Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- vcl 4.0;
- import std;
- import softpurge;
- import variable;
- /**
- * Example VCL for Authcache Varnish / Authcache ESI
- * =================================================
- *
- * See also core.vcl for detailed information.
- *
- * Credits & Sources
- * -----------------
- * * Josh Waihi - Authenticated page caching with Varnish & Drupal:
- * http://joshwaihi.com/content/authenticated-page-caching-varnish-drupal
- * * Four Kitchens - Configure Varnish 3 for Drupal 7:
- * https://fourkitchens.atlassian.net/wiki/display/TECH/Configure+Varnish+3+for+Drupal+7
- * * The Varnish Book:
- * https://www.varnish-software.com/static/book/
- * * The Varnish Book - VCL Request Flow:
- * https://www.varnish-software.com/static/book/_images/vcl.png
- */
- # TODO: Update internal subnet ACL and security.
- # Define the internal network subnet.
- # These are used below to allow internal access to certain files while not
- # allowing access from the public internet.
- acl internalIps {
- "XX.XX.XX.XX";
- "XX.XX.XX.XX";
- }
- /**
- * Define all your backends here.
- */
- backend default {
- .host = "127.0.0.1";
- .port = "8080";
- .max_connections = 250;
- .connect_timeout = 300s;
- .first_byte_timeout = 300s;
- .between_bytes_timeout = 300s;
- }
- backend stage {
- .host = "127.0.0.1";
- .port = "8080";
- .max_connections = 250;
- .connect_timeout = 300s;
- .first_byte_timeout = 300s;
- .between_bytes_timeout = 300s;
- }
- /**
- * Include Authcache Varnish core.vcl.
- */
- include "/etc/varnish/core.vcl";
- /**
- * Defines where the authcache varnish key callback is located.
- *
- * Note that the key-retrieval path must start with a slash and must include
- * the path prefix if any (e.g. on multilingual sites or if Drupal is installed
- * in a subdirectory).
- */
- sub authcache_key_path {
- set req.http.X-Authcache-Key-Path = "/authcache-varnish-get-key";
- }
- /**
- * Derive the cache identifier for the key cache.
- */
- sub authcache_key_cid {
- if (req.http.Cookie ~ "(^|;)\s*S?SESS[a-z0-9]+=") {
- // Use the whole session cookie to differentiate between authenticated
- // users.
- set req.http.X-Authcache-Key-CID = "sess:"+regsuball(req.http.Cookie, "^(.*;\s*)?(S?SESS[a-z0-9]+=[^;]*).*$", "\2");
- }
- else {
- // If authcache key retrieval was enforced for anonymous traffic, the HTTP
- // host is used in order to keep apart anonymous users of different
- // domains.
- set req.http.X-Authcache-Key-CID = "host:"+req.http.host;
- }
- if (req.http.Cookie ~ "(^|;\s*)(aucp14=1)(;|$)"){
- set req.http.X-Authcache-Key-CID = req.http.X-Authcache-Key-CID + "-iva1";
- } else if (req.http.Cookie ~ "(^|;\s*)(aucp14=0)(;|$)"){
- set req.http.X-Authcache-Key-CID = req.http.X-Authcache-Key-CID + "-iva0";
- } else {
- if (req.http.Cookie ~ "(^|;\s*)(aucp14=)(;|$)"){
- set req.http.Cookie = regsuball(req.http.Cookie, "aucp14", "cancel_aucp14");
- }
- set req.http.X-Authcache-Key-CID = req.http.X-Authcache-Key-CID + "-iva1";
- set req.http.Cookie = req.http.Cookie + ";aucp14=1";
- }
- }
- /**
- * Place your custom vcl_recv code here.
- */
- sub authcache_recv {
- # Pipe these paths directly to Apache for streaming.
- if (req.url ~ "^/admin/content/backup_migrate/export") {
- return (pipe);
- }
- if (req.url ~ "^/(cron|install)\.php" ) {
- set req.url = "/404";
- return (hash);
- //return (synth(404));
- }
- if (
- //req.url ~ "^/authcache-varnish-get-key*$" ||
- req.url ~ "^/admin$" ||
- req.url ~ "^/admin/.*$" ||
- req.url ~ "^/batch.*$" ||
- req.url ~ "^/comment/edit.*$" ||
- req.url ~ "^/cron\.php$" ||
- req.url ~ "^/system/ajax$" ||
- req.url ~ "^/callback/ajax/.*$" ||
- req.url ~ "^/install\.php$" ||
- req.url ~ "^/phpmyadmin/.*$" ||
- req.url ~ "^/node/*/edit$" ||
- req.url ~ "^/node/*/track$" ||
- req.url ~ "^/node/add/.*$" ||
- req.url ~ "^/status\.php$" ||
- req.url ~ "^/system/files/*.$" ||
- req.url ~ "^/system/temporary.*$" ||
- req.url ~ "^/tracker$" ||
- req.url ~ "^/update\.php$" ||
- req.url ~ "^/user$" ||
- req.url ~ "^/user/.*$" ||
- req.url ~ "^/users/.*$") {
- return (pass);
- }
- // no cache these files
- if (req.url ~ "(?i)\.(xml|pdf|asc|dat|txt|doc|xls|ppt|tgz|csv|swf)(\?.*)?$") {
- return (pass);
- }
- //Always put has_js=1 for crawlers not have js activated
- if (req.http.Cookie !~ "(^|;\s*)(has_js=1)(;|$)"){
- if (req.http.Cookie ~ "(^|;\s*)(has_js=)(|$)"){
- //replace
- set req.http.Cookie = regsuball(req.http.Cookie, "has_js", "not_has_js");
- }
- //add
- set req.http.Cookie = req.http.Cookie + ";has_js=1";
- }
- set req.http.Original-Cookie = req.http.Cookie;
- if (req.http.Cookie) {
- set req.http.Cookie = ";" + req.http.Cookie;
- set req.http.Cookie = regsuball(req.http.Cookie, "; +", ";");
- set req.http.Cookie = regsuball(req.http.Cookie, ";(S?SESS[a-z0-9]+|aucp13n|XDEBUG_SESSION|NO_CACHE_MAC|nocachemac|aucp14|has_js)=", "; \1=");
- set req.http.Cookie = regsuball(req.http.Cookie, ";[^ ][^;]*", "");
- set req.http.Cookie = regsuball(req.http.Cookie, "^[; ]+|[; ]+$", "");
- if (req.http.Cookie == "") {
- unset req.http.Cookie;
- }
- }
- if (!req.http.X-Authcache-Get-Key) {
- set req.http.X-Authcache-Get-Key = "get";
- }
- }
- sub vcl_backend_fetch {
- }
- sub vcl_backend_response {
- }
- sub vcl_deliver {
- if (client.ip ~ internalIps){
- if (obj.hits > 0) {
- set resp.http.X-Varnish-Cache = "HIT";
- }
- else {
- set resp.http.X-Varnish-Cache = "MISS";
- }
- }
- }
- sub vcl_synth {
- set resp.http.Content-Type = "text/html; charset=utf-8";
- set resp.http.Retry-After = "60";
- synthetic( {"
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <title>Title</title>
- </head>
- <body>
- <div style="text-align: center;">
- <a href="#""><img src="server-error.jpg" style="margin:0; border: 0;max-width:100%;"/></a>
- </div>
- <div class="error">(Error "} + beresp.status + " " + beresp.reason + {")</div>
- </body>
- </html>"});
- return (deliver);
- }
- # In the event of an error, show friendlier messages.
- sub vcl_backend_error {
- # Redirect to some other URL in the case of a homepage failure.
- # Otherwise redirect to the homepage, which will likely be in the cache.
- set bereq.http.Content-Type = "text/html; charset=utf-8";
- synthetic( {"
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <title>Title</title>
- </head>
- <body>
- <div style="text-align: center;">
- <a href="#""><img src="server-error.jpg" style="margin:0; border: 0;max-width:100%;"/></a>
- </div>
- <div class="error">(Error "} + beresp.status + " " + beresp.reason + {")</div>
- </body>
- </html>"});
- return (deliver);
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement