backend default { .host = "127.0.0.1"; .port = "8080";}acl purge { "

1. backend default {
2. .host = "127.0.0.1";
3. .port = "8080";
4. }
5.  
6. acl purge {
7. "127.0.0.1";
8. "localhost";
9. "hidden.tld";
10. "www.hidden.tld";
11. }
12.  
13. include "/opt/local/etc/varnish/purge.vcl";
14.  
15. sub vcl_recv {
16.  
17. if (req.http.Accept-Encoding) {
18. if (req.http.Accept-Encoding ~ "gzip") {
19. # If the browser supports it, we'll use gzip.
20. set req.http.Accept-Encoding = "gzip";
21. }
22. else if (req.http.Accept-Encoding ~ "deflate") {
23. # Next, try deflate if it is supported.
24. set req.http.Accept-Encoding = "deflate";
25. }
26. else {
27. # Unknown algorithm. Remove it and send unencoded.
28. unset req.http.Accept-Encoding;
29. }
30. }
31.  
32. if (req.restarts == 0) {
33. if (req.http.x-forwarded-for) {
34. set req.http.X-Forwarded-For =
35. req.http.X-Forwarded-For + ", " + client.ip;
36. } else {
37. set req.http.X-Forwarded-For = client.ip;
38. }
39. }
40.  
41. # Don't serve cached pages to logged in users
42. if ( req.http.cookie ~ "wordpress_logged_in" || req.url ~ "vaultpress=true" ) {
43. return( pass );
44. }
45.  
46. if (!(req.url ~ "wp-(login|admin)") &&
47. !(req.url ~ "&preview=true" ) ) {
48. unset req.http.cookie;
49. }
50.  
51.  
52. if (req.request != "GET" &&
53. req.request != "HEAD" &&
54. req.request != "PUT" &&
55. req.request != "POST" &&
56. req.request != "TRACE" &&
57. req.request != "OPTIONS" &&
58. req.request != "DELETE") {
59. return (pipe);
60. }
61.  
62. # Do not cache these paths
63. if (req.url ~ "^/wp-cron\.php$" ||
64. req.url ~ "^/xmlrpc\.php$" ||
65. req.url ~ "^/wp-admin/.*$" ||
66. req.url ~ "^/wp-login.php.*$" ||
67. req.url ~ "^/wp-includes/.*$" ||
68. req.url ~ "\?s=") {
69. return (pass);
70. }
71.  
72. if (req.request != "GET" && req.request != "HEAD") {
73. return (pass);
74. }
75.  
76. # if (!(req.url ~ "wp-(login|admin)") &&
77. # !(req.url ~ "&preview=true" ) ) {
78. # unset req.http.cookie;
79. # }
80.  
81. if (req.http.Authorization || req.http.Cookie) {
82. return (pass);
83. }
84. return (lookup);
85. }
86.  
87.  
88. sub vcl_fetch {
89. # remove some headers we never want to see
90. unset beresp.http.Server;
91. unset beresp.http.X-Powered-By;
92.  
93.  
94. if (! (req.url ~ "wp-(login|admin)") &&! req.http.cookie ~ "wordpress_logged_in|resetpass") {
95. #if (!(req.url ~ "wp-(login|admin)")) {
96. unset beresp.http.set-cookie;
97. set beresp.ttl = 96h;
98. set beresp.grace = 1w;
99. }
100.  
101. # don't cache response to posted requests or those with basic auth
102. if ( req.request == "POST" || req.http.Authorization ) {
103. return (hit_for_pass);
104. }
105.  
106. # don't cache search results
107. if( req.url ~ "\?s=" ){
108. return (hit_for_pass);
109. }
110.  
111. # only cache status ok
112. if ( beresp.status != 200 ) {
113. return (hit_for_pass);
114. }
115.  
116. if (beresp.ttl <= 0s ||
117. beresp.http.Set-Cookie ||
118. beresp.http.Vary == "*") {
119. set beresp.ttl = 120 s;
120. return (hit_for_pass);
121. }
122. return (deliver);
123. }