# VCL version 5.0 is not supported so it should be 4.0 even though actually used

1. # VCL version 5.0 is not supported so it should be 4.0 even though actually used Varnish version is 5
2. vcl 4.0;
3.  
4. import std;
5. # The minimal Varnish version is 5.0
6. # For SSL offloading, pass the following header in your proxy server or load balancer: 'X-Forwarded-Proto: https'
7.  
8. backend default {
9. .host = "localhost";
10. .port = "8080";
11. .first_byte_timeout = 600s;
12. .probe = {
13. .url = "/pub/health_check.php";
14. .timeout = 2s;
15. .interval = 5s;
16. .window = 10;
17. .threshold = 5;
18. }
19. }
20.  
21. acl purge {
22. "localhost";
23. }
24.  
25. sub vcl_recv {
26. if (req.method == "PURGE") {
27. if (client.ip !~ purge) {
28. return (synth(405, "Method not allowed"));
29. }
30. # To use the X-Pool header for purging varnish during automated deployments, make sure the X-Pool header
31. # has been added to the response in your backend server config. This is used, for example, by the
32. # capistrano-magento2 gem for purging old content from varnish during it's deploy routine.
33. if (!req.http.X-Magento-Tags-Pattern && !req.http.X-Pool) {
34. return (synth(400, "X-Magento-Tags-Pattern or X-Pool header required"));
35. }
36. if (req.http.X-Magento-Tags-Pattern) {
37. ban("obj.http.X-Magento-Tags ~ " + req.http.X-Magento-Tags-Pattern);
38. }
39. if (req.http.X-Pool) {
40. ban("obj.http.X-Pool ~ " + req.http.X-Pool);
41. }
42. return (synth(200, "Purged"));
43. }
44.  
45. if (req.method != "GET" &&
46. req.method != "HEAD" &&
47. req.method != "PUT" &&
48. req.method != "POST" &&
49. req.method != "TRACE" &&
50. req.method != "OPTIONS" &&
51. req.method != "DELETE") {
52. /* Non-RFC2616 or CONNECT which is weird. */
53. return (pipe);
54. }
55.  
56. # We only deal with GET and HEAD by default
57. if (req.method != "GET" && req.method != "HEAD") {
58. return (pass);
59. }
60.  
61. # Bypass shopping cart, checkout and search requests
62. if (req.url ~ "/checkout" || req.url ~ "/catalogsearch") {
63. return (pass);
64. }
65.  
66. # Bypass health check requests
67. if (req.url ~ "/pub/health_check.php") {
68. return (pass);
69. }
70.  
71. # Set initial grace period usage status
72. set req.http.grace = "none";
73.  
74. # normalize url in case of leading HTTP scheme and domain
75. set req.url = regsub(req.url, "^http[s]?://", "");
76.  
77. # collect all cookies
78. std.collect(req.http.Cookie);
79.  
80. # Compression filter. See https://www.varnish-cache.org/trac/wiki/FAQ/Compression
81. if (req.http.Accept-Encoding) {
82. if (req.url ~ "\.(jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|swf|flv)$") {
83. # No point in compressing these
84. unset req.http.Accept-Encoding;
85. } elsif (req.http.Accept-Encoding ~ "gzip") {
86. set req.http.Accept-Encoding = "gzip";
87. } elsif (req.http.Accept-Encoding ~ "deflate" && req.http.user-agent !~ "MSIE") {
88. set req.http.Accept-Encoding = "deflate";
89. } else {
90. # unknown algorithm
91. unset req.http.Accept-Encoding;
92. }
93. }
94.  
95. # Remove Google gclid parameters to minimize the cache objects
96. set req.url = regsuball(req.url,"\?gclid=[^&]+$",""); # strips when QS = "?gclid=AAA"
97. set req.url = regsuball(req.url,"\?gclid=[^&]+&","?"); # strips when QS = "?gclid=AAA&foo=bar"
98. set req.url = regsuball(req.url,"&gclid=[^&]+",""); # strips when QS = "?foo=bar&gclid=AAA" or QS = "?foo=bar&gclid=AAA&bar=baz"
99.  
100. # Static files caching
101. if (req.url ~ "^/(pub/)?(media|static)/") {
102. # Static files should not be cached by default
103. return (pass);
104.  
105. # But if you use a few locales and don't use CDN you can enable caching static files by commenting previous line (#return (pass);) and uncommenting next 3 lines
106. #unset req.http.Https;
107. #unset req.http.X-Forwarded-Proto;
108. #unset req.http.Cookie;
109. }
110.  
111. return (hash);
112. }
113.  
114. sub vcl_hash {
115. if (req.http.cookie ~ "X-Magento-Vary=") {
116. hash_data(regsub(req.http.cookie, "^.*?X-Magento-Vary=([^;]+);*.*$", "\1"));
117. }
118.  
119. # For multi site configurations to not cache each other's content
120. if (req.http.host) {
121. hash_data(req.http.host);
122. } else {
123. hash_data(server.ip);
124. }
125.  
126. # To make sure http users don't see ssl warning
127. if (req.http.X-Forwarded-Proto) {
128. hash_data(req.http.X-Forwarded-Proto);
129. }
130.  
131. }
132.  
133. sub vcl_backend_response {
134.  
135. set beresp.grace = 3d;
136.  
137. if (beresp.http.content-type ~ "text") {
138. set beresp.do_esi = true;
139. }
140.  
141. if (bereq.url ~ "\.js$" || beresp.http.content-type ~ "text") {
142. set beresp.do_gzip = true;
143. }
144.  
145. if (beresp.http.X-Magento-Debug) {
146. set beresp.http.X-Magento-Cache-Control = beresp.http.Cache-Control;
147. }
148.  
149. # cache only successfully responses and 404s
150. if (beresp.status != 200 && beresp.status != 404) {
151. set beresp.ttl = 0s;
152. set beresp.uncacheable = true;
153. return (deliver);
154. } elsif (beresp.http.Cache-Control ~ "private") {
155. set beresp.uncacheable = true;
156. set beresp.ttl = 86400s;
157. return (deliver);
158. }
159.  
160. # validate if we need to cache it and prevent from setting cookie
161. if (beresp.ttl > 0s && (bereq.method == "GET" || bereq.method == "HEAD")) {
162. unset beresp.http.set-cookie;
163. }
164.  
165. # If page is not cacheable then bypass varnish for 2 minutes as Hit-For-Pass
166. if (beresp.ttl <= 0s ||
167. beresp.http.Surrogate-control ~ "no-store" ||
168. (!beresp.http.Surrogate-Control &&
169. beresp.http.Cache-Control ~ "no-cache|no-store") ||
170. beresp.http.Vary == "*") {
171. # Mark as Hit-For-Pass for the next 2 minutes
172. set beresp.ttl = 120s;
173. set beresp.uncacheable = true;
174. }
175.  
176. return (deliver);
177. }
178.  
179. sub vcl_deliver {
180. if (resp.http.X-Magento-Debug) {
181. if (resp.http.x-varnish ~ " ") {
182. set resp.http.X-Magento-Cache-Debug = "HIT";
183. set resp.http.Grace = req.http.grace;
184. } else {
185. set resp.http.X-Magento-Cache-Debug = "MISS";
186. }
187. } else {
188. unset resp.http.Age;
189. }
190.  
191. # Not letting browser to cache non-static files.
192. if (resp.http.Cache-Control !~ "private" && req.url !~ "^/(pub/)?(media|static)/") {
193. set resp.http.Pragma = "no-cache";
194. set resp.http.Expires = "-1";
195. set resp.http.Cache-Control = "no-store, no-cache, must-revalidate, max-age=0";
196. }
197.  
198. unset resp.http.X-Magento-Debug;
199. unset resp.http.X-Magento-Tags;
200. unset resp.http.X-Powered-By;
201. unset resp.http.Server;
202. unset resp.http.X-Varnish;
203. unset resp.http.Via;
204. unset resp.http.Link;
205. }
206.  
207. sub vcl_hit {
208. if (obj.ttl >= 0s) {
209. # Hit within TTL period
210. return (deliver);
211. }
212. if (std.healthy(req.backend_hint)) {
213. if (obj.ttl + 300s > 0s) {
214. # Hit after TTL expiration, but within grace period
215. set req.http.grace = "normal (healthy server)";
216. return (deliver);
217. } else {
218. # Hit after TTL and grace expiration
219. return (miss);
220. }
221. } else {
222. # server is not healthy, retrieve from cache
223. set req.http.grace = "unlimited (unhealthy server)";
224. return (deliver);
225. }
226. }