1

In our Wiki (http://scratch-dach.info MediaWiki 1.25.1, PHP 5.3.29, MySQL 5.5.44-log) we have sporadic problems when saving edits. At irregular intervals the Browser tries to download the index.php-file instead of committing edits. It seems that larger pages are more likely to be affected by this problem.

Downloading the PHP source usually means that Apache is misconfigured and does not allow to execute scripts in that directory, however usually all php scripts (and expecially the index.php from the wiki) execute well on the server.

We are hosting many wikis with the same extensions/config but only in this such errors occurs. The only specific difference between the Wikis seems to be that our database is more than 1 GB large. In the Apache-Log there are no suspicious entrys.

After some tests, we found out that the error only appears with pages containing an email address or an external link like [http://test.name] or http://test.name However, as mentioned the error is sporadic, sometimes the page with the link saves, sometimes we get the php-Download error. The problem is that we only have a "hoster" package from our provider, Strato, so we have no direct access to the php and apache modules.

We have searched for a long time in the internet, but I found no description of such a problem...

Any help is well appreciated!

(This question is a followup from stackoverflow where we have been told to put the question rather here at server fault.)

Community
  • 1
Peter B.
  • 189
  • 1
  • 7
  • I remember seeing/hearing this problem multiple times many years ago, but not recently. – Nemo Oct 11 '15 at 17:42

2 Answers2

2

This is very unlikely to be a problem with either PHP or MediaWiki. If Apache decides to execute a script, whatever that script does, Apache will just print its output. Downloading happens when Apache does uses some other handler than PHP for .php scripts.

What you are describing (with larger pages failing more often) sounds like Apache tries to treat the .php files as text if there is an error (like timeout or out of memory) while running the script. Maybe you have some strange error handling configuration. loglevel traceX might help.

Tgr
  • 306
  • 3
  • 13
1

After a long search we found the problem. The provider (STRATO) had running a security program named server-site-security which scanned for users that entered the same URLs repeatedly. While this is usually a spambot's behavior in this case it affected normal users editing Wiki pages with links. We tracked down the error after asking the provider if a similar program, ModSecurity was installed. After deactivating server-site-security via the configuration interface, the problem was gone.

Peter B.
  • 189
  • 1
  • 7
  • Wow, that's some amazingly bad design from a program whose stated purpose is to improve security. – womble Nov 30 '15 at 22:03