Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- vcl 4.0;
- import std;
- include “mobile_detect.vcl”;
- backend default {
- .host = “127.0.0.1”;
- .port = “8080”;
- .first_byte_timeout = 60s;
- .connect_timeout = 300s;
- }
- # SET THE ALLOWED IP OF PURGE REQUESTS
- # ##########################################################
- acl purge {
- “localhost”;
- “127.0.0.1”;
- “ip_server_của_bạn”;
- }
- #THE RECV FUNCTION
- # ##########################################################
- sub vcl_recv {
- call devicedetect;
- if (req.method == “PURGE”) {
- if (!client.ip ~ purge) {
- return (synth(405, “This IP is not allowed to send PURGE requests.”));
- }
- return (purge);
- }
- # Handle IPv6
- if (req.http.Host ~ “^ipv6.*”) {
- set req.http.host = regsub(req.http.host, “^ipv6\.(.*)”,”www\.\1″);
- }
- if (req.url ~ “^[^?]*\.(7z|avi|bmp|bz2|css|csv|doc|docx|eot|flac|flv|gif|gz|ico|jpeg|jpg|js|less|mka|mkv|mov|mp3|mp4|mpeg|mpg|odt|otf|ogg|ogm|opus|pdf|png|ppt|pptx|rar|rtf|svg|svgz|swf|tar|tbz|tgz|ttf|txt|txz|wav|webm|webp|woff|woff2|xls|xlsx|xml|xz|zip)(\?.*)?$”) {
- unset req.http.Cookie;
- return (hash);
- }
- if (req.http.Cookie) {
- set req.http.Cookie = “;” + req.http.Cookie;
- set req.http.Cookie = regsuball(req.http.Cookie, “; +”, “;”);
- set req.http.Cookie = regsuball(req.http.Cookie, “;(SESS[a-z0-9]+|NO_CACHE)=”, “; \1=”);
- set req.http.Cookie = regsuball(req.http.Cookie, “;(SSESS[a-z0-9]+|NO_CACHE)=”, “; \1=”);
- if (req.http.host ~ “wordpress1.com|wordpress2.com”) {
- if( req.url !~ “^/wp-(admin|login)” ){
- set req.http.Cookie = regsuball(req.http.Cookie, “;[^ ][^;]*”, “”);
- }
- }
- }
- # Remove the “has_js” cookie
- set req.http.Cookie = regsuball(req.http.Cookie, “has_js=[^;]+(; )?”, “”);
- # Remove any Google Analytics based cookies
- set req.http.Cookie = regsuball(req.http.Cookie, “__utm.=[^;]+(; )?”, “”);
- set req.http.Cookie = regsuball(req.http.Cookie, “_ga=[^;]+(; )?”, “”);
- set req.http.Cookie = regsuball(req.http.Cookie, “_gat=[^;]+(; )?”, “”);
- set req.http.Cookie = regsuball(req.http.Cookie, “utmctr=[^;]+(; )?”, “”);
- set req.http.Cookie = regsuball(req.http.Cookie, “utmcmd.=[^;]+(; )?”, “”);
- set req.http.Cookie = regsuball(req.http.Cookie, “utmccn.=[^;]+(; )?”, “”);
- # Remove DoubleClick offensive cookies
- set req.http.Cookie = regsuball(req.http.Cookie, “__gads=[^;]+(; )?”, “”);
- # Remove the Quant Capital cookies (added by some plugin, all __qca)
- set req.http.Cookie = regsuball(req.http.Cookie, “__qc.=[^;]+(; )?”, “”);
- # Remove the AddThis cookies
- set req.http.Cookie = regsuball(req.http.Cookie, “__atuv.=[^;]+(; )?”, “”);
- # Remove a “;” prefix in the cookie if present
- set req.http.Cookie = regsuball(req.http.Cookie, “^;\s*”, “”);
- # Are there cookies left with only spaces or that are empty?
- if (req.http.cookie ~ “^\s*$”) {
- unset req.http.cookie;
- }
- # pipe on weird http methods
- if (req.method !~ “^GET|HEAD|PUT|POST|TRACE|OPTIONS|DELETE$”) {
- return(pipe);
- }
- if (req.method == “GET” && (req.url ~ “^/?mylogout=”)) {
- unset req.http.Cookie;
- return (pass);
- }
- if (req.method == “GET” && (req.url ~ “^/dangnhap”)) {
- # unset req.http.Cookie;
- return (pass);
- }
- if (req.method == “GET” && (req.url ~ “^/truy-cap-tai-khoan” || req.url ~ “^/tai-khoan-cua-toi”)) {
- return (pass);
- }
- if (req.method == “GET” && (req.url ~ “^/gio-hang” || req.url ~ “^/don-hang” || req.url ~ “^/dat-hang-nhanh”)) {
- return (pass);
- }
- if (req.method == “GET” && (req.url ~ “^/dia-chi” || req.url ~ “^/danh-sach-dia-chi” || req.url ~ “^/quen-mat-khau”)) {
- return (pass);
- }
- if (req.method == “GET” && (req.url ~ “^/xac-nhan-don-hang” || req.url ~ “^/phieu-tin-dung”)) {
- return (pass);
- }
- if (req.method ==”GET” && (req.url ~ “^/theo-doi-don-hang” || req.url ~ “^/lich-su-don-hang” || req.url ~ “^/thong-tin-ca-nhan”)){
- return (pass);
- }
- if (req.http.Authorization || req.http.Authenticate)
- {
- return (pass);
- }
- # set realIP by trimming CloudFlare IP which will be used for various checks
- set req.http.X-Actual-IP = regsub(req.http.X-Forwarded-For, “[, ].*$”, “”);
- # FORWARD THE IP OF THE REQUEST
- if (req.restarts == 0) {
- if (req.http.x-forwarded-for) {
- set req.http.X-Forwarded-For =
- req.http.X-Forwarded-For + “, ” + client.ip;
- } else {
- set req.http.X-Forwarded-For = client.ip;
- }
- }
- # DO NOT CACHE RSS FEED
- if (req.url ~ “/feed(/)?”) {
- return ( pass );
- }
- #Pass wp-cron
- if (req.url ~ “wp-cron\.php.*”) {
- return ( pass );
- }
- ## Do not cache search results, comment these 3 lines if you do want to cache them
- if (req.url ~ “/\?s\=”) {
- return ( pass );
- }
- # CLEAN UP THE ENCODING HEADER.
- # SET TO GZIP, DEFLATE, OR REMOVE ENTIRELY. WITH VARY ACCEPT-ENCODING
- # VARNISH WILL CREATE SEPARATE CACHES FOR EACH
- # DO NOT ACCEPT-ENCODING IMAGES, ZIPPED FILES, AUDIO, ETC.
- # ##########################################################
- if (req.http.Accept-Encoding) {
- if (req.url ~ “\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$”) {
- # No point in compressing these
- unset req.http.Accept-Encoding;
- } elsif (req.http.Accept-Encoding ~ “gzip”) {
- set req.http.Accept-Encoding = “gzip”;
- } elsif (req.http.Accept-Encoding ~ “deflate”) {
- set req.http.Accept-Encoding = “deflate”;
- } else {
- # unknown algorithm
- unset req.http.Accept-Encoding;
- }
- }
- # Do not cache these paths.
- if (req.url ~ “^/status\.php$” ||
- req.url ~ “^/update\.php” ||
- req.url ~ “^/install\.php” ||
- req.url ~ “^/apc\.php$” ||
- req.url ~ “^/admin” ||
- req.url ~ “^/admin/.*$” ||
- req.url ~ “^/editor/.*s” ||
- req.url ~ “^/node/.*s” ||
- req.url ~ “^/user” ||
- req.url ~ “^/user/.*$” ||
- req.url ~ “^/users/.*$” ||
- req.url ~ “^/info/.*$” ||
- req.url ~ “^/flag/.*$” ||
- req.url ~ “^.*/ajax/.*$” ||
- req.url ~ “^.*/ahah/.*$” ||
- req.url ~ “^/system/files/.*$”) {
- return (pass);
- }
- if ( req.http.Cookie ~ “SESS”
- || req.http.Cookie ~ “SSESS”
- || req.http.Cookie ~ “NO_CACHE”
- || req.http.Cookie ~ “OATMEAL”
- || req.http.Cookie ~ “CHOCOLATECHIP”
- ) {
- return (pass);
- }
- if (req.http.Cookie ~ “(VARNISH|DRUPAL_UID|LOGGED_IN)”) {
- return (pass);
- }
- # PIPE ALL NON-STANDARD REQUESTS
- # ##########################################################
- if (req.method != “GET” &&
- req.method != “HEAD” &&
- req.method != “PUT” &&
- req.method != “POST” &&
- req.method != “TRACE” &&
- req.method != “OPTIONS” &&
- req.method != “DELETE”) {
- return (pipe);
- }
- # ONLY CACHE GET AND HEAD REQUESTS
- # ##########################################################
- if (req.method != “GET” && req.method != “HEAD”) {
- return (pass);
- }
- # OPTIONAL: DO NOT CACHE LOGGED IN USERS (THIS OCCURS IN FETCH TOO, EITHER
- # COMMENT OR UNCOMMENT BOTH
- # ##########################################################
- if ( req.http.cookie ~ “wordpress_logged_in|resetpass” ) {
- return( pass );
- }
- #fix CloudFlare Mixed Content with Flexible SSL
- if (req.http.X-Forwarded-Proto) {
- return(hash);
- }
- # IF THE REQUEST IS NOT FOR A PREVIEW, WP-ADMIN OR WP-LOGIN
- # THEN UNSET THE COOKIES
- # ##########################################################
- if (!(req.url ~ “wp-(login|admin)”)
- && !(req.url ~ “&preview=true” )
- ){
- unset req.http.cookie;
- }
- # Kiem tra request ajax
- if (req.http.X-Requested-With == “XMLHttpRequest”){
- return (pass);
- }
- # IF BASIC AUTH IS ON THEN DO NOT CACHE
- # ##########################################################
- if (req.http.Authorization || req.http.Cookie) {
- return (pass);
- }
- # IF YOU GET HERE THEN THIS REQUEST SHOULD BE CACHED
- # ##########################################################
- return (hash);
- }
- sub vcl_hash {
- # Đoạn này check xem có phải trên mobile hay không
- # Nếu sử dụng theme mobile và destop khác nhau (non responsive)
- if (req.http.X-UA-Device ~ “^mobile”) {
- hash_data(req.http.X-UA-Device);
- }
- if (req.http.X-Forwarded-Proto) {
- hash_data(req.http.X-Forwarded-Proto);
- }
- hash_data(req.url);
- # If the client supports compression, keep that in a different cache
- if (req.http.Accept-Encoding) {
- hash_data(req.http.Accept-Encoding);
- }
- if (req.http.Cookie) {
- hash_data(req.http.Cookie);
- }
- }
- # HIT FUNCTION
- # ##########################################################
- sub vcl_hit {
- return (deliver);
- }
- # MISS FUNCTION
- # ##########################################################
- sub vcl_miss {
- return (fetch);
- }
- # FETCH FUNCTION
- # ##########################################################
- sub vcl_backend_response {
- # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC
- # TENDANCY TO SET VARY USER-AGENT. YOU MAY OR MAY NOT WANT
- # TO DO THIS
- # ##########################################################
- set beresp.http.Vary = “Accept-Encoding”;
- # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF
- # TIME THIS PAGE WILL STAY CACHED (TTL), add other locations or subdomains you do not want to cache here in case they set cookies
- # ##########################################################
- if (bereq.url ~ “\.(css|js|png|gif|jp(e?)g)|swf|ico|woff”) {
- unset beresp.http.cookie;
- }
- # Don’t store backend
- if (bereq.url ~ “dangnhap” || bereq.url ~ “preview=true” || bereq.url ~ “dat-hang-nhanh|truy-cap-tai-khoan|wp-login.php”) {
- set beresp.uncacheable = true;
- set beresp.ttl = 30s;
- return (deliver);
- }
- if (bereq.method == “GET” && (bereq.url ~ “^/?mylogout=”)) {
- set beresp.ttl = 0s;
- unset beresp.http.Set-Cookie;
- set beresp.uncacheable = true;
- return(deliver);
- }
- # don’t cache response to posted requests or those with basic auth
- if ( bereq.method == “POST” || bereq.http.Authorization ) {
- set beresp.uncacheable = true;
- set beresp.ttl = 120s;
- return (deliver);
- }
- # don’t cache search results
- if ( bereq.url ~ “\?s=” ){
- set beresp.uncacheable = true;
- set beresp.ttl = 120s;
- return (deliver);
- }
- # only cache status ok
- if ( beresp.status != 200 ) {
- set beresp.uncacheable = true;
- set beresp.ttl = 120s;
- return (deliver);
- }
- if ((!(bereq.url ~ “wp-(login|admin)”) && !bereq.http.cookie ~ “wordpress_logged_in|resetpass”) || !(bereq.url ~ “^/dangnhap/.*$”)) {
- #if(!(bereq.url ~ “^/user”) || !(bereq.url ~ “^/dangnhap”) || !(bereq.url ~ “^/dat-hang-nhanh”) || !(bereq.url ~ “^/truy-cap-tai-khoan”)){
- if(!(bereq.url ~ “^/user”) || !(bereq.url ~ “^/dangnhap”)){
- unset beresp.http.set-cookie;
- }
- #unset beresp.http.set-cookie;
- set beresp.ttl = 1w;
- set beresp.grace =3d;
- }
- if (beresp.ttl 0) {
- # set resp.http.X-Cache = “HIT”;
- # IF THIS IS A MISS RETURN THAT IN THE HEADER
- # ##########################################################
- #} else {
- # set resp.http.X-Cache = “MISS”;
- #}
- if(obj.hits > 0) {
- set resp.http.X-Cache = “HIT”;
- } else {
- set resp.http.X-Cache = “MISS”;
- }
- # Remove some headers: PHP version
- unset resp.http.X-Powered-By;
- # Remove some headers: Apache version & OS
- unset resp.http.Server;
- # Remove some heanders: Varnish
- unset resp.http.Via;
- unset resp.http.X-Varnish;
- unset resp.http.X-Generator;
- unset resp.http.Link;
- unset resp.http.X-Drupal-Cache;
- unset resp.http.Powered-By;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement