Behind a Reverse Proxy
In general we run dynamic websites (such as MediaWiki) on Apache2 servers "behind" a reverse proxy server, usually also Apache2. Unfortunately, out of the box, MediaWiki is written with some internal links using absolute addresses (which include the server DNS name). This makes proxying from the reverse proxy server somewhat problematic.
The easiest way to fix this, it seems, is to add the following to LocalSettings.php, after $wgSitename:
... $wgSitename = "..."; $wgServer = ''; ...
This effectively overrides the automatic discovery of the server name and protocol and forces all internal URLs to be relative (ie. resolved by the browser, as it should be).
Using Short URLs is also a good idea.
Apache Configuration for a Reverse Proxy
It is a good idea to use https (Secure HTTP) for authentication etc. as passwords will not travel over the Internet "in the clear".
In the normal VirtualHost section of Apache (assuming the MediaWiki is symlinked at DocumentRoot as "mw":
Redirect permanent /mw/ https://fqdn.of.this.server/mw/ ProxyPass /wiki/ http://internal.mediawiki.server/wiki/ ProxyPassReverse /wiki/ http://internal.mediawiki.server/wiki/
This forces all /mw/ references to redirect (permanently) to the https port, including logins, but not normal (read-only) pages.
Then, in the VirtualHost section for the https part:
ProxyPass /mw/ http://internal.mediawiki.server/mw/ ProxyPassReverse /mw/ http://internal.mediawiki.server/mw/ ProxyPass /wiki/ http://internal.mediawiki.server/wiki/ ProxyPassReverse /wiki/ http://internal.mediawiki.server/wiki/