Add nginx config to support subdirectory sites on learn.wordpress.org

learn.wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ is already configured as a separate multisiteMultisite Multisite is a WordPress feature which allows users to create a network of sites on a single WordPress installation. Available since WordPress version 3.0, Multisite is a continuation of WPMU or WordPress Multiuser project. WordPress MultiUser project was discontinued and its features were included into WordPress core.https://codex.wordpress.org/Create_A_Network. network, but has only had the one root site so far. When I try to access a subdirectory site I created at learn.wordpress.org/test/, I get a browser error that the page isn’t redirecting properly.

It looks like make.wordpress.org has an nginxNGINX NGINX is open source software for web serving, reverse proxying, caching, load balancing, media streaming, and more. It started out as a web server designed for maximum performance and stability. In addition to its HTTP server capabilities, NGINX can also function as a proxy server for email (IMAP, POP3, and SMTP) and a reverse proxy and load balancer for HTTP, TCP, and UDP servers. https://www.nginx.com/. config file that enables support for its subdirectory sites, so I’m guessing learn would need something very similar.

We’re trying to get the learn.wordpress.org site updated by Aug 12th, so I’m setting this to high priority in the hopes that it can get done soon.

Thanks!

#prio1

Add location block for `/files/` X-Accel-Redirect rewrites.

Currently WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ uses ms-files.php still, and while it’d be nice to move away from that, it’s not straight forward to doing so.
ms-files.php suffers from a long-term bug where videos can’t be played in Safari due to not supporting Range headers. As a work-around for that, we’d like to enable the X-Accel-Redirect offload functionality which will fix that.

How to test:
– https://make.wordpress.org/core/2020/08/06/wordpress-5-5-core-editor-accessibility-improvements/ has videos that should load/play in Safari, they currently do not.
– Add blogs.dir location blockBlock Block is the abstract term used to describe units of markup that, composed together, form the content or layout of a webpage using the WordPress editor. The idea combines concepts of what in the past may have achieved with shortcodes, custom HTML, and embed discovery into a single consistent API and user experience. (see below)
– Add define( 'WPMU_ACCEL_REDIRECT', true ); to wp-config.php
– Videos should now play in Safari.

Using that as an example, the ms-files path is:
https://make.wordpress.org/core/files/2020/08/roving-tabindex-1.mp4

WPMU_ACCEL_REDIRECT once enabled, outputs:
X-Accel-Redirect: /blogs.dir/6/files/2020/08/roving-tabindex-1.mp4

I believe something similar to the following should work for all WordPress.org network sites (those served out of the WordPress.org users public_html):

location /blogs.dir/ {
  internal;
  alias /uploads/;
}
  • PHPPHP PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. http://php.net/manual/en/intro-whatis.php. execution within that location is not required.
  • 404’s should 404, ms-files.php will take care of that.
  • This should NOT apply to buddypress or sites hosted on non-wordpress.org users.
  • The X-Accel-Redirect response can be cached if wanted, but I assume the default caching strategy would already do so.

#prio1

WordCamp.org admin-ajax self-ddos

Yesterday there was an outage, which was caused by an admin-ajax infinite loopLoop The Loop is PHP code used by WordPress to display posts. Using The Loop, WordPress processes each post to be displayed on the current page, and formats it according to how it matches specified criteria within The Loop tags. Any HTML or PHP code in the Loop will be processed on each post. https://codex.wordpress.org/The_Loop.. The logs didn’t provide enough information to debug, though, so we’ll need to gather more information to start troubleshooting.

Possibly related to https://make.wordpress.org/systems/2020/01/16/wordcamp-org-slow-load-times/

x-ref archives/C204BD7PT/p1586640064085000

#prio1

Re-evaluate the Chinese rate-limiting

Back in October some rate limiting was added for certain traffic from Chinese sources, can we re-evaluate that rate limiting? Is it still needed? Can it be relaxed?
I realise the blocking was added due to significant abuse at the time with little other options, I’m just hopeful that that’s no longer the case.

There’s been several complains over the last few months, and as it turns out, there’s now some Chinese clones/proxies of WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ to work around it.

Some relevant threads:

  • https://wordpress.org/support/topic/china-cannot-access-wordpress-org/
  • https://wordpress.org/support/topic/all-chinese-user-429-too-many-requests-unfair/
  • https://meta.trac.wordpress.org/ticket/5106
  • https://wordpress.org/search/429/?forums=1

#prio1

Remove cookie-stripping behaviour from Trac Ticket caching

As per previous discussions, can we please remove the TracTrac Trac is the place where contributors create issues for bugs or feature requests much like GitHub.https://core.trac.wordpress.org/. Caching that strips the Set-Cookie headers from Trac ticket pages?

As mentioned, this causes failures to comment on tickets – https://meta.trac.wordpress.org/ticket/4360

As discussed, you’ll find a hacky Trac plugin that attempts to avoid setting useless Trac cookies in https://wordpress.slack.com/archives/G02QCEMRY/p1554790742034300?thread_ts=1554340318.022800&cid=G02QCEMRY but it’s mostly untested and may not work as needed.

The Latest trac plugin is in https://gist.github.com/dd32/e1a6e434cb9b5721cc086e51751f8c44 and has been tested well on a standalone trac installation.
The pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party does several things:
– Prevents Cookies being sent on anonymous pageviews
– Prevents anonymous sessions being saved to the DB (as there’s no such thing anymore)
– Blocks access to /prefs for anonymous users
– Expires all trac_* cookies after the user is no longer authenticated, such as to remove the trac_form_token cookie.

#trac #prio1

Hi! As per a discussion…

Hi! As per a discussion with @andreamiddleton can myself and @tellyworth please have the WordCampWordCamp WordCamps are casual, locally-organized conferences covering everything related to WordPress. They're one of the places where the WordPress community comes together to teach one another what they’ve learned throughout the year and share the joy. Learn more. role applied to our sandboxes?

This is to aid in support for WordCamp Europe this year if any unexpected things come up, and ongoing work we do that crosses over into that area.

#prio1

Change plugins.svn linting to PHP 7.current please

As a follow up to https://make.wordpress.org/systems/2018/03/12/change-all-svn-php-linting-to-php7/ and https://meta.trac.wordpress.org/ticket/3791 can we please switch the PHP linting for plugins.svn to 7.2 and keep it up-to-date with newer PHP branches as they’re deployed for WordPress.org?

Although this is specifically for plugins.svn, the same should be applicable to all SVNs now, as any which require an older PHPPHP PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. http://php.net/manual/en/intro-whatis.php. version will be enforced through Travis and other tools.

Having the linter exclude newer syntax is becoming a limitation for pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party developers and with the work being done around plugins specifying minimum PHP versions, and increasing the WordPress minimum versions, is going to result in more plugins requiring PHP 7.1/7.2/etc.

#prio1

Hi! Can we please add…

Hi! Can we please add the ms-files.php rewrite required for uploaded media on wordpress.org/support/?

The following rule should fit into the existing location /support/ blockBlock Block is the abstract term used to describe units of markup that, composed together, form the content or layout of a webpage using the WordPress editor. The idea combines concepts of what in the past may have achieved with shortcodes, custom HTML, and embed discovery into a single consistent API and user experience.:
rewrite ^/support/files/(.+) /wp-includes/ms-files.php?file=$1 last;

Example URI which should work after the rule is added: https://wordpress.org/support/files/2018/10/WordPress-logotype-wmark-3.png

#prio1

Could you please grant @ocean90…

Could you please grant @ocean90 access to releaseRelease A release is the distribution of the final version of an application. A software release may be either public or private and generally constitutes the initial or new generation of a new or upgraded application. A release is preceded by the distribution of alpha and then beta versions of the software. packaging? He already has MC access.
The change was okay’d by @matt.

#prio1

Analytics access

Hi there, could @dd32 (in case he doesn’t have it), @tellyworth, and I be granted Google Analytics access to the wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ group again? It’s currently blocking us from testing #1017-meta and moving forward with SEO work for the growth council. Thanks!

#prio1

#1017-meta