Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Default backend definition. Set this to point to your content
- # server.
- backend mysite {
- .host = "www.mysite.com";
- .port = "8085";
- .connect_timeout = 600s;
- .first_byte_timeout = 600s;
- .between_bytes_timeout = 600s;
- }
- acl purge {
- # For now, I'll only allow purges coming from localhost
- "127.0.0.1";
- "localhost";
- }
- # Handle the HTTP request received by the client
- sub vcl_recv {
- # if (req.restarts == 0) {
- # if (req.http.X-Forwarded-For) {
- # set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip;
- # } else {
- # set req.http.X-Forwarded-For = client.ip;
- # }
- # }
- # unset req.http.X-Forwarded-For;
- # Add a unique header containing the client address
- # remove req.http.X-Forwarded-For;
- # set req.http.X-Forwarded-For = client.ip;
- #
- # Rename the incoming XFF header to work around a Varnish bug.
- # if (req.http.X-Forwarded-For) {
- # Append the client IP
- # // set req.http.X-Real-Forwarded-For = req.http.X-Forwarded-For ", " regsub(client.ip, ":.*", "");
- # unset req.http.X-Forwarded-For;
- # }
- # else {
- // Simply use the client IP
- // set req.http.X-Real-Forwarded-For = regsub(client.ip, ":.*", "");
- # }
- #lize the header, remove the port (in case you're testing this on various TCP ports)
- set req.http.Host = regsub(req.http.Host, ":[0-9]+", "");
- # Allow purging
- if (req.request == "PURGE") {
- if (!client.ip ~ purge) {
- # Not from an allowed IP? Then die with an error.
- error 405 "This IP is not allowed to send PURGE requests.";
- }
- # If you got this stage (and didn't error out above), do a cache-lookup
- # That will force entry into vcl_hit() or vcl_miss() below and purge the actual cache
- return (lookup);
- }
- # Only deal with "normal" types
- if (req.request != "GET" &&
- req.request != "HEAD" &&
- req.request != "PUT" &&
- req.request != "POST" &&
- req.request != "TRACE" &&
- req.request != "OPTIONS" &&
- req.request != "DELETE") {
- /* Non-RFC2616 or CONNECT which is weird. */
- return (pipe);
- }
- if (req.request != "GET" && req.request != "HEAD") {
- # We only deal with GET and HEAD by default
- return (pass);
- }
- # mysite.com - With any subdomain support
- if (req.http.host ~ "^(.*\.)?mysite\.com$") {
- set req.backend = mysite;
- //return (pass); // Means never cache anything from this domain
- }
- # A configuration file specific for Drupal 7
- # Either the admin pages or the login
- if (req.url ~ "/admin/?") {
- # Don't cache, pass to backend
- return (pass);
- }
- if (req.url ~ "/user?") {
- # don't cache
- return (pass);
- }
- #if (req.http.Cookie ~ "(FITNESS_LOGGED)") {
- # return (pass);
- #}
- # Remove the "has_js" cookie
- set req.http.Cookie = regsuball(req.http.Cookie, "has_js=[^;]+(; )?", "");
- # Remove any Google Analytics based cookies
- set req.http.Cookie = regsuball(req.http.Cookie, "__utm.=[^;]+(; )?", "");
- # Remove the Quant Capital cookies (added by some plugin, all __qca)
- set req.http.Cookie = regsuball(req.http.Cookie, "__qc.=[^;]+(; )?", "");
- # Are there cookies left with only spaces or that are empty?
- if (req.http.cookie ~ "^ *$") {
- unset req.http.cookie;
- }
- # Static content unique to the theme can be cached (so no user uploaded images)
- if (req.url ~ "^/themes/" && req.url ~ "\.(css|js|png|gif|jp(e)?g)") {
- unset req.http.cookie;
- }
- # Normalize Accept-Encoding header (straight from the manual: https://www.varnish-cache.org/docs/3.0/tutorial/vary.html)
- if (req.http.Accept-Encoding) {
- if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {
- # No point in compressing these
- remove req.http.Accept-Encoding;
- } elsif (req.http.Accept-Encoding ~ "gzip") {
- set req.http.Accept-Encoding = "gzip";
- } elsif (req.http.Accept-Encoding ~ "deflate") {
- set req.http.Accept-Encoding = "deflate";
- } else {
- # unkown algorithm
- remove req.http.Accept-Encoding;
- }
- }
- # Don't cache the install, update or cron files in Drupal
- if (req.url ~ "install\.php|update\.php|cron\.php|members/") {
- return (pass);
- }
- # Uncomment this to trigger the vcl_error() subroutine, which will HTML output you some variables (HTTP 700 = pretty debug)
- #error 700;
- # Anything else left?
- if (!req.http.cookie) {
- unset req.http.cookie;
- }
- // Rename the incoming XFF header to work around a Varnish bug.
- # if (req.http.X-Forwarded-For) {
- // Append the client IP
- #set req.http.X-Real-Forwarded-For = req.http.X-Forwarded-For ", " regsub(client.ip, ":.*", "");
- # unset req.http.X-Forwarded-For;
- # }
- # else {
- // Simply use the client IP
- #set req.http.X-Real-Forwarded-For = regsub(client.ip, ":.*", "");
- # }
- set req.http.X-Forwarded-For = regsub(client.ip, ":.*", "");
- set req.http.X-Real-Forwarded-For = regsub(client.ip, ":.*", "");
- # Try a cache-lookup
- # return (lookup);
- if (req.http.Authorization || req.http.Cookie) {
- # Not cacheable by default
- return (pass);
- }
- return (lookup);
- }
- sub vcl_pipe {
- # Note that only the first request to the backend will have
- # X-Forwarded-For set. If you use X-Forwarded-For and want to
- # have it set for all requests, make sure to have:
- # set bereq.http.connection = "close";
- # here. It is not set by default as it might break some broken web
- # applications, like IIS with NTLM authentication.
- set bereq.http.connection = "close";
- return (pipe);
- }
- sub vcl_pass {
- return (pass);
- }
- # The data on which the hashing will take place
- sub vcl_hash {
- hash_data(req.url);
- if (req.http.host) {
- hash_data(req.http.host);
- } else {
- hash_data(server.ip);
- }
- # If the client supports compression, keep that in a different cache
- if (req.http.Accept-Encoding) {
- hash_data(req.http.Accept-Encoding);
- }
- return (hash);
- }
- sub vcl_hit {
- # Allow purges
- if (req.request == "PURGE") {
- purge;
- error 200 "Purged.";
- }
- return (deliver);
- }
- sub vcl_miss {
- # Allow purges
- if (req.request == "PURGE") {
- purge;
- error 200 "Purged.";
- }
- return (fetch);
- }
- # Handle the HTTP request coming from our backend
- sub vcl_fetch {
- # I can use direct matching on the host, since I normalized the host header in the VCL Receive
- if (req.http.host ~ "^(.*\.)?fitnessrepublic\.com$") {
- # The vcl_fetch routine, when the request is fetched from the backend
- # For static content related to the theme, strip all backend cookies
- if (req.url ~ "^/themes/" && req.url ~ "\.(css|js|png|gif|jp(e?)g)") {
- unset beresp.http.cookie;
- }
- # A TTL of 30 minutes
- set beresp.ttl = 1800s;
- }
- # Temporarily removed
- #if (beresp.ttl <= 0s || beresp.http.Set-Cookie || beresp.http.Vary == "*") {
- # set beresp.ttl = 120s;
- # return (hit_for_pass);
- #}
- return (deliver);
- }
- # The routine when we deliver the HTTP request to the user
- # Last chance to modify headers that are sent to the client
- sub vcl_deliver {
- if (obj.hits > 0) {
- set resp.http.X-Cache = "cached";
- } else {
- set resp.http.x-Cache = "uncached";
- }
- # Remove some headers: PHP version
- unset resp.http.X-Powered-By;
- # Remove some headers: Apache version & OS
- unset resp.http.Server;
- return (deliver);
- }
- sub vcl_error {
- if (obj.status == 700) {
- # Include a general error message handler for debugging purposes
- include "/etc/varnish/conf.d/_error.vcl";
- } elseif (obj.status == 701) {
- # Redirect error handler
- set obj.http.Location = "http://" + obj.response + req.url;
- # Change this to 302 if you want temporary redirects
- set obj.status = 301;
- return (deliver);
- }
- return (deliver);
- }
- sub vcl_init {
- return (ok);
- }
- sub vcl_fini {
- return (ok);
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement