Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- vcl 4.0;
- import std;
- # localhost isn't my IP, i use NAT IP at .host
- backend default {
- .host = "localhost";
- .port = "8080";
- .connect_timeout = 600s;
- .first_byte_timeout = 600s;
- .between_bytes_timeout = 600s;
- .max_connections = 800;
- }
- # SET THE ALLOWED IP OF PURGE REQUESTS
- acl purge {
- "localhost";
- "127.0.0.1";
- "here my NAT IP";
- }
- #THE RECV FUNCTION
- sub vcl_recv {
- # Normalize the header, remove the port (in case you're testing this on various TCP ports)
- set req.http.X-Actual-IP = regsub(req.http.X-Forwarded-For, "[, ].*$", "");
- # FORWARD THE IP OF THE REQUEST
- if (req.restarts == 0) {
- if (req.http.x-forwarded-for) {
- set req.http.X-Forwarded-For =
- req.http.X-Forwarded-For + ", " + client.ip;
- } else {
- set req.http.X-Forwarded-For = client.ip;
- }
- }
- # Enable smart refreshing using hash_always_miss
- if (req.http.Cache-Control ~ "no-cache") {
- if (client.ip ~ purge || std.ip(req.http.X-Actual-IP, "here my NAT IP") ~ purge) {
- set req.hash_always_miss = true;
- }
- }
- if (req.method == "PURGE") {
- if (!client.ip ~ purge || !std.ip(req.http.X-Actual-IP, "here my NAT IP") ~ purge) {
- return(synth(405,"Not allowed."));
- }
- return (purge);
- }
- if (req.method == "BAN") {
- # Same ACL check as above:
- if (!client.ip ~ purge || !std.ip(req.http.X-Actual-IP, "here my NAT IP") ~ purge) {
- return(synth(403, "Not allowed."));
- }
- ban("req.http.host == " + req.http.host +
- " && req.url == " + req.url);
- # Throw a synthetic page so the
- # request won't go to the backend.
- return(synth(200, "Ban added"));
- }
- # Unset cloudflare cookies
- # Remove has_js and CloudFlare/Google Analytics __* cookies.
- set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(_[_a-z]+|has_js)=[^;]*", "");
- # Remove a ";" prefix, if present.
- set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", "");
- # For Testing: If you want to test with Varnish passing (not caching) uncomment
- # return( pass );
- # CONFIGURACAO PARA WORDPRESS #
- # Rss
- if (req.url ~ "/feed(/)?") {
- return ( pass );
- }
- #Pass wp-cron
- if (req.url ~ "wp-cron\.php.*") {
- return ( pass );
- }
- ## Do not cache search results, comment these 3 lines if you do want to cache them
- if (req.url ~ "/\?s\=") {
- return ( pass );
- }
- #################################
- # SET TO GZIP, DEFLATE, OR REMOVE ENTIRELY. WITH VARY ACCEPT-ENCODING
- # VARNISH WILL CREATE SEPARATE CACHES FOR EACH
- if (req.http.Accept-Encoding) {
- if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {
- # No point in compressing these
- unset req.http.Accept-Encoding;
- } elsif (req.http.Accept-Encoding ~ "gzip") {
- set req.http.Accept-Encoding = "gzip";
- } elsif (req.http.Accept-Encoding ~ "deflate") {
- set req.http.Accept-Encoding = "deflate";
- } else {
- # unknown algorithm
- unset req.http.Accept-Encoding;
- }
- }
- # PIPE ALL NON-STANDARD REQUESTS
- if (req.method != "GET" &&
- req.method != "HEAD" &&
- req.method != "PUT" &&
- req.method != "POST" &&
- req.method != "TRACE" &&
- req.method != "OPTIONS" &&
- req.method != "DELETE") {
- return (pipe);
- }
- # ONLY CACHE GET AND HEAD REQUESTS
- if (req.method != "GET" && req.method != "HEAD") {
- return (pass);
- }
- # OPTIONAL: DO NOT CACHE LOGGED IN USERS (THIS OCCURS IN FETCH TOO, EITHER
- if ( req.http.cookie ~ "wordpress_logged_in" ) {
- return( pass );
- }
- #IF THE REQUEST IS NOT FOR A PREVIEW, WP-ADMIN OR WP-LOGIN THEN UNSET THE COOKIES
- if (req.url ~ "wp-(login|admin)" || req.url ~ "preview=true") {
- return (pass);
- }
- if (!(req.url ~ "wp-(login|admin)")){
- unset req.http.cookie;
- }
- if ( !( req.url ~ "wp-(login|admin)" )) {
- unset req.http.Cookie;
- }
- # IF BASIC AUTH IS ON THEN DO NOT CACHE
- if (req.http.Authorization || req.http.Cookie) {
- return (pass);
- }
- ###################################################
- # Post requests will not be cached
- if (req.http.Authorization || req.method == "POST") {
- return (pass);
- }
- # --- Wordpress specific configuration
- # Blitz hack
- if (req.url ~ "/mu-.*") {
- return (pass);
- }
- # Did not cache the admin and login pages
- if (req.url ~ "wp-(login|admin)" || req.url ~ "preview=true") {
- return (pass);
- }
- # Do not cache the WooCommerce pages
- ### REMOVE IT IF YOU DO NOT USE WOOCOMMERCE ###
- if (req.url ~ "/(cart|my-account|checkout|addons|/?add-to-cart=)") {
- return (pass);
- }
- # Remove the "has_js" cookie
- set req.http.Cookie = regsuball(req.http.Cookie, "has_js=[^;]+(; )?", "");
- # Remove any Google Analytics based cookies
- set req.http.Cookie = regsuball(req.http.Cookie, "__utm.=[^;]+(; )?", "");
- # Remove the Quant Capital cookies (added by some plugin, all __qca)
- set req.http.Cookie = regsuball(req.http.Cookie, "__qc.=[^;]+(; )?", "");
- # Remove the wp-settings-1 cookie
- set req.http.Cookie = regsuball(req.http.Cookie, "wp-settings-1=[^;]+(; )?", "");
- # Remove the wp-settings-time-1 cookie
- set req.http.Cookie = regsuball(req.http.Cookie, "wp-settings-time-1=[^;]+(; )?", "");
- # Remove the wp test cookie
- set req.http.Cookie = regsuball(req.http.Cookie, "wordpress_test_cookie=[^;]+(; )?", "");
- # Are there cookies left with only spaces or that are empty?
- if (req.http.cookie ~ "^ *$") {
- unset req.http.cookie;
- }
- # Cache the following files extensions
- if (req.url ~ "\.(css|js|png|gif|jp(e)?g|swf|ico)") {
- unset req.http.cookie;
- }
- # Normalize Accept-Encoding header and compression
- # https://www.varnish-cache.org/docs/3.0/tutorial/vary.html
- if (req.http.Accept-Encoding) {
- # Do no compress compressed files...
- if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {
- unset req.http.Accept-Encoding;
- } elsif (req.http.Accept-Encoding ~ "gzip") {
- set req.http.Accept-Encoding = "gzip";
- } elsif (req.http.Accept-Encoding ~ "deflate") {
- set req.http.Accept-Encoding = "deflate";
- } else {
- unset req.http.Accept-Encoding;
- }
- }
- # Check the cookies for wordpress-specific items
- if (req.http.Cookie ~ "wordpress_" || req.http.Cookie ~ "comment_") {
- return (pass);
- }
- if (!req.http.cookie) {
- unset req.http.cookie;
- }
- # --- End of Wordpress specific configuration
- # Did not cache HTTP authentication and HTTP Cookie
- if (req.http.Authorization || req.http.Cookie) {
- # Not cacheable by default
- return (pass);
- }
- # Cache all others requests
- return (hash);
- }
- # PASS FUNCTION
- sub vcl_pass {
- return (fetch);
- }
- # HIT FUNCTION
- sub vcl_hit {
- return (deliver);
- }
- # MISS FUNCTION
- sub vcl_miss {
- return (fetch);
- }
- # FETCH FUNCTION
- sub vcl_backend_response {
- # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC
- # TENDANCY TO SET VARY USER-AGENT. YOU MAY OR MAY NOT WANT
- # TO DO THIS
- set beresp.http.Vary = "Accept-Encoding";
- # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF
- # TIME THIS PAGE WILL STAY CACHED (TTL)
- if (!(bereq.url ~ "(wp-login|wp-admin|preview=true)") && !bereq.http.cookie ~ "wordpress_logged_in" ) {
- unset beresp.http.set-cookie;
- set beresp.ttl = 52w;
- # set beresp.grace =1d;
- }
- if (beresp.ttl <= 0s ||
- beresp.http.Set-Cookie ||
- beresp.http.Vary == "*") {
- set beresp.ttl = 120 s;
- # set beresp.ttl = 120s;
- set beresp.uncacheable = true;
- return (deliver);
- }
- return (deliver);
- }
- # DELIVER FUNCTION
- sub vcl_deliver {
- if (obj.hits > 0) {
- set resp.http.X-Cache = "HIT";
- } else {
- set resp.http.X-Cache = "MISS";
- }
- set resp.http.X-Cache-Hits = obj.hits;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement