lftd-devault.vcl

1. # We only have one backend to define: NGINX
2. backend default {
3. .host = "127.0.0.1";
4. .port = "8080";
5. }
6.  
7. # Only allow purging from specific IPs
8. acl purge {
9. "localhost";
10. "127.0.0.1";
11. }
12.  
13. sub vcl_recv {
14. # Handle compression correctly. Different browsers send different
15. # "Accept-Encoding" headers, even though they mostly support the same
16. # compression mechanisms. By consolidating compression headers into
17. # a consistent format, we reduce the cache size and get more hits.
18. # @see: http:// varnish.projects.linpro.no/wiki/FAQ/Compression
19. if (req.http.Accept-Encoding) {
20. if (req.http.Accept-Encoding ~ "gzip") {
21. # If the browser supports it, we'll use gzip.
22. set req.http.Accept-Encoding = "gzip";
23. }
24. else if (req.http.Accept-Encoding ~ "deflate") {
25. # Next, try deflate if it is supported.
26. set req.http.Accept-Encoding = "deflate";
27. }
28. else {
29. # Unknown algorithm. Remove it and send unencoded.
30. unset req.http.Accept-Encoding;
31. }
32. }
33.  
34. # Set client IP
35. if (req.http.x-forwarded-for) {
36. set req.http.X-Forwarded-For =
37. req.http.X-Forwarded-For + ", " + client.ip;
38. } else {
39. set req.http.X-Forwarded-For = client.ip;
40. }
41.  
42. # Check if we may purge (only localhost)
43. if (req.request == "PURGE") {
44. if (!client.ip ~ purge) {
45. error 405 "Not allowed.";
46. }
47. return(lookup);
48. }
49.  
50. if (req.request != "GET" &&
51. req.request != "HEAD" &&
52. req.request != "PUT" &&
53. req.request != "POST" &&
54. req.request != "TRACE" &&
55. req.request != "OPTIONS" &&
56. req.request != "DELETE") {
57. # /* Non-RFC2616 or CONNECT which is weird. */
58. return (pipe);
59. }
60.  
61. if (req.request != "GET" && req.request != "HEAD") {
62. # /* We only deal with GET and HEAD by default */
63. return (pass);
64. }
65.  
66. # admin users always miss the cache add this before to just enable backend no-cache: req.url ~ "^/wp-(login|admin)" &&
67. if(
68. req.http.Cookie ~ "wordpress_logged_in_" ){
69. return (pass);
70. }
71.  
72. # Remove cookies set by Google Analytics (pattern: '__utmABC')
73. if (req.http.Cookie) {
74. set req.http.Cookie = regsuball(req.http.Cookie,
75. "(^|; ) *__utm.=[^;]+;? *", "\1");
76. if (req.http.Cookie == "") {
77. remove req.http.Cookie;
78. }
79. }
80.  
81. # always pass through POST requests and those with basic auth
82. if (req.http.Authorization && req.request == "POST") {
83. return (pass);
84. }
85.  
86. # Do not cache these paths
87. if (req.url ~ "^/wp-cron\.php$" ||
88. req.url ~ "^/xmlrpc\.php$" ||
89. req.url ~ "^/wp-admin/.*$" ||
90. req.url ~ "^/wp-includes/.*$" ||
91. req.url ~ "\?s="){
92. return (pass);
93. }
94.  
95. # Define the default grace period to serve cached content
96. set req.grace = 30s;
97.  
98. # By ignoring any other cookies, it is now ok to get a page
99. unset req.http.Cookie;
100. return (lookup);
101. }
102.  
103. sub vcl_fetch {
104. # remove some headers we never want to see
105. unset beresp.http.Server;
106. unset beresp.http.X-Powered-By;
107.  
108. # Do not cache these paths
109. if (req.url ~ "wp-(login|admin)" ||
110. req.url ~ "\?s=" ||
111. req.url ~ "xmlrpc.php") {
112. return (hit_for_pass);
113. }
114.  
115. # only allow cookies to be set if we're in admin area
116. if( beresp.http.Set-Cookie && req.url !~ "^/wp-(login|admin)" ){
117. unset beresp.http.Set-Cookie;
118. }
119.  
120. # don't cache response to posted requests or those with basic auth
121. if ( req.request == "POST" && req.http.Authorization ) {
122. return (hit_for_pass);
123. }
124.  
125. # only cache status ok
126. if ( beresp.status != 200 ) {
127. return (hit_for_pass);
128. }
129.  
130. # If our backend returns 5xx status this will reset the grace time
131. # set in vcl_recv so that cached content will be served and
132. # the unhealthy backend will not be hammered by requests
133. if (beresp.status == 500) {
134. set beresp.grace = 60s;
135. return (restart);
136. }
137.  
138. # GZip the cached content if possible
139. if (beresp.http.content-type ~ "text") {
140. set beresp.do_gzip = true;
141. }
142.  
143. # if nothing abovce matched it is now ok to cache the response
144. set beresp.ttl = 24h;
145. return (deliver);
146. }
147.  
148. sub vcl_deliver {
149. # remove some headers added by varnish
150. unset resp.http.Via;
151. unset resp.http.X-Varnish;
152. }
153.  
154. sub vcl_hit {
155. # Set up invalidation of the cache so purging gets done properly
156. if (req.request == "PURGE") {
157. purge;
158. error 200 "Purged.";
159. }
160. return (deliver);
161. }
162.  
163. sub vcl_miss {
164. # Set up invalidation of the cache so purging gets done properly
165. if (req.request == "PURGE") {
166. purge;
167. error 200 "Purged.";
168. }
169. return (fetch);
170. }
171.  
172. sub vcl_error {
173. if (obj.status == 503) {
174. # set obj.http.location = req.http.Location;
175. set obj.status = 404;
176. set obj.response = "Not Found";
177. return (deliver);
178. }
179. }