default.vcl

1. vcl 4.0;
2. import std;
3. include “mobile_detect.vcl”;
4. backend default {
5. .host = “127.0.0.1”;
6. .port = “8080”;
7. .first_byte_timeout = 60s;
8. .connect_timeout = 300s;
9. }
10.  
11. # SET THE ALLOWED IP OF PURGE REQUESTS
12. # ##########################################################
13. acl purge {
14. “localhost”;
15. “127.0.0.1”;
16. “ip_server_của_bạn”;
17. }
18.  
19. #THE RECV FUNCTION
20. # ##########################################################
21. sub vcl_recv {
22.  
23. call devicedetect;
24.  
25. if (req.method == “PURGE”) {
26. if (!client.ip ~ purge) {
27. return (synth(405, “This IP is not allowed to send PURGE requests.”));
28. }
29. return (purge);
30. }
31.  
32. # Handle IPv6
33. if (req.http.Host ~ “^ipv6.*”) {
34. set req.http.host = regsub(req.http.host, “^ipv6\.(.*)”,”www\.\1″);
35. }
36. if (req.url ~ “^[^?]*\.(7z|avi|bmp|bz2|css|csv|doc|docx|eot|flac|flv|gif|gz|ico|jpeg|jpg|js|less|mka|mkv|mov|mp3|mp4|mpeg|mpg|odt|otf|ogg|ogm|opus|pdf|png|ppt|pptx|rar|rtf|svg|svgz|swf|tar|tbz|tgz|ttf|txt|txz|wav|webm|webp|woff|woff2|xls|xlsx|xml|xz|zip)(\?.*)?$”) {
37. unset req.http.Cookie;
38. return (hash);
39. }
40.  
41. if (req.http.Cookie) {
42. set req.http.Cookie = “;” + req.http.Cookie;
43. set req.http.Cookie = regsuball(req.http.Cookie, “; +”, “;”);
44. set req.http.Cookie = regsuball(req.http.Cookie, “;(SESS[a-z0-9]+|NO_CACHE)=”, “; \1=”);
45. set req.http.Cookie = regsuball(req.http.Cookie, “;(SSESS[a-z0-9]+|NO_CACHE)=”, “; \1=”);
46. if (req.http.host ~ “wordpress1.com|wordpress2.com”) {
47. if( req.url !~ “^/wp-(admin|login)” ){
48. set req.http.Cookie = regsuball(req.http.Cookie, “;[^ ][^;]*”, “”);
49. }
50. }
51.  
52. }
53. # Remove the “has_js” cookie
54. set req.http.Cookie = regsuball(req.http.Cookie, “has_js=[^;]+(; )?”, “”);
55. # Remove any Google Analytics based cookies
56. set req.http.Cookie = regsuball(req.http.Cookie, “__utm.=[^;]+(; )?”, “”);
57. set req.http.Cookie = regsuball(req.http.Cookie, “_ga=[^;]+(; )?”, “”);
58. set req.http.Cookie = regsuball(req.http.Cookie, “_gat=[^;]+(; )?”, “”);
59. set req.http.Cookie = regsuball(req.http.Cookie, “utmctr=[^;]+(; )?”, “”);
60. set req.http.Cookie = regsuball(req.http.Cookie, “utmcmd.=[^;]+(; )?”, “”);
61. set req.http.Cookie = regsuball(req.http.Cookie, “utmccn.=[^;]+(; )?”, “”);
62.  
63. # Remove DoubleClick offensive cookies
64. set req.http.Cookie = regsuball(req.http.Cookie, “__gads=[^;]+(; )?”, “”);
65.  
66. # Remove the Quant Capital cookies (added by some plugin, all __qca)
67. set req.http.Cookie = regsuball(req.http.Cookie, “__qc.=[^;]+(; )?”, “”);
68.  
69. # Remove the AddThis cookies
70. set req.http.Cookie = regsuball(req.http.Cookie, “__atuv.=[^;]+(; )?”, “”);
71.  
72. # Remove a “;” prefix in the cookie if present
73. set req.http.Cookie = regsuball(req.http.Cookie, “^;\s*”, “”);
74.  
75. # Are there cookies left with only spaces or that are empty?
76. if (req.http.cookie ~ “^\s*$”) {
77. unset req.http.cookie;
78. }
79.  
80. # pipe on weird http methods
81. if (req.method !~ “^GET|HEAD|PUT|POST|TRACE|OPTIONS|DELETE$”) {
82. return(pipe);
83. }
84. if (req.method == “GET” && (req.url ~ “^/?mylogout=”)) {
85. unset req.http.Cookie;
86. return (pass);
87. }
88. if (req.method == “GET” && (req.url ~ “^/dangnhap”)) {
89. # unset req.http.Cookie;
90. return (pass);
91. }
92. if (req.method == “GET” && (req.url ~ “^/truy-cap-tai-khoan” || req.url ~ “^/tai-khoan-cua-toi”)) {
93. return (pass);
94. }
95.  
96. if (req.method == “GET” && (req.url ~ “^/gio-hang” || req.url ~ “^/don-hang” || req.url ~ “^/dat-hang-nhanh”)) {
97. return (pass);
98. }
99.  
100. if (req.method == “GET” && (req.url ~ “^/dia-chi” || req.url ~ “^/danh-sach-dia-chi” || req.url ~ “^/quen-mat-khau”)) {
101. return (pass);
102. }
103.  
104. if (req.method == “GET” && (req.url ~ “^/xac-nhan-don-hang” || req.url ~ “^/phieu-tin-dung”)) {
105. return (pass);
106. }
107. if (req.method ==”GET” && (req.url ~ “^/theo-doi-don-hang” || req.url ~ “^/lich-su-don-hang” || req.url ~ “^/thong-tin-ca-nhan”)){
108. return (pass);
109. }
110.  
111. if (req.http.Authorization || req.http.Authenticate)
112. {
113. return (pass);
114. }
115.  
116. # set realIP by trimming CloudFlare IP which will be used for various checks
117. set req.http.X-Actual-IP = regsub(req.http.X-Forwarded-For, “[, ].*$”, “”);
118.  
119. # FORWARD THE IP OF THE REQUEST
120. if (req.restarts == 0) {
121. if (req.http.x-forwarded-for) {
122. set req.http.X-Forwarded-For =
123. req.http.X-Forwarded-For + “, ” + client.ip;
124. } else {
125. set req.http.X-Forwarded-For = client.ip;
126. }
127. }
128.  
129. # DO NOT CACHE RSS FEED
130. if (req.url ~ “/feed(/)?”) {
131. return ( pass );
132. }
133.  
134. #Pass wp-cron
135.  
136. if (req.url ~ “wp-cron\.php.*”) {
137. return ( pass );
138. }
139.  
140. ## Do not cache search results, comment these 3 lines if you do want to cache them
141. if (req.url ~ “/\?s\=”) {
142. return ( pass );
143. }
144.  
145. # CLEAN UP THE ENCODING HEADER.
146. # SET TO GZIP, DEFLATE, OR REMOVE ENTIRELY. WITH VARY ACCEPT-ENCODING
147. # VARNISH WILL CREATE SEPARATE CACHES FOR EACH
148. # DO NOT ACCEPT-ENCODING IMAGES, ZIPPED FILES, AUDIO, ETC.
149. # ##########################################################
150. if (req.http.Accept-Encoding) {
151. if (req.url ~ “\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$”) {
152. # No point in compressing these
153. unset req.http.Accept-Encoding;
154. } elsif (req.http.Accept-Encoding ~ “gzip”) {
155. set req.http.Accept-Encoding = “gzip”;
156. } elsif (req.http.Accept-Encoding ~ “deflate”) {
157. set req.http.Accept-Encoding = “deflate”;
158. } else {
159. # unknown algorithm
160. unset req.http.Accept-Encoding;
161. }
162. }
163.  
164. # Do not cache these paths.
165. if (req.url ~ “^/status\.php$” ||
166. req.url ~ “^/update\.php” ||
167. req.url ~ “^/install\.php” ||
168. req.url ~ “^/apc\.php$” ||
169. req.url ~ “^/admin” ||
170. req.url ~ “^/admin/.*$” ||
171. req.url ~ “^/editor/.*s” ||
172. req.url ~ “^/node/.*s” ||
173. req.url ~ “^/user” ||
174. req.url ~ “^/user/.*$” ||
175. req.url ~ “^/users/.*$” ||
176. req.url ~ “^/info/.*$” ||
177. req.url ~ “^/flag/.*$” ||
178. req.url ~ “^.*/ajax/.*$” ||
179. req.url ~ “^.*/ahah/.*$” ||
180. req.url ~ “^/system/files/.*$”) {
181.  
182. return (pass);
183. }
184. if ( req.http.Cookie ~ “SESS”
185. || req.http.Cookie ~ “SSESS”
186. || req.http.Cookie ~ “NO_CACHE”
187. || req.http.Cookie ~ “OATMEAL”
188. || req.http.Cookie ~ “CHOCOLATECHIP”
189. ) {
190. return (pass);
191. }
192. if (req.http.Cookie ~ “(VARNISH|DRUPAL_UID|LOGGED_IN)”) {
193. return (pass);
194. }
195.  
196. # PIPE ALL NON-STANDARD REQUESTS
197. # ##########################################################
198. if (req.method != “GET” &&
199. req.method != “HEAD” &&
200. req.method != “PUT” &&
201. req.method != “POST” &&
202. req.method != “TRACE” &&
203. req.method != “OPTIONS” &&
204. req.method != “DELETE”) {
205. return (pipe);
206. }
207.  
208. # ONLY CACHE GET AND HEAD REQUESTS
209. # ##########################################################
210. if (req.method != “GET” && req.method != “HEAD”) {
211. return (pass);
212. }
213.  
214. # OPTIONAL: DO NOT CACHE LOGGED IN USERS (THIS OCCURS IN FETCH TOO, EITHER
215. # COMMENT OR UNCOMMENT BOTH
216. # ##########################################################
217. if ( req.http.cookie ~ “wordpress_logged_in|resetpass” ) {
218. return( pass );
219. }
220.  
221. #fix CloudFlare Mixed Content with Flexible SSL
222. if (req.http.X-Forwarded-Proto) {
223. return(hash);
224. }
225.  
226. # IF THE REQUEST IS NOT FOR A PREVIEW, WP-ADMIN OR WP-LOGIN
227. # THEN UNSET THE COOKIES
228. # ##########################################################
229. if (!(req.url ~ “wp-(login|admin)”)
230. && !(req.url ~ “&preview=true” )
231. ){
232. unset req.http.cookie;
233. }
234. # Kiem tra request ajax
235. if (req.http.X-Requested-With == “XMLHttpRequest”){
236. return (pass);
237. }
238. # IF BASIC AUTH IS ON THEN DO NOT CACHE
239. # ##########################################################
240. if (req.http.Authorization || req.http.Cookie) {
241. return (pass);
242. }
243.  
244. # IF YOU GET HERE THEN THIS REQUEST SHOULD BE CACHED
245. # ##########################################################
246. return (hash);
247.  
248. }
249.  
250. sub vcl_hash {
251. # Đoạn này check xem có phải trên mobile hay không
252. # Nếu sử dụng theme mobile và destop khác nhau (non responsive)
253. if (req.http.X-UA-Device ~ “^mobile”) {
254. hash_data(req.http.X-UA-Device);
255. }
256. if (req.http.X-Forwarded-Proto) {
257. hash_data(req.http.X-Forwarded-Proto);
258. }
259.  
260. hash_data(req.url);
261. # If the client supports compression, keep that in a different cache
262. if (req.http.Accept-Encoding) {
263. hash_data(req.http.Accept-Encoding);
264. }
265. if (req.http.Cookie) {
266. hash_data(req.http.Cookie);
267. }
268. }
269. # HIT FUNCTION
270. # ##########################################################
271. sub vcl_hit {
272. return (deliver);
273. }
274. # MISS FUNCTION
275. # ##########################################################
276. sub vcl_miss {
277. return (fetch);
278. }
279.  
280. # FETCH FUNCTION
281. # ##########################################################
282. sub vcl_backend_response {
283. # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC
284. # TENDANCY TO SET VARY USER-AGENT. YOU MAY OR MAY NOT WANT
285. # TO DO THIS
286. # ##########################################################
287. set beresp.http.Vary = “Accept-Encoding”;
288.  
289. # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF
290. # TIME THIS PAGE WILL STAY CACHED (TTL), add other locations or subdomains you do not want to cache here in case they set cookies
291. # ##########################################################
292.  
293. if (bereq.url ~ “\.(css|js|png|gif|jp(e?)g)|swf|ico|woff”) {
294. unset beresp.http.cookie;
295. }
296. # Don’t store backend
297. if (bereq.url ~ “dangnhap” || bereq.url ~ “preview=true” || bereq.url ~ “dat-hang-nhanh|truy-cap-tai-khoan|wp-login.php”) {
298. set beresp.uncacheable = true;
299. set beresp.ttl = 30s;
300. return (deliver);
301. }
302.  
303. if (bereq.method == “GET” && (bereq.url ~ “^/?mylogout=”)) {
304. set beresp.ttl = 0s;
305. unset beresp.http.Set-Cookie;
306. set beresp.uncacheable = true;
307. return(deliver);
308. }
309. # don’t cache response to posted requests or those with basic auth
310. if ( bereq.method == “POST” || bereq.http.Authorization ) {
311. set beresp.uncacheable = true;
312. set beresp.ttl = 120s;
313. return (deliver);
314. }
315. # don’t cache search results
316. if ( bereq.url ~ “\?s=” ){
317. set beresp.uncacheable = true;
318. set beresp.ttl = 120s;
319. return (deliver);
320. }
321. # only cache status ok
322. if ( beresp.status != 200 ) {
323. set beresp.uncacheable = true;
324. set beresp.ttl = 120s;
325. return (deliver);
326. }
327.  
328. if ((!(bereq.url ~ “wp-(login|admin)”) && !bereq.http.cookie ~ “wordpress_logged_in|resetpass”) || !(bereq.url ~ “^/dangnhap/.*$”)) {
329.  
330. #if(!(bereq.url ~ “^/user”) || !(bereq.url ~ “^/dangnhap”) || !(bereq.url ~ “^/dat-hang-nhanh”) || !(bereq.url ~ “^/truy-cap-tai-khoan”)){
331. if(!(bereq.url ~ “^/user”) || !(bereq.url ~ “^/dangnhap”)){
332. unset beresp.http.set-cookie;
333. }
334. #unset beresp.http.set-cookie;
335. set beresp.ttl = 1w;
336. set beresp.grace =3d;
337. }
338.  
339. if (beresp.ttl 0) {
340. # set resp.http.X-Cache = “HIT”;
341. # IF THIS IS A MISS RETURN THAT IN THE HEADER
342. # ##########################################################
343. #} else {
344. # set resp.http.X-Cache = “MISS”;
345. #}
346.  
347. if(obj.hits > 0) {
348. set resp.http.X-Cache = “HIT”;
349. } else {
350. set resp.http.X-Cache = “MISS”;
351. }
352. # Remove some headers: PHP version
353. unset resp.http.X-Powered-By;
354. # Remove some headers: Apache version & OS
355. unset resp.http.Server;
356. # Remove some heanders: Varnish
357. unset resp.http.Via;
358. unset resp.http.X-Varnish;
359. unset resp.http.X-Generator;
360. unset resp.http.Link;
361. unset resp.http.X-Drupal-Cache;
362. unset resp.http.Powered-By;
363. }