API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 23rd, 2017
92
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 14.92 KB | None | 0 0
raw download clone embed print report
  1. C{
  2. #include <stdlib.h>
  3. #include <stdio.h>
  4. #include <time.h>
  5. #include <pthread.h>
  6. static pthread_mutex_t lrand_mutex = PTHREAD_MUTEX_INITIALIZER;
  7. void generate_uuid(char* buf) {
  8. pthread_mutex_lock(&lrand_mutex);
  9. long a = lrand48();
  10. long b = lrand48();
  11. long c = lrand48();
  12. long d = lrand48();
  13. pthread_mutex_unlock(&lrand_mutex);
  14. // SID must match this regex for Kount compat /^w{1,32}$/
  15. sprintf(buf, "frontend=%08lx%04lx%04lx%04lx%04lx%08lx",
  16. a,
  17. b & 0xffff,
  18. (b & ((long)0x0fff0000) >> 16) | 0x4000,
  19. (c & 0x0fff) | 0x8000,
  20. (c & (long)0xffff0000) >> 16,
  21. d
  22. );
  23. return;
  24. }
  25. }C
  26. import std;
  27. backend default {
  28. .host = "127.0.0.1";
  29. .port = "8080";
  30. .first_byte_timeout = 300s;
  31. .between_bytes_timeout = 300s;
  32. }
  33. backend admin {
  34. .host = "127.0.0.1";
  35. .port = "8080";
  36. .first_byte_timeout = 21600s;
  37. .between_bytes_timeout = 21600s;
  38. }
  39. acl crawler_acl {
  40. "127.0.0.1";
  41. }
  42. acl debug_acl {
  43. }
  44. sub generate_session {
  45. if (req.url ~ ".*[&?]SID=([^&]+).*") {
  46. set req.http.X-Varnish-Faked-Session = regsub(
  47. req.url, ".*[&?]SID=([^&]+).*", "frontend=1");
  48. } else {
  49. C{
  50. char uuid_buf [50];
  51. generate_uuid(uuid_buf);
  52. VRT_SetHdr(sp, HDR_REQ,
  53. "30X-Varnish-Faked-Session:",
  54. uuid_buf,
  55. vrt_magic_string_end
  56. );
  57. }C
  58. }
  59. if (req.http.Cookie) {
  60. std.collect(req.http.Cookie);
  61. set req.http.Cookie = req.http.X-Varnish-Faked-Session +
  62. "; " + req.http.Cookie;
  63. } else {
  64. set req.http.Cookie = req.http.X-Varnish-Faked-Session;
  65. }
  66. }
  67. sub generate_session_expires {
  68. C{
  69. time_t now = time(NULL);
  70. struct tm now_tm = *gmtime(&now);
  71. now_tm.tm_sec += 86400;
  72. mktime(&now_tm);
  73. char date_buf [50];
  74. strftime(date_buf, sizeof(date_buf)-1, "%a, %d-%b-%Y %H:%M:%S %Z", &now_tm);
  75. VRT_SetHdr(sp, HDR_RESP,
  76. "31X-Varnish-Cookie-Expires:",
  77. date_buf,
  78. vrt_magic_string_end
  79. );
  80. }C
  81. }
  82. sub vcl_recv {
  83. if (req.restarts == 0) {
  84. if (req.http.X-Forwarded-For) {
  85. set req.http.X-Forwarded-For =
  86. req.http.X-Forwarded-For + ", " + client.ip;
  87. } else {
  88. set req.http.X-Forwarded-For = client.ip;
  89. }
  90. }
  91. if (!false || req.http.Authorization ||
  92. req.request !~ "^(GET|HEAD)$" ||
  93. req.http.Cookie ~ "varnish_bypass=1") {
  94. return (pipe);
  95. }
  96. set req.url = regsuball(req.url, "(.*)//+(.*)", "1/2");
  97. if (req.http.Accept-Encoding) {
  98. if (req.http.Accept-Encoding ~ "gzip") {
  99. set req.http.Accept-Encoding = "gzip";
  100. } else if (req.http.Accept-Encoding ~ "deflate") {
  101. set req.http.Accept-Encoding = "deflate";
  102. } else {
  103. unset req.http.Accept-Encoding;
  104. }
  105. }
  106. if (req.url ~ "^(/media/|/skin/|/js/|/)(?:(?:index|litespeed).php/)?") {
  107. set req.http.X-Turpentine-Secret-Handshake = "1";
  108. if (req.url ~ "^(/media/|/skin/|/js/|/)(?:(?:index|litespeed).php/)?admin") {
  109. set req.backend = admin;
  110. return (pipe);
  111. }
  112. if (req.http.Cookie ~ "bcurrency=") {
  113. set req.http.X-Varnish-Currency = regsub(
  114. req.http.Cookie, ".*bcurrency=([^;]*).*", "1");
  115. }
  116. if (req.http.Cookie ~ "bstore=") {
  117. set req.http.X-Varnish-Store = regsub(
  118. req.http.Cookie, ".*bstore=([^;]*).*", "1");
  119. }
  120. if (req.url ~ "/turpentine/esi/get(?:Block|FormKey)/") {
  121. set req.http.X-Varnish-Esi-Method = regsub(
  122. req.url, ".*/method/(w+)/.*", "1");
  123. set req.http.X-Varnish-Esi-Access = regsub(
  124. req.url, ".*/access/(w+)/.*", "1");
  125. if (req.http.X-Varnish-Esi-Method == "esi" && req.esi_level == 0 &&
  126. !(false || client.ip ~ debug_acl)) {
  127. error 403 "External ESI requests are not allowed";
  128. }
  129. }
  130. if (req.http.Cookie !~ "frontend=") {
  131. if (client.ip ~ crawler_acl ||
  132. req.http.User-Agent ~ "^(?:ApacheBench/.*|.*Googlebot.*|JoeDog/.*Siege.*|magespeedtest.com|Nexcessnet_Turpentine/.*)$") {
  133. set req.http.Cookie = "frontend=crawler-session";
  134. } else {
  135. call generate_session;
  136. }
  137. }
  138. if (true &&
  139. req.url ~ ".*.(?:css|js|jpe?g|png|gif|ico|swf)(?=?|&|$)") {
  140. unset req.http.Cookie;
  141. unset req.http.X-Varnish-Faked-Session;
  142. return (lookup);
  143. }
  144. if (req.url ~ "^(/media/|/skin/|/js/|/)(?:(?:index|litespeed).php/)?(?:admin|api|cron.php)" ||
  145. req.url ~ "?.*__from_store=") {
  146. return (pipe);
  147. }
  148. if (true &&
  149. req.url ~ "(?:[?&](?:__SID|XDEBUG_PROFILE)(?=[&=]|$))") {
  150. return (pass);
  151. }
  152. if (req.url ~ "[?&](utm_source|utm_medium|utm_campaign|gclid|cx|ie|cof|siteurl)=") {
  153. set req.url = regsuball(req.url, "(?:(?)?|&)(?:utm_source|utm_medium|utm_campaign|gclid|cx|ie|cof|siteurl)=[^&]+", "1");
  154. set req.url = regsuball(req.url, "(?:(?)&|?$)", "1");
  155. }
  156. return (lookup);
  157. }
  158. }
  159. sub vcl_pipe {
  160. unset bereq.http.X-Turpentine-Secret-Handshake;
  161. set bereq.http.Connection = "close";
  162. }
  163. sub vcl_hash {
  164. hash_data(req.url);
  165. if (req.http.Host) {
  166. hash_data(req.http.Host);
  167. } else {
  168. hash_data(server.ip);
  169. }
  170. hash_data(req.http.Ssl-Offloaded);
  171. if (req.http.X-Normalized-User-Agent) {
  172. hash_data(req.http.X-Normalized-User-Agent);
  173. }
  174. if (req.http.Accept-Encoding) {
  175. hash_data(req.http.Accept-Encoding);
  176. }
  177. if (req.http.X-Varnish-Store || req.http.X-Varnish-Currency) {
  178. hash_data("s=" + req.http.X-Varnish-Store + "&c=" + req.http.X-Varnish-Currency);
  179. }
  180. if (req.http.X-Varnish-Esi-Access == "private" &&
  181. req.http.Cookie ~ "frontend=") {
  182. hash_data(regsub(req.http.Cookie, "^.*?frontend=([^;]*);*.*$", "1"));
  183. }
  184. return (hash);
  185. }
  186. sub vcl_hit {
  187. }
  188. sub vcl_fetch {
  189. set req.grace = 15s;
  190. set beresp.http.X-Varnish-Host = req.http.host;
  191. set beresp.http.X-Varnish-URL = req.url;
  192. if (req.url ~ "^(/media/|/skin/|/js/|/)(?:(?:index|litespeed).php/)?") {
  193. unset beresp.http.Vary;
  194. set beresp.do_gzip = true;
  195. if (beresp.status != 200 && beresp.status != 404) {
  196. set beresp.ttl = 15s;
  197. return (hit_for_pass);
  198. } else {
  199. if (beresp.http.Set-Cookie) {
  200. set beresp.http.X-Varnish-Set-Cookie = beresp.http.Set-Cookie;
  201. unset beresp.http.Set-Cookie;
  202. }
  203. unset beresp.http.Cache-Control;
  204. unset beresp.http.Expires;
  205. unset beresp.http.Pragma;
  206. unset beresp.http.Cache;
  207. unset beresp.http.Age;
  208. if (beresp.http.X-Turpentine-Esi == "1") {
  209. set beresp.do_esi = true;
  210. }
  211. if (beresp.http.X-Turpentine-Cache == "0") {
  212. set beresp.ttl = 15s;
  213. return (hit_for_pass);
  214. } else {
  215. if (true &&
  216. bereq.url ~ ".*.(?:css|js|jpe?g|png|gif|ico|swf)(?=?|&|$)") {
  217. set beresp.ttl = 28800s;
  218. set beresp.http.Cache-Control = "max-age=28800";
  219. } elseif (req.http.X-Varnish-Esi-Method) {
  220. if (req.http.X-Varnish-Esi-Access == "private" &&
  221. req.http.Cookie ~ "frontend=") {
  222. set beresp.http.X-Varnish-Session = regsub(req.http.Cookie,
  223. "^.*?frontend=([^;]*);*.*$", "1");
  224. }
  225. if (req.http.X-Varnish-Esi-Method == "ajax" &&
  226. req.http.X-Varnish-Esi-Access == "public") {
  227. set beresp.http.Cache-Control = "max-age=" + regsub(
  228. req.url, ".*/ttl/(d+)/.*", "1");
  229. }
  230. set beresp.ttl = std.duration(
  231. regsub(
  232. req.url, ".*/ttl/(d+)/.*", "1s"),
  233. 300s);
  234. if (beresp.ttl == 0s) {
  235. set beresp.ttl = 15s;
  236. return (hit_for_pass);
  237. }
  238. } else {
  239. set beresp.ttl = 3600s;
  240. }
  241. }
  242. }
  243. return (deliver);
  244. }
  245. }
  246. sub vcl_deliver {
  247. if (req.http.X-Varnish-Faked-Session) {
  248. call generate_session_expires;
  249. set resp.http.Set-Cookie = req.http.X-Varnish-Faked-Session +
  250. "; expires=" + resp.http.X-Varnish-Cookie-Expires + "; path=/";
  251. if (req.http.Host) {
  252. set resp.http.Set-Cookie = resp.http.Set-Cookie +
  253. "; domain=" + regsub(req.http.Host, ":d+$", "");
  254. }
  255. set resp.http.Set-Cookie = resp.http.Set-Cookie + "; httponly";
  256. unset resp.http.X-Varnish-Cookie-Expires;
  257. }
  258. if (req.http.X-Varnish-Esi-Method == "ajax" && req.http.X-Varnish-Esi-Access == "private") {
  259. set resp.http.Cache-Control = "no-cache";
  260. }
  261. if (true || client.ip ~ debug_acl) {
  262. set resp.http.X-Varnish-Hits = obj.hits;
  263. set resp.http.X-Varnish-Esi-Method = req.http.X-Varnish-Esi-Method;
  264. set resp.http.X-Varnish-Esi-Access = req.http.X-Varnish-Esi-Access;
  265. set resp.http.X-Varnish-Currency = req.http.X-Varnish-Currency;
  266. set resp.http.X-Varnish-Store = req.http.X-Varnish-Store;
  267. } else {
  268. #unset resp.http.X-Varnish;
  269. unset resp.http.Via;
  270. unset resp.http.X-Powered-By;
  271. unset resp.http.Server;
  272. unset resp.http.X-Turpentine-Cache;
  273. unset resp.http.X-Turpentine-Esi;
  274. unset resp.http.X-Turpentine-Flush-Events;
  275. unset resp.http.X-Turpentine-Block;
  276. unset resp.http.X-Varnish-Session;
  277. unset resp.http.X-Varnish-Host;
  278. unset resp.http.X-Varnish-URL;
  279. unset resp.http.X-Varnish-Set-Cookie;
  280. }
  281. }
  282.  
  283. # Configuration file for varnish
  284. #
  285. # /etc/init.d/varnish expects the variables $DAEMON_OPTS, $NFILES and $MEMLOCK
  286. # to be set from this shell script fragment.
  287. #
  288.  
  289. # Should we start varnishd at boot? Set to "no" to disable.
  290. START=yes
  291.  
  292. # Maximum number of open files (for ulimit -n)
  293. NFILES=131072
  294.  
  295. # Maximum locked memory size (for ulimit -l)
  296. # Used for locking the shared memory log in memory. If you increase log size,
  297. # you need to increase this number as well
  298. MEMLOCK=82000
  299.  
  300. # Default varnish instance name is the local nodename. Can be overridden with
  301. # the -n switch, to have more instances on a single server.
  302. # INSTANCE=$(uname -n)
  303.  
  304. # This file contains 4 alternatives, please use only one.
  305.  
  306. ## Alternative 1, Minimal configuration, no VCL
  307. #
  308. # Listen on port 6081, administration on localhost:6082, and forward to
  309. # content server on localhost:8080. Use a 1GB fixed-size cache file.
  310. #
  311. # DAEMON_OPTS="-a :6081
  312. # -T localhost:6082
  313. # -b localhost:8080
  314. # -u varnish -g varnish
  315. # -S /etc/varnish/secret
  316. # -s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G"
  317.  
  318.  
  319. ## Alternative 2, Configuration with VCL
  320. #
  321. # Listen on port 6081, administration on localhost:6082, and forward to
  322. # one content server selected by the vcl file, based on the request. Use a 1GB
  323. # fixed-size cache file.
  324. #
  325. DAEMON_OPTS="-a :8081
  326. -T localhost:6082
  327. -f /etc/varnish/default.vcl
  328. -S /etc/varnish/secret
  329. -s malloc,256m
  330. -p esi_syntax=0x2
  331. -p cli_buffer=16384"
  332.  
  333.  
  334. ## Alternative 3, Advanced configuration
  335. #
  336. # See varnishd(1) for more information.
  337. #
  338. # # Main configuration file. You probably want to change it :)
  339. # VARNISH_VCL_CONF=/etc/varnish/default.vcl
  340. #
  341. # # Default address and port to bind to
  342. # # Blank address means all IPv4 and IPv6 interfaces, otherwise specify
  343. # # a host name, an IPv4 dotted quad, or an IPv6 address in brackets.
  344. # VARNISH_LISTEN_ADDRESS=
  345. # VARNISH_LISTEN_PORT=6081
  346. #
  347. # # Telnet admin interface listen address and port
  348. # VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1
  349. # VARNISH_ADMIN_LISTEN_PORT=6082
  350. #
  351. # # The minimum number of worker threads to start
  352. # VARNISH_MIN_THREADS=1
  353. #
  354. # # The Maximum number of worker threads to start
  355. # VARNISH_MAX_THREADS=1000
  356. #
  357. # # Idle timeout for worker threads
  358. # VARNISH_THREAD_TIMEOUT=120
  359. #
  360. # # Cache file location
  361. # VARNISH_STORAGE_FILE=/var/lib/varnish/$INSTANCE/varnish_storage.bin
  362. #
  363. # # Cache file size: in bytes, optionally using k / M / G / T suffix,
  364. # # or in percentage of available disk space using the % suffix.
  365. # VARNISH_STORAGE_SIZE=1G
  366. #
  367. # # File containing administration secret
  368. # VARNISH_SECRET_FILE=/etc/varnish/secret
  369. #
  370. # # Backend storage specification
  371. # VARNISH_STORAGE="file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}"
  372. #
  373. # # Default TTL used when the backend does not specify one
  374. # VARNISH_TTL=120
  375. #
  376. # # DAEMON_OPTS is used by the init script. If you add or remove options, make
  377. # # sure you update this section, too.
  378. # DAEMON_OPTS="-a ${VARNISH_LISTEN_ADDRESS}:${VARNISH_LISTEN_PORT}
  379. # -f ${VARNISH_VCL_CONF}
  380. # -T ${VARNISH_ADMIN_LISTEN_ADDRESS}:${VARNISH_ADMIN_LISTEN_PORT}
  381. # -t ${VARNISH_TTL}
  382. # -w ${VARNISH_MIN_THREADS},${VARNISH_MAX_THREADS},${VARNISH_THREAD_TIMEOUT}
  383. # -S ${VARNISH_SECRET_FILE}
  384. # -s ${VARNISH_STORAGE}"
  385. #
  386.  
  387.  
  388. ## Alternative 4, Do It Yourself
  389. #
  390. # DAEMON_OPTS=""
  391.  
  392. server {
  393. listen 80;
  394. server_name royalpets.com.br *.royalpets.com.br;
  395. location / {
  396. proxy_pass http://127.0.0.1:8081;
  397. proxy_buffer_size 8k;
  398. proxy_set_header Host $host;
  399. }
  400. }
  401.  
  402. server {
  403. listen 80;
  404. server_name acp.royalpets.com.br;
  405. root /var/www/acp;
  406. index index.php index.html index.htm;
  407.  
  408. location ~ .php$ { ## Execute PHP scripts
  409. if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss
  410.  
  411. expires off; ## Do not cache dynamic content
  412. fastcgi_pass unix:/var/run/php5-fpm.sock;
  413. fastcgi_param HTTPS $fastcgi_https;
  414. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  415. fastcgi_param MAGE_RUN_CODE default; ## Store code is defined in administration > Configuration > Manage Stores
  416. fastcgi_param MAGE_RUN_TYPE store;
  417. include fastcgi_params; ## See /etc/nginx/fastcgi_params
  418. }
  419.  
  420. }
  421. server {
  422. listen 8080;
  423.  
  424. #server_name royalpets.com.br; ## Domain is here twice so server_name_in_redirect will favour the www
  425. root /var/www/magento;
  426.  
  427. location / {
  428. index index.html index.php; ## Allow a static html file to be shown first
  429. try_files $uri $uri/ @handler; ## If missing pass the URI to Magento's front handler
  430. expires 30d; ## Assume all files are cachable
  431. }
  432.  
  433. ## These locations would be hidden by .htaccess normally
  434. location ^~ /app/ { deny all; }
  435. location ^~ /includes/ { deny all; }
  436. location ^~ /lib/ { deny all; }
  437. location ^~ /media/downloadable/ { deny all; }
  438. location ^~ /pkginfo/ { deny all; }
  439. location ^~ /report/config.xml { deny all; }
  440. location ^~ /var/ { deny all; }
  441.  
  442. location /var/export/ { ## Allow admins only to view export folder
  443. auth_basic "Restricted"; ## Message shown in login window
  444. auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword
  445. autoindex on;
  446. }
  447.  
  448. location /. { ## Disable .htaccess and other hidden files
  449. return 404;
  450. }
  451.  
  452. location @handler { ## Magento uses a common front handler
  453. rewrite / /index.php;
  454. }
  455.  
  456. location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
  457. rewrite ^(.*.php)/ $1 last;
  458. }
  459.  
  460. location ~ .php$ { ## Execute PHP scripts
  461. if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss
  462.  
  463. expires off; ## Do not cache dynamic content
  464. fastcgi_pass unix:/var/run/php5-fpm.sock;
  465. fastcgi_param HTTPS $fastcgi_https;
  466. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  467. fastcgi_param MAGE_RUN_CODE default; ## Store code is defined in administration > Configuration > Manage Stores
  468. fastcgi_param MAGE_RUN_TYPE store;
  469. include fastcgi_params; ## See /etc/nginx/fastcgi_params
  470. }
  471.  
  472. client_max_body_size 10m;
  473. }
  474.  
  475. GET / HTTP/1.1
  476. Host: royalpets.com.br
  477. Accept: image/webp,*/*;q=0.8
  478. Accept-Encoding: gzip,deflate,sdch
  479. Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.6,en;q=0.4,ar;q=0.2,es;q=0.2,gl;q=0.2,pl;q=0.2,ja;q=0.2
  480. Referer: https://www.facebook.com/
  481. User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36
  482.  
  483. HTTP/1.1 200 OK
  484. Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
  485. Connection: keep-alive
  486. Content-Encoding: gzip
  487. Content-Type: text/html; charset=UTF-8
  488. Date: Thu, 07 Aug 2014 17:27:44 GMT
  489. Expires: Thu, 19 Nov 1981 08:52:00 GMT
  490. Pragma: no-cache
  491. Server: nginx/1.6.0
  492. Set-Cookie: frontend=uosmrugp8cnti8v0pqo564tbj0; expires=Fri, 08-Aug-2014 17:27:42 GMT; path=/; domain=royalpets.com.br; httponly
  493. Transfer-Encoding: chunked
  494. X-Powered-By: PHP/5.3.10-1ubuntu3.13
  495.  
  496. proxy_buffer on;
  497.  
  498. proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=microcache:300m inactive=24h max_size=1G;
  499.  
  500. proxy_cache_valid 200 30m;
  501.  
  502. expires 30m;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!