erroneousness wgSquidServers port number documentation
Open, MediumPublic
Actions

Assigned To

None

Authored By

	adrelanos
	Mar 12 2015, 4:42 PM

Description

I had some trouble with mediawiki not sending purges to varnish. nginx listens on port 80 and 443. Requests for port 80 are redirected to 443, because we choose to enforce https. Varnish listens on port 6081. Apache on 8080. The debug log revealed, that mediawiki got 403 moved permanently responses for purge requests. So I looked up on how to change the varnish port number.

Quote from https://www.mediawiki.org/wiki/Manual:$wgSquidServers#Usage_notes_and_history, it says:

Don't specify port number

But I think this is wrong.

includes/SquidPurgeClient.php:

	public function __construct( $server, $options = array() ) {
		$parts = explode( ':', $server, 2 );
		$this->host = $parts[0];
		$this->port = isset( $parts[1] ) ? $parts[1] : 80;
	}

$wgSquidServers = array( '127.0.0.1:6081' ); works for me.

Event Timeline

adrelanos created this task.Mar 12 2015, 4:42 PM

adrelanos raised the priority of this task from to Medium.

adrelanos updated the task description. (Show Details)

adrelanos added a project: MediaWiki-Documentation.

adrelanos subscribed.

Restricted Application added a project: Documentation. · View Herald TranscriptMar 12 2015, 4:42 PM

Restricted Application added a subscriber: Aklapper. · View Herald Transcript

For varnish 4.0, which port should I use? 80? 6082?

We enable https and force http to ssl too. We got varnish listening port 8080 for normal data and 6082 for "management". which port should be used for $wgSquidServers?

We had the same problem recently using squid. The wiki in question only responds to https. The purge requests were timing out causing page saves to take 7 seconds. We had followed the instructions at https://www.mediawiki.org/wiki/Manual:Squid_caching#Configuring_MediaWiki. In particular, we were using the following in LocalSettings.php:

$wgUseSquid = true;
$wgSquidServers = array('<your IPv4 address>');
$wgSquidServersNoPurge = array('127.0.0.1');

with our IP address inserted. The documentation does not mention that you can provide a port number. And, the documentation referenced above at https://www.mediawiki.org/wiki/Manual:$wgSquidServers#Usage_notes_and_history, specifically says that you cannot specify a port number - although there is the helpful comment now indicating that this might be wrong. Fortunately, we got guidance on mediawiki-l telling us to add the port number, which fixed our problem. The documentation on both pages linked above should be fixed to indicate that a port can - and in some cases should - be added.

Here is how we (MoegirlPeida http://moegirl.org/Mainpage ) solve the https problem over varnish & Mediawiki.

Mediawiki will only send the purges request over normal http ways to Varnish. This means if you put the http port at 8080 then you set the wgSquidServers to ip:8080. (YES, with port number) (YES, forget the 6082 port, Mediaiwki will not use it)

Varnish itself does NOT support https. (Varnish 4.0, future version might support SSL) Therefore, you need a extra layer of nginx or whatever software to encode & decode https send from/to your website (You may also use loadbalancer at this point for very large site). Anything behind the layer of https decode software will be normal http.

For a single server, usually you will want to set the 80 & 443 to the SSL handle software, then 8080 to nginx/apache and then 8081 for Varnish. (not nesseary, just use 8080 & 8081 for convenience) Make sure only open 80 and 443 toward internet for security.

(You may combine both SSL & http traffic in one nginx and still use varnish for cache, but that will be much more complicated logic flow. not recommend for site maintained by volunteers.)

erroneousness wgSquidServers port number documentationOpen, MediumPublicActions

Description

Event Timeline

erroneousness wgSquidServers port number documentation
Open, MediumPublic
Actions