Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #
- # This is an example VCL file for Varnish.
- #
- # It does not do anything by default, delegating control to the
- # builtin VCL. The builtin VCL is called when there is no explicit
- # return statement.
- #
- # See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
- # and http://varnish-cache.org/trac/wiki/VCLExamples for more examples.
- # Marker to tell the VCL compiler that this VCL has been adapted to the
- # new 4.0 format.
- vcl 4.0;
- # Default backend definition. Set this to point to your content server.
- backend default {
- .host = "127.0.0.1";
- .port = "8000";
- .connect_timeout = 10s;
- .first_byte_timeout = 20s;
- .between_bytes_timeout = 15s;
- .max_connections = 2000;
- }
- acl purge {
- "localhost";
- "127.0.0.1";
- }
- sub vcl_recv {
- # IF THIS IS A PURGE REQUEST, THEN CHECK THE IPS SET ABOVE
- # BLOCK IF NOT ONE OF THOSE IPS
- # ##########################################################
- if (req.method == "PURGE") {
- if ( !client.ip ~ purge ) {
- return (synth(405, "Not allowed."));
- }
- #return(hash);
- return(purge);
- }
- # Happens before we check if we have this in cache already.
- #
- # Typically you clean up the request here, removing cookies you don't need,
- # rewriting the request, etc.
- # set realIP by trimming CloudFlare IP which will be used for various checks
- set req.http.X-Actual-IP = regsub(req.http.X-Forwarded-For, "[, ].*$", "");
- /*
- if (client.ip != "127.0.0.1" && req.http.host ~ "server-hostname.com") {
- set req.http.x-redir = "http://server-hostname.com" + req.url;
- return(synth(850, ""));
- }
- */
- # code for preventing hotlinking
- if ( req.http.host == "test.server-hostname.com" &&
- req.url ~ "\.(js|css|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|swf)$" &&
- (req.http.referer && req.http.referer !~ "^https://test.server-hostname.com/")
- && req.http.host !~ "\.(google|yahoo|bing|facebook|fbcdn|twitter|yandex|baidu|csanyigroup|linkedin|printfriendly|feedburner|campaign-archive|msn|mailchimp|list-manage|rsgsv|mcsv|mcdlv)$") {
- return (synth(403, "No hotlinking please 1"));
- }
- # end hotlinking code
- if ( req.http.host == "test.server-hostname.com" &&
- req.url ~ "^/res/" && req.url ~ "\.(pdf|xls|rar)$" &&
- (req.http.referer !~ "^https://test.server-hostname.com/")
- && req.http.host !~ "\.(google|yahoo|bing|facebook|fbcdn|twitter|yandex|baidu|csanyigroup|linkedin|printfriendly|feedburner|campaign-archive|msn|mailchimp|list-manage|rsgsv|mcsv|mcdlv)$"
- ) {
- set req.url = "https://test.server-hostname.com/";
- }
- # code for preventing hotlinking
- if ( req.http.host == "server-hostname.com" &&
- req.url ~ "\.(js|css|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|swf)$" &&
- req.url !~ "(comodo_secure_seal_100x85_transp\.png)$" &&
- (req.http.referer !~ "^https://server-hostname.com/") && req.http.user-agent !~ "facebookexternalhit"
- && req.http.user-agent !~ "Google(.*)" && req.http.user-agent !~ "LinkedInBot" && req.http.user-agent !~ "Twitterbot" && req.http.user-agent !~ "Googlebot"
- && req.http.user-agent !~ "Googlebot-Image" && req.http.user-agent !~ "MailChimp(.*)" && req.http.user-agent !~ "(.*)bingbot(.*)" && req.http.user-agent !~ "PrintFriendly(.*)"
- ) {
- return (synth(403, "No hotlinking please 2"));
- }
- # end hotlinking code
- if ( req.http.host == "server-hostname.com" &&
- req.url ~ "^/res/" && req.url ~ "\.(pdf|xls|dwg|rar)$" &&
- (req.http.referer !~ "^https://server-hostname.com/")
- && req.http.host !~ "\.(google|yahoo|bing|facebook|fbcdn|twitter|yandex|baidu|csanyigroup|linkedin|printfriendly|feedburner|campaign-archive|msn|mailchimp|list-manage|rsgsv|mcsv|mcdlv)$"
- ) {
- set req.url = "https://server-hostname.com/";
- }
- #if (req.http.host ~ "test.server-hostname.com") {
- # return(pass);
- # }
- if (req.url ~ "/wp-admin/admin-ajax.php") {
- return (pass); }
- # Enable smart refreshing
- if (req.http.Cache-Control ~ "no-cache" && client.ip ~ purge) {
- set req.hash_always_miss = true;
- }
- # Unset cloudflare cookies
- # Remove has_js and CloudFlare/Google Analytics __* cookies.
- set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(_[_a-z]+|has_js)=[^;]*", "");
- # Remove a ";" prefix, if present.
- set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", "");
- # For Testing: If you want to test with Varnish passing (not caching) uncomment
- # return( pass );
- # FORWARD THE IP OF THE REQUEST
- if (req.restarts == 0) {
- if (req.http.x-forwarded-for) {
- set req.http.X-Forwarded-For =
- req.http.X-Forwarded-For + ", " + client.ip;
- } else {
- set req.http.X-Forwarded-For = client.ip;
- }
- }
- # DO NOT CACHE RSS FEED
- if (req.url ~ "/feed/") {
- return ( pass );
- }
- if (req.url ~ "^/(cart|my-account|checkout|addons|membership-checkout)") {
- return (pass);
- }
- if ( req.url ~ "\?add-to-cart=" ) {
- return (pass);
- }
- ## Do not cache search results, comment these 3 lines if you do want to cache them
- if (req.url ~ "/\?s\=") {
- return ( pass );
- }
- # CLEAN UP THE ENCODING HEADER.
- # SET TO GZIP, DEFLATE, OR REMOVE ENTIRELY. WITH VARY ACCEPT-ENCODING
- # VARNISH WILL CREATE SEPARATE CACHES FOR EACH
- # DO NOT ACCEPT-ENCODING IMAGES, ZIPPED FILES, AUDIO, ETC.
- # ##########################################################
- if (req.http.Accept-Encoding) {
- if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {
- # No point in compressing these
- unset req.http.Accept-Encoding;
- } elsif (req.http.Accept-Encoding ~ "gzip") {
- set req.http.Accept-Encoding = "gzip";
- } elsif (req.http.Accept-Encoding ~ "deflate") {
- set req.http.Accept-Encoding = "deflate";
- } else {
- # unknown algorithm
- unset req.http.Accept-Encoding;
- }
- }
- # PIPE ALL NON-STANDARD REQUESTS
- # ##########################################################
- if (req.method != "GET" &&
- req.method != "HEAD" &&
- req.method != "PUT" &&
- req.method != "POST" &&
- req.method != "TRACE" &&
- req.method != "OPTIONS" &&
- req.method != "DELETE") {
- return (pipe);
- }
- # ONLY CACHE GET AND HEAD REQUESTS
- # ##########################################################
- if (req.method != "GET" && req.method != "HEAD") {
- return (pass);
- }
- # OPTIONAL: DO NOT CACHE LOGGED IN USERS (THIS OCCURS IN FETCH TOO, EITHER
- # COMMENT OR UNCOMMENT BOTH
- # ##########################################################
- if ( req.http.cookie ~ "wordpress_logged_in" ) {
- return( pass );
- }
- # IF THE REQUEST IS NOT FOR A PREVIEW, WP-ADMIN OR WP-LOGIN
- # THEN UNSET THE COOKIES
- # ##########################################################
- if (!(req.url ~ "wp-(login|admin)")
- && !(req.url ~ "&preview=true" )
- ){
- unset req.http.cookie;
- }
- # IF BASIC AUTH IS ON THEN DO NOT CACHE
- # ##########################################################
- if (req.http.Authorization || req.http.Cookie) {
- return (pass);
- }
- # No caching AJAX request
- # don't cache ajax requests
- if(req.http.X-Requested-With == "XMLHttpRequest"
- || req.url ~ "nocache"
- || req.url ~ "(xmlrpc.php|control.php|wp-comments-post.php|wp-login.php|bb-login.php|bb-reset-password.php|register.php|cron.php|/wp-admin/admin-ajax.php)"
- || req.url ~ "captcha-plus"
- || req.url ~ "contact-form-7"
- || req.url ~ "smtp"
- || req.url ~ "membership-account") {
- return (pass);
- }
- if (req.http.Authorization || req.method == "POST") {
- return (pass);
- }
- # IF YOU GET HERE THEN THIS REQUEST SHOULD BE CACHED
- # ##########################################################
- return (hash);
- }
- /*
- sub vcl_synth {
- if (resp.status == 850) {
- set resp.http.Location = req.http.x-redir;
- set resp.status = 302;
- return (deliver);
- }
- }
- */
- sub vcl_purge {
- set req.method = "GET";
- set req.http.X-Purger = "Purged";
- return (restart);
- }
- sub vcl_backend_response {
- # Happens after we have read the response headers from the backend.
- #
- # Here you clean the response headers, removing silly Set-Cookie headers
- # and other mistakes your backend does.
- # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC
- # TENDANCY TO SET VARY USER-AGENT. YOU MAY OR MAY NOT WANT
- # TO DO THIS
- # ##########################################################
- set beresp.http.Vary = "Accept-Encoding";
- # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF
- # TIME THIS PAGE WILL STAY CACHED (TTL)
- # ##########################################################
- if (!(bereq.url ~ "wp-(login|admin)") && !bereq.http.cookie ~ "wordpress_logged_in" ) {
- unset beresp.http.set-cookie;
- set beresp.ttl = 52w;
- # set beresp.grace =1w;
- }
- if (beresp.ttl <= 0s ||
- beresp.http.Set-Cookie ||
- beresp.http.Vary == "*") {
- set beresp.ttl = 120 s;
- # set beresp.ttl = 120s;
- set beresp.uncacheable = true;
- return (deliver);
- }
- return (deliver);
- }
- sub vcl_deliver {
- # Happens when we have all the pieces we need, and are about to send the
- # response to the client.
- #
- # You can do accounting or modifying the final object here.
- # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT' TEXT
- # IN THE HEADER (GREAT FOR DEBUGGING)
- # ##########################################################
- if (obj.hits > 0) {
- set resp.http.X-Cache = "HIT";
- # IF THIS IS A MISS RETURN THAT IN THE HEADER
- # ##########################################################
- } else {
- set resp.http.X-Cache = "MISS";
- }
- if (req.http.X-Purger) {
- set resp.http.X-Purger = req.http.X-Purger;
- }
- }
- # HIT FUNCTION
- # ##########################################################
- sub vcl_hit {
- # IF THIS IS A PURGE REQUEST THEN DO THE PURGE
- # ##########################################################
- if (req.method == "PURGE") {
- #
- # This is now handled in vcl_recv.
- #
- # purge;
- return (synth(200, "Purged."));
- }
- return (deliver);
- }
- # MISS FUNCTION
- # ##########################################################
- sub vcl_miss {
- if (req.method == "PURGE") {
- #
- # This is now handled in vcl_recv.
- #
- # purge;
- return (synth(200, "Purged."));
- }
- return (fetch);
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement