Manual:$wgSquidServers
This feature was removed from MediaWiki core in version 1.35.0. Please see $wgCdnServers for an alternative way to use this feature. |
HTTP proxy (CDN) settings: $wgSquidServers | |
---|---|
An array of individual proxy servers to help MediaWiki detect if the request has been proxied. But also to send back to the proxy PURGE commands on changes. |
|
Introduced in version: | 1.2.0 |
Deprecated in version: | 1.34.0 (Gerrit change 387877; git #f9f8dff4) |
Removed in version: | 1.35.0 (Gerrit change 579755; git #e8d9d68b) |
Allowed values: | Unspecified |
Default value: | [] Prior to 1.4.0 no default value was set. |
Other settings: Alphabetical | By function |
Details
editThis variable is about telling MediaWiki what are the individual IP adresses of each Proxy servers that serves content to your visitors.
You can also specify port numbers explicitly.
However, if you specify port numbers, you need to add the same IP to $wgSquidServersNoPurge
, otherwise the server will not be recognized as a configured proxy (known bug T132538).
Note that if you have CIDR ranges (e.g. 192.0.2.0/24
), make sure you set them in $wgSquidServersNoPurge instead.
The setting can be used in many Proxy setups, both within a private network or through an external provider, and also with external services that are based on either Varnish or Squid.
Configuration example with Varnish
editConsider the following setup details:
- one and/or more web servers ("origins") with MediaWiki running
- Varnish configuration points to your MediaWiki origins
- You have a few Varnish servers that proxies requests for the web servers
- You have a list of single IP addresses (not CIDR ranges, that would go in $wgSquidServersNoPurge instead!)
Here are the configurations you have to set in place:
- In Varnish, set a
X-Forwarded-For
HTTP header withclient.ip
, example:
set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip;
- Create an array of servers. Ideally it should be IP in decimal format but those would work
// In LocalSettings.php
$wgUseSquid = true;
$wgSquidServers = array();
$wgSquidServers[] = "192.0.2.100";
$wgSquidServers[] = "192.0.2.107";
$wgSquidServers[] = "192.0.2.200";
$wgSquidServers[] = "some.internal.name"; // Also works if you have a DNS configured on every MW origins. But it's not recommended.
#$wgSquidServers[] = "192.0.2.0/24"; // WON’T WORK, refer to $wgSquidServersNoPurge
TODO: Insert example of a valid IPv6 address that is part of 2001:DB8::/32
range as per RFC3849
Usage notes and history
edit- Specifying the port number of your proxy software is not necessary. But you may do that for MediaWiki 1.16 and higher. This will be useful when you don't run your proxy software at port 80 (used by default).
- Any IPs listed in this array will be treated as trusted surrogates (reverse proxies)
- IP addresses displayed for users connected via these Squid/Varnish servers therefore will match individual user IPs, not the Squid's IP.
Format
edit- Each entry can be either IPv6/IPv4 addresses in octal format (e.g.
192.0.2.3
) - CIDR notation and ranges should be configured in $wgSquidServersNoPurge
Anything described in includes/utils/IP.php should be valid.
See also
edit- Manual:$wgSquidServersNoPurge (equivalent setting, for CIDR ranges)
- Manual:Hooks/IsTrustedProxy to modify the proxy list dynamically
- Manual:$wgUseSquid
- Manual:$wgUsePrivateIPs