API Design
# API Design
This article details the server configuration aspects related to the MediaWiki API, providing guidance for developers and system administrators. Understanding the API design choices is crucial for extending MediaWiki functionality and integrating it with other systems. This is geared towards new contributors to the wiki’s server infrastructure.
Overview
The MediaWiki API allows programmatic access to wiki data and functionality. It's a powerful tool for tasks such as bot development, data analysis, and integration with external applications. The API itself is built upon a combination of HTTP requests and specific parameter structures. The server configuration impacts API performance, security, and scalability. We’ll cover key areas of the API design here, including rate limiting, supported formats, and endpoint considerations. See Manual:API for user documentation on API usage.
API Endpoints and Routing
MediaWiki's API endpoints are generally accessed via the `api.php` script. This script acts as a central router, dispatching requests to the appropriate API modules. The `title` parameter is fundamental in many API calls; it specifies the page or resource being targeted. Incorrectly formatted titles can lead to errors. Understanding the routing process is important when debugging API issues.
| Endpoint | Description | Example |
|---|---|---|
| `api.php` | Central API router. All requests go through this script. | `https://yourwiki.com/api.php?action=query&title=Main Page` |
| `api.php?action=login` | Used for user authentication. | `https://yourwiki.com/api.php?action=login&format=json&username=YourUsername&password=YourPassword` |
| `api.php?action=edit` | For creating and modifying wiki pages. Requires appropriate permissions. | `https://yourwiki.com/api.php?action=edit&title=NewPage&text=This is the content of the new page.` |
The configuration file, `LocalSettings.php`, doesn’t directly define routing rules but controls the overall API availability and settings. See Configuration for details on `LocalSettings.php`.
Rate Limiting and Abuse Prevention
To protect the server from abuse and ensure fair usage, MediaWiki implements rate limiting for API requests. This limits the number of requests that can be made from a single IP address or user within a specific timeframe. The rate limiting settings are configurable in `LocalSettings.php`. Properly configured rate limiting is essential for maintaining server stability, especially during periods of high traffic. It prevents Denial of Service attacks.
| Parameter | Description | Default Value |
|---|---|---|
| `$wgAPIThrottleTable` | The table used to store rate limiting data. | `api_throttle` |
| `$wgAPIThrottleRate` | The maximum number of requests allowed per period. | 500 |
| `$wgAPIThrottleDelay` | The duration of the period in seconds. | 60 |
Customizing these settings requires careful consideration of your wiki’s traffic patterns and resource constraints. Consult Rate limiting for further information.
Data Formats and Serialization
The MediaWiki API supports multiple data formats for both requests and responses. The most common formats are:
- JSON: The preferred format for modern API clients. It’s widely supported and easy to parse.
- XML: The traditional format, still supported for backward compatibility.
- PHP: A serialized PHP array, generally not recommended for external applications due to security concerns.
- Web Server: Apache or Nginx are commonly used. Proper configuration, including caching, is crucial. See Manual:Configuring Apache and Manual:Configuring Nginx.
- PHP Version: MediaWiki 1.40 requires a supported PHP version (currently PHP 7.4 or higher). Using the latest stable version is recommended.
- Database: MySQL/MariaDB or PostgreSQL are the supported database backends. Database performance is critical for API response times. See Database setup for more information.
- Caching: Utilize caching mechanisms (e.g., Memcached, Redis) to reduce database load and improve API performance. See Caching.
- HTTPS: Always use HTTPS to encrypt API traffic.
- Authentication: Require authentication for sensitive API actions.
- Input Validation: Thoroughly validate all input parameters to prevent injection attacks.
- Rate Limiting: As discussed previously, rate limiting is essential for preventing abuse.
- Firewall: Use a firewall to restrict access to the API endpoint.
- Manual:API - Official MediaWiki API documentation
- Configuration - Details on `LocalSettings.php`
- Rate limiting - Advanced rate limiting configuration
- API:Data formats - Specifications for supported data formats
- Manual:Configuring Apache - Apache configuration guide
- Manual:Configuring Nginx - Nginx configuration guide
- Database setup - Instructions for setting up the database
- Caching - Information on caching mechanisms
- Denial of Service - Information about DoS attacks.
- Telegram: @powervps Servers at a discounted price
The `format` parameter in the API request specifies the desired output format. The server configuration determines which formats are enabled and their default behavior. We strongly recommend using JSON for new API integrations. See API:Data formats for specifications.
| Format | Description | MIME Type |
|---|---|---|
| JSON | JavaScript Object Notation. Human-readable and easily parsed. | `application/json` |
| XML | Extensible Markup Language. Widely used but more verbose than JSON. | `application/xml` or `text/xml` |
| PHP | Serialized PHP array. Considered less secure. | `text/plain` |
Server Requirements and Performance
The performance of the MediaWiki API is directly affected by the server's hardware and software configuration. Consider these factors:
Security Considerations
API security is paramount. Implement these measures:
Further Resources
Intel-Based Server Configurations
| Configuration | Specifications | Benchmark |
|---|---|---|
| Core i7-6700K/7700 Server | 64 GB DDR4, NVMe SSD 2 x 512 GB | CPU Benchmark: 8046 |
| Core i7-8700 Server | 64 GB DDR4, NVMe SSD 2x1 TB | CPU Benchmark: 13124 |
| Core i9-9900K Server | 128 GB DDR4, NVMe SSD 2 x 1 TB | CPU Benchmark: 49969 |
| Core i9-13900 Server (64GB) | 64 GB RAM, 2x2 TB NVMe SSD | |
| Core i9-13900 Server (128GB) | 128 GB RAM, 2x2 TB NVMe SSD | |
| Core i5-13500 Server (64GB) | 64 GB RAM, 2x500 GB NVMe SSD | |
| Core i5-13500 Server (128GB) | 128 GB RAM, 2x500 GB NVMe SSD | |
| Core i5-13500 Workstation | 64 GB DDR5 RAM, 2 NVMe SSD, NVIDIA RTX 4000 |
AMD-Based Server Configurations
| Configuration | Specifications | Benchmark |
|---|---|---|
| Ryzen 5 3600 Server | 64 GB RAM, 2x480 GB NVMe | CPU Benchmark: 17849 |
| Ryzen 7 7700 Server | 64 GB DDR5 RAM, 2x1 TB NVMe | CPU Benchmark: 35224 |
| Ryzen 9 5950X Server | 128 GB RAM, 2x4 TB NVMe | CPU Benchmark: 46045 |
| Ryzen 9 7950X Server | 128 GB DDR5 ECC, 2x2 TB NVMe | CPU Benchmark: 63561 |
| EPYC 7502P Server (128GB/1TB) | 128 GB RAM, 1 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (128GB/2TB) | 128 GB RAM, 2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (128GB/4TB) | 128 GB RAM, 2x2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (256GB/1TB) | 256 GB RAM, 1 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (256GB/4TB) | 256 GB RAM, 2x2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 9454P Server | 256 GB RAM, 2x2 TB NVMe |
Order Your Dedicated Server
Configure and order your ideal server configurationNeed Assistance?
⚠️ *Note: All benchmark scores are approximate and may vary based on configuration. Server availability subject to stock.* ⚠️