Skip to content

Instantly share code, notes, and snippets.

@LimeCuda
Last active October 12, 2016 21:37
Show Gist options
  • Save LimeCuda/8fde2f27482ef16f4c43ea99a09d641d to your computer and use it in GitHub Desktop.
Save LimeCuda/8fde2f27482ef16f4c43ea99a09d641d to your computer and use it in GitHub Desktop.
This is the VCL that is generated from all our settings. See the VCL on your service by clicking the "Show VCL" in dropdown http://screencast.com/t/U52i3zaC https://fewerthanthree.com/tutorial/wordpress-multisite-reverse-proxy-setup-wpengine/
pragma optional_param default_ssl_check_cert 1;
pragma optional_param customer_id "####HIDDEN####";
C!
W!
# Backends
backend F_Port_443_WordPress_Endpoint {
.first_byte_timeout = 15s;
.connect_timeout = 1s;
.max_connections = 200;
.between_bytes_timeout = 10s;
.share_key = "####HIDDEN####";
.port = "443";
.host = "####IPADDRESS####";
.ssl = true;
.ssl_sni_hostname = "admin.originalsite.com";
.ssl_cert_hostname = "admin.originalsite.com";
.ssl_check_cert = always;
}
backend F_Port_80_WordPress_endpoint {
.first_byte_timeout = 15s;
.connect_timeout = 1s;
.max_connections = 200;
.between_bytes_timeout = 10s;
.share_key = "####HIDDEN####";
.port = "80";
.host = "####IPADDRESS####";
}
sub vcl_recv {
#--FASTLY RECV BEGIN
if (req.restarts == 0) {
if (!req.http.X-Timer) {
set req.http.X-Timer = "S" time.start.sec "." time.start.usec_frac;
}
set req.http.X-Timer = req.http.X-Timer ",VS0";
}
set req.http.Fastly-Orig-Host = req.http.host;
set req.http.host = "admin.originalsite.com";
# default conditions
# end default conditions
# Request Condition: Non Secure Prio: 10
if( !req.http.fastly-ssl ) {
set req.backend = F_Port_80_WordPress_endpoint;
}
#end condition
# Request Condition: Secure Prio: 10
if( req.http.fastly-ssl ) {
set req.backend = F_Port_443_WordPress_Endpoint;
# Header rewrite HTTP_X_FORWARDED_SERVER required by WPEngine : 10
set req.http.HTTP_X_FORWARDED_SERVER = "admin.originalsite.com";
# Header rewrite X-Forwarded-Server for WPEngine backend : 10
set req.http.X-Forwarded-Server = "admin.originalsite.com";
}
# Request Condition: No headers for Admin Prio: 10
if( req.http.Host != "admin.originalsite.com" ) {
# Header rewrite HTTP_X_FORWARDED_HOST : 10
set req.http.HTTP_X_FORWARDED_HOST = "admin.originalsite.com";
# Header rewrite HTTP_X_FORWARDED_SERVER : 10
set req.http.HTTP_X_FORWARDED_SERVER = "www.finalsite.com";
# Header rewrite HTTP_X_ORIGINAL_HOST : 10
set req.http.HTTP_X_ORIGINAL_HOST = "finalsite.com";
}
#end condition
#--FASTLY RECV END
if (req.request != "HEAD" && req.request != "GET" && req.request != "FASTLYPURGE") {
return(pass);
}
return(lookup);
}
sub vcl_fetch {
#--FASTLY FETCH BEGIN
# record which cache ran vcl_fetch for this object and when
set beresp.http.Fastly-Debug-Path = "(F " server.identity " " now.sec ") " if(beresp.http.Fastly-Debug-Path, beresp.http.Fastly-Debug-Path, "");
# generic mechanism to vary on something
if (req.http.Fastly-Vary-String) {
if (beresp.http.Vary) {
set beresp.http.Vary = "Fastly-Vary-String, " beresp.http.Vary;
} else {
set beresp.http.Vary = "Fastly-Vary-String, ";
}
}
#--FASTLY FETCH END
if ((beresp.status == 500 || beresp.status == 503) && req.restarts < 1 && (req.request == "GET" || req.request == "HEAD")) {
restart;
}
if(req.restarts > 0 ) {
set beresp.http.Fastly-Restarts = req.restarts;
}
if (beresp.http.Set-Cookie) {
set req.http.Fastly-Cachetype = "SETCOOKIE";
return (pass);
}
if (beresp.http.Cache-Control ~ "private") {
set req.http.Fastly-Cachetype = "PRIVATE";
return (pass);
}
if (beresp.status == 500 || beresp.status == 503) {
set req.http.Fastly-Cachetype = "ERROR";
set beresp.ttl = 1s;
set beresp.grace = 5s;
return (deliver);
}
if (beresp.http.Expires || beresp.http.Surrogate-Control ~ "max-age" || beresp.http.Cache-Control ~"(s-maxage|max-age)") {
# keep the ttl here
} else {
# apply the default ttl
set beresp.ttl = 3600s;
}
return(deliver);
}
sub vcl_hit {
#--FASTLY HIT BEGIN
# we cannot reach obj.ttl and obj.grace in deliver, save them when we can in vcl_hit
set req.http.Fastly-Tmp-Obj-TTL = obj.ttl;
set req.http.Fastly-Tmp-Obj-Grace = obj.grace;
{
set req.http.Fastly-Cachetype = "HIT";
}
#--FASTLY HIT END
if (!obj.cacheable) {
return(pass);
}
return(deliver);
}
sub vcl_miss {
#--FASTLY MISS BEGIN
# this is not a hit after all, clean up these set in vcl_hit
unset req.http.Fastly-Tmp-Obj-TTL;
unset req.http.Fastly-Tmp-Obj-Grace;
{
if (req.http.Fastly-Check-SHA1) {
error 550 "Doesnt exist";
}
#--FASTLY BEREQ BEGIN
{
if (req.http.Fastly-Original-Cookie) {
set bereq.http.Cookie = req.http.Fastly-Original-Cookie;
}
if (req.http.Fastly-Original-URL) {
set bereq.url = req.http.Fastly-Original-URL;
}
{
if (req.http.Fastly-FF) {
set bereq.http.Fastly-Client = "1";
}
}
{
# do not send this to the backend
unset bereq.http.Fastly-Original-Cookie;
unset bereq.http.Fastly-Original-URL;
unset bereq.http.Fastly-Vary-String;
unset bereq.http.X-Varnish-Client;
}
if (req.http.Fastly-Temp-XFF) {
if (req.http.Fastly-Temp-XFF == "") {
unset bereq.http.X-Forwarded-For;
} else {
set bereq.http.X-Forwarded-For = req.http.Fastly-Temp-XFF;
}
# unset bereq.http.Fastly-Temp-XFF;
}
}
#--FASTLY BEREQ END
#;
set req.http.Fastly-Cachetype = "MISS";
}
#--FASTLY MISS END
return(fetch);
}
sub vcl_deliver {
#--FASTLY DELIVER BEGIN
# record the journey of the object, expose it only if req.http.Fastly-Debug.
if (req.http.Fastly-Debug || req.http.Fastly-FF) {
set resp.http.Fastly-Debug-Path = "(D " server.identity " " now.sec ") "
if(resp.http.Fastly-Debug-Path, resp.http.Fastly-Debug-Path, "");
set resp.http.Fastly-Debug-TTL = if(obj.hits > 0, "(H ", "(M ")
server.identity
if(req.http.Fastly-Tmp-Obj-TTL && req.http.Fastly-Tmp-Obj-Grace, " " req.http.Fastly-Tmp-Obj-TTL " " req.http.Fastly-Tmp-Obj-Grace " ", " - - ")
if(resp.http.Age, resp.http.Age, "-")
") "
if(resp.http.Fastly-Debug-TTL, resp.http.Fastly-Debug-TTL, "");
set resp.http.Fastly-Debug-Digest = digest.hash_sha256(req.digest);
} else {
unset resp.http.Fastly-Debug-Path;
unset resp.http.Fastly-Debug-TTL;
}
# add or append X-Served-By/X-Cache(-Hits)
{
if(!resp.http.X-Served-By) {
set resp.http.X-Served-By = server.identity;
} else {
set resp.http.X-Served-By = resp.http.X-Served-By ", " server.identity;
}
set resp.http.X-Cache = if(resp.http.X-Cache, resp.http.X-Cache ", ","") if(fastly_info.state ~ "HIT($|-)", "HIT", "MISS");
if(!resp.http.X-Cache-Hits) {
set resp.http.X-Cache-Hits = obj.hits;
} else {
set resp.http.X-Cache-Hits = resp.http.X-Cache-Hits ", " obj.hits;
}
}
if (req.http.X-Timer) {
set resp.http.X-Timer = req.http.X-Timer ",VE" time.elapsed.msec;
}
# VARY FIXUP
{
# remove before sending to client
set resp.http.Vary = regsub(resp.http.Vary, "Fastly-Vary-String, ", "");
if (resp.http.Vary ~ "^\s*$") {
unset resp.http.Vary;
}
}
unset resp.http.X-Varnish;
# Pop the surrogate headers into the request object so we can reference them later
set req.http.Surrogate-Key = resp.http.Surrogate-Key;
set req.http.Surrogate-Control = resp.http.Surrogate-Control;
# If we are not forwarding or debugging unset the surrogate headers so they are not present in the response
if (!req.http.Fastly-FF && !req.http.Fastly-Debug) {
unset resp.http.Surrogate-Key;
unset resp.http.Surrogate-Control;
}
if(resp.status == 550) {
return(deliver);
}
#default response conditions
#--FASTLY DELIVER END
return(deliver);
}
sub vcl_error {
#--FASTLY ERROR BEGIN
if (obj.status == 801) {
set obj.status = 301;
set obj.response = "Moved Permanently";
set obj.http.Location = "https://" req.http.host req.url;
synthetic {""};
return (deliver);
}
if (req.http.Fastly-Restart-On-Error) {
if (obj.status == 503 && req.restarts == 0) {
restart;
}
}
{
if (obj.status == 550) {
return(deliver);
}
}
#--FASTLY ERROR END
}
sub vcl_pipe {
#--FASTLY PIPE BEGIN
{
#--FASTLY BEREQ BEGIN
{
if (req.http.Fastly-Original-Cookie) {
set bereq.http.Cookie = req.http.Fastly-Original-Cookie;
}
if (req.http.Fastly-Original-URL) {
set bereq.url = req.http.Fastly-Original-URL;
}
{
if (req.http.Fastly-FF) {
set bereq.http.Fastly-Client = "1";
}
}
{
# do not send this to the backend
unset bereq.http.Fastly-Original-Cookie;
unset bereq.http.Fastly-Original-URL;
unset bereq.http.Fastly-Vary-String;
unset bereq.http.X-Varnish-Client;
}
if (req.http.Fastly-Temp-XFF) {
if (req.http.Fastly-Temp-XFF == "") {
unset bereq.http.X-Forwarded-For;
} else {
set bereq.http.X-Forwarded-For = req.http.Fastly-Temp-XFF;
}
# unset bereq.http.Fastly-Temp-XFF;
}
}
#--FASTLY BEREQ END
#;
set req.http.Fastly-Cachetype = "PIPE";
set bereq.http.connection = "close";
}
#--FASTLY PIPE END
}
sub vcl_pass {
#--FASTLY PASS BEGIN
{
#--FASTLY BEREQ BEGIN
{
if (req.http.Fastly-Original-Cookie) {
set bereq.http.Cookie = req.http.Fastly-Original-Cookie;
}
if (req.http.Fastly-Original-URL) {
set bereq.url = req.http.Fastly-Original-URL;
}
{
if (req.http.Fastly-FF) {
set bereq.http.Fastly-Client = "1";
}
}
{
# do not send this to the backend
unset bereq.http.Fastly-Original-Cookie;
unset bereq.http.Fastly-Original-URL;
unset bereq.http.Fastly-Vary-String;
unset bereq.http.X-Varnish-Client;
}
if (req.http.Fastly-Temp-XFF) {
if (req.http.Fastly-Temp-XFF == "") {
unset bereq.http.X-Forwarded-For;
} else {
set bereq.http.X-Forwarded-For = req.http.Fastly-Temp-XFF;
}
# unset bereq.http.Fastly-Temp-XFF;
}
}
#--FASTLY BEREQ END
#;
set req.http.Fastly-Cachetype = "PASS";
}
#--FASTLY PASS END
}
sub vcl_log {
#--FASTLY LOG START
# default response conditions
#--FASTLY LOG END
}
sub vcl_hash {
#--FASTLY HASH BEGIN
#if unspecified fall back to normal
{
set req.hash += req.url;
set req.hash += req.http.host;
set req.hash += "#####GENERATION#####";
return (hash);
}
#--FASTLY HASH END
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment