rather I edited the apache config file).
This all worked.
Then I turned on the $EnablePathInfo = 1; and it failed.
From the apache log file it had a bad path, thus I modified ScriptUrl
and it seems to be working,
except that the URL's have 'wiki/pmwiki.php' in them.
But that seems better that the "?=" syntax.
I'll leave it like this for now, to be sure it is stable.
Will it be possible to remove "wiki/pmwiki.php" from the URL?
Again, thank you for all your helpful advice!
Jont
>
> Petko
>
-------------- next part --------------
<VirtualHost *:80>
ServerAdmin jont at mimosaacoustics.com
DocumentRoot /var/www
<IfModule mod_access.c>
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>
</IfModule>
<Directory /var/www/public/Corpus/>
Options +Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from All
</Directory>
<Directory /var/www/papers/>
Options +Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from All
</Directory>
<Directory /var/www/wiki/>
Options -Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from All
</Directory>
<Directory /var/www/wiki.d/>
Options -Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from All
</Directory>
# ReadmeName is the name of the README file (only 1) that the
ReadmeName readme.txt
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values: debug, info, notice, warn, error, crit, alert, emerg
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
More information about the pmwiki-users
mailing list