Skip to content

Instantly share code, notes, and snippets.

@enzocomics

enzocomics/WordPress Webfinger Nginx settings.md

Last active September 27, 2023 08:47
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save enzocomics/7b580e0c179b5dc29e8812705b004493 to your computer and use it in GitHub Desktop.
Save enzocomics/7b580e0c179b5dc29e8812705b004493 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
WordPress Webfinger Nginx settings.md

Assumptions:

  • WordPress is installed at the root of $host
  • WordPress Webfinger is installed - available at Wordpress.org or Github
location ~ /.well-known/webfinger {
        # add_header 'Access-Control-Allow-Origin' '*';

        if ($arg_resource = "") {
                return 400;
        }
        
        rewrite ^ $scheme://$host/?well-known=webfinger$1 last;

}

location ~ /.well-known/webfinger

  • applies the rules inside the block when the url matches the location specified
  • ~ instructs nginx to perform a case-sensitive regular expression match

add_header 'Access-Control-Allow-Origin' '*'

  • Access-Control-Allow-Origin Indicates whether the response can be shared with requesting code from the given origin
  • * tells browsers to allow requesting code from any origin to access the resource
  • Note: I learned that this header is added automatically by the Webfinger Plugin, so it can be safely omitted

if ($arg_resource = "") { return 400; }

  • Sends a 400 Bad Request error if the resource parameter is empty

rewrite ^ $scheme://$host/index.php?well-known=webfinger$1 last;

  • The redirect itself, which points to the output generated by the Webfinger Wordpress Plugin
  • $1
  • last tells nginx to stop parsing rewrite rules after this one is matched
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment