/gist:838dc4cb576980f2902e Secret

## gistfile1.txt
# This is a basic VCL configuration file for varnish.  See the vcl(7)
# man page for details on VCL syntax and semantics.
#
# Default backend definition.  Set this to point to your content
# server.
#
backend default {
  .host = "xx.xx.xx.xx";
  .port = "8080";
  .connect_timeout = 600s;
  .first_byte_timeout = 600s;
  .between_bytes_timeout = 600s;
  .max_connections = 800;
}
sub vcl_recv {
 if (req.url ~ "\.(png|gif|jpg|swf|css|js)$") {
    return(lookup);
 }
}

# strip the cookie before the image is inserted into cache.
 sub vcl_fetch {
  if (req.url ~ "\.(png|gif|jpg|swf|css|js)$") {
     unset beresp.http.set-cookie;
      }
      }

sub vcl_recv {
# only using one backend
set req.backend = default;
#
# set standard proxied ip header for getting original remote address
set req.http.X-Forwarded-For = client.ip;
#

# Remove has_js and CloudFlare/Google Analytics __* cookies.
set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(_[_a-z]+|has_js)=[^;]*", "");
# Remove a ";" prefix, if present.
set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", "");


# logged in users must always pass
if( req.url ~ "^/wp-(login|admin)" || req.http.Cookie ~ "wordpress_logged_in_" ){
return (pass);
}
# accept purges from w3tc and varnish http purge
if (req.request == "PURGE") {
return (lookup);
}
#


if (req.url ~ "^/(cart|my-account|checkout|addons)") {
 return (pass);
 }

if ( req.url ~ "\?add-to-cart=" ) {
 return (pass);
 }


# allow phpmyadmin
if (req.url ~ "^/phpmyadmin") {
return (pass);
}


# don't cache search results
if( req.url ~ "\?s=" ){
return (pass);
}
#
# always pass through posted requests and those with basic auth
if ( req.request == "POST" || req.http.Authorization ) {
return (pass);
}
#
# else ok to fetch a cached page
unset req.http.Cookie;
return (lookup);
}
#
# accept purges from w3tc and varnish http purge
sub vcl_hit {
if (req.request == "PURGE") { purge; }
return (deliver);
}
#
# accept purges from w3tc and varnish http purge
sub vcl_miss {
if (req.request == "PURGE") { purge; }
return (fetch);
}

#
#

sub vcl_fetch {

# allow phpmyadmin
if (req.url ~ "^/phpmyadmin") {
return (hit_for_pass);
}
#
# remove some headers we never want to see
unset beresp.http.Server;
unset beresp.http.X-Powered-By;
#
# only allow cookies to be set if we're in admin area - i.e. commenters stay logged out
#if( beresp.http.Set-Cookie && req.url !~ "^/wp-(login|admin)" ){
#unset beresp.http.Set-Cookie;
#set beresp.ttl = 48h;
#}


# don't cache response to posted requests or those with basic auth
if ( req.request == "POST" || req.http.Authorization ) {
return (hit_for_pass);
}
#
# only cache status ok
if ( beresp.status != 200 ) {
return (hit_for_pass);
}
#
#Dont cache admin tesst
if (req.url ~ "^/wp-(login|login-2|admin)") {
return (hit_for_pass);
}

#
#
# don't cache search results
if( req.url ~ "\?s=" ){
return (hit_for_pass);
}
#

# bypass export CSV , you can replace your url pattern with /exportlimit/all/
if ( req.url ~ ".*/tools.php?page=regenerate-thumbnails/.*" ) {
set req.http.connection = "close";
return(hit_for_pass);
}


# else ok to cache the response
set beresp.ttl = 5m;
return (deliver);
}
#
#

sub vcl_deliver {
# add debugging headers, so we can see what's cached
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
}
else {
set resp.http.X-Cache = "MISS";
}
# remove some headers added by varnish
unset resp.http.Via;
unset resp.http.X-Varnish;
}
#

sub vcl_hash {
hash_data( req.url );
# altering hash so subdomains are ignored.
# don't do this if you actually run different sites on different subdomains
if ( req.http.host ) {
hash_data( regsub( req.http.host, "^([^\.]+\.)+([a-z]+)$", "\1\2" ) );
} else {
hash_data( server.ip );
}
# ensure separate cache for mobile clients (WPTouch workaround)
if( req.http.User-Agent ~ "(iPod|iPhone|incognito|webmate|dream|CUPCAKE|WebOS|blackberry9\d\d\d)" ){
hash_data("touch");
}
return (hash);
}


# Below is a commented-out copy of the default VCL logic.  If you
# redefine any of these subroutines, the built-in logic will be
# appended to your code.
# sub vcl_recv {
#     if (req.restarts == 0) {
#       if (req.http.x-forwarded-for) {
#           set req.http.X-Forwarded-For =
#               req.http.X-Forwarded-For + ", " + client.ip;
#       } else {
#           set req.http.X-Forwarded-For = client.ip;
#       }
#     }
#     if (req.request != "GET" &&
#       req.request != "HEAD" &&
#       req.request != "PUT" &&
#       req.request != "POST" &&
#       req.request != "TRACE" &&
#       req.request != "OPTIONS" &&
#       req.request != "DELETE") {
#         /* Non-RFC2616 or CONNECT which is weird. */
#         return (pipe);
#     }
#     if (req.request != "GET" && req.request != "HEAD") {
#         /* We only deal with GET and HEAD by default */
#         return (pass);
#     }
#     if (req.http.Authorization || req.http.Cookie) {
#         /* Not cacheable by default */
#         return (pass);
#     }
#     return (lookup);
# }
#
# sub vcl_pipe {
#     # Note that only the first request to the backend will have
#     # X-Forwarded-For set.  If you use X-Forwarded-For and want to
#     # have it set for all requests, make sure to have:
#     # set bereq.http.connection = "close";
#     # here.  It is not set by default as it might break some broken web
#     # applications, like IIS with NTLM authentication.
#     return (pipe);
# }


#}
#
#
# sub vcl_pass {
#     return (pass);
# }
#
# sub vcl_hash {
#     hash_data(req.url);
#     if (req.http.host) {
#         hash_data(req.http.host);
#     } else {
#         hash_data(server.ip);
#     }
#     return (hash);
# }
#
# sub vcl_hit {
#     return (deliver);
# }
#
# sub vcl_miss {
#     return (fetch);
# }
#
# sub vcl_fetch {
#     if (beresp.ttl <= 0s ||
#         beresp.http.Set-Cookie ||
#         beresp.http.Vary == "*") {
#               /*
#                * Mark as "Hit-For-Pass" for the next 2 minutes
#                */
#               set beresp.ttl = 120 s;
#               return (hit_for_pass);
#     }
#     return (deliver);
# }
#
# sub vcl_deliver {
#     return (deliver);
# }
#
# sub vcl_error {
#     set obj.http.Content-Type = "text/html; charset=utf-8";
#     set obj.http.Retry-After = "5";
#     synthetic {"
# <?xml version="1.0" encoding="utf-8"?>
# <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
#  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
# <html>
#   <head>
#     <title>"} + obj.status + " " + obj.response + {"</title>
#   </head>
#   <body>
#     <h1>Error "} + obj.status + " " + obj.response + {"</h1>
#     <p>"} + obj.response + {"</p>
#     <h3>Guru Meditation:</h3>
#     <p>XID: "} + req.xid + {"</p>
#     <hr>
#     <p>Varnish cache server</p>
#   </body>
# </html>
# "};
#     return (deliver);
# }
#
# sub vcl_init {
#       return (ok);
# }
#
# sub vcl_fini {
#       return (ok);
# }
	# This is a basic VCL configuration file for varnish. See the vcl(7)
	# man page for details on VCL syntax and semantics.
	#
	# Default backend definition. Set this to point to your content
	# server.
	#
	backend default {
	.host = "xx.xx.xx.xx";
	.port = "8080";
	.connect_timeout = 600s;
	.first_byte_timeout = 600s;
	.between_bytes_timeout = 600s;
	.max_connections = 800;
	}
	sub vcl_recv {
	if (req.url ~ "\.(png\|gif\|jpg\|swf\|css\|js)$") {
	return(lookup);
	}
	}

	# strip the cookie before the image is inserted into cache.
	sub vcl_fetch {
	if (req.url ~ "\.(png\|gif\|jpg\|swf\|css\|js)$") {
	unset beresp.http.set-cookie;
	}
	}

	sub vcl_recv {
	# only using one backend
	set req.backend = default;
	#
	# set standard proxied ip header for getting original remote address
	set req.http.X-Forwarded-For = client.ip;
	#

	# Remove has_js and CloudFlare/Google Analytics __* cookies.
	set req.http.Cookie = regsuball(req.http.Cookie, "(^\|;\s)(_[_a-z]+\|has_js)=[^;]", "");
	# Remove a ";" prefix, if present.
	set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", "");




	# logged in users must always pass
	if( req.url ~ "^/wp-(login\|admin)" \|\| req.http.Cookie ~ "wordpress_logged_in_" ){
	return (pass);
	}
	# accept purges from w3tc and varnish http purge
	if (req.request == "PURGE") {
	return (lookup);
	}
	#


	if (req.url ~ "^/(cart\|my-account\|checkout\|addons)") {
	return (pass);
	}

	if ( req.url ~ "\?add-to-cart=" ) {
	return (pass);
	}



	# allow phpmyadmin
	if (req.url ~ "^/phpmyadmin") {
	return (pass);
	}





	# don't cache search results
	if( req.url ~ "\?s=" ){
	return (pass);
	}
	#
	# always pass through posted requests and those with basic auth
	if ( req.request == "POST" \|\| req.http.Authorization ) {
	return (pass);
	}
	#
	# else ok to fetch a cached page
	unset req.http.Cookie;
	return (lookup);
	}
	#
	# accept purges from w3tc and varnish http purge
	sub vcl_hit {
	if (req.request == "PURGE") { purge; }
	return (deliver);
	}
	#
	# accept purges from w3tc and varnish http purge
	sub vcl_miss {
	if (req.request == "PURGE") { purge; }
	return (fetch);
	}

	#
	#

	sub vcl_fetch {

	# allow phpmyadmin
	if (req.url ~ "^/phpmyadmin") {
	return (hit_for_pass);
	}
	#
	# remove some headers we never want to see
	unset beresp.http.Server;
	unset beresp.http.X-Powered-By;
	#
	# only allow cookies to be set if we're in admin area - i.e. commenters stay logged out
	#if( beresp.http.Set-Cookie && req.url !~ "^/wp-(login\|admin)" ){
	#unset beresp.http.Set-Cookie;
	#set beresp.ttl = 48h;
	#}


	# don't cache response to posted requests or those with basic auth
	if ( req.request == "POST" \|\| req.http.Authorization ) {
	return (hit_for_pass);
	}
	#
	# only cache status ok
	if ( beresp.status != 200 ) {
	return (hit_for_pass);
	}
	#
	#Dont cache admin tesst
	if (req.url ~ "^/wp-(login\|login-2\|admin)") {
	return (hit_for_pass);
	}

	#
	#
	# don't cache search results
	if( req.url ~ "\?s=" ){
	return (hit_for_pass);
	}
	#

	# bypass export CSV , you can replace your url pattern with /exportlimit/all/
	if ( req.url ~ "./tools.php?page=regenerate-thumbnails/." ) {
	set req.http.connection = "close";
	return(hit_for_pass);
	}



	# else ok to cache the response
	set beresp.ttl = 5m;
	return (deliver);
	}
	#
	#

	sub vcl_deliver {
	# add debugging headers, so we can see what's cached
	if (obj.hits > 0) {
	set resp.http.X-Cache = "HIT";
	}
	else {
	set resp.http.X-Cache = "MISS";
	}
	# remove some headers added by varnish
	unset resp.http.Via;
	unset resp.http.X-Varnish;
	}
	#

	sub vcl_hash {
	hash_data( req.url );
	# altering hash so subdomains are ignored.
	# don't do this if you actually run different sites on different subdomains
	if ( req.http.host ) {
	hash_data( regsub( req.http.host, "^([^\.]+\.)+([a-z]+)$", "\1\2" ) );
	} else {
	hash_data( server.ip );
	}
	# ensure separate cache for mobile clients (WPTouch workaround)
	if( req.http.User-Agent ~ "(iPod\|iPhone\|incognito\|webmate\|dream\|CUPCAKE\|WebOS\|blackberry9\d\d\d)" ){
	hash_data("touch");
	}
	return (hash);
	}



	# Below is a commented-out copy of the default VCL logic. If you
	# redefine any of these subroutines, the built-in logic will be
	# appended to your code.
	# sub vcl_recv {
	# if (req.restarts == 0) {
	# if (req.http.x-forwarded-for) {
	# set req.http.X-Forwarded-For =
	# req.http.X-Forwarded-For + ", " + client.ip;
	# } else {
	# set req.http.X-Forwarded-For = client.ip;
	# }
	# }
	# if (req.request != "GET" &&
	# req.request != "HEAD" &&
	# req.request != "PUT" &&
	# req.request != "POST" &&
	# req.request != "TRACE" &&
	# req.request != "OPTIONS" &&
	# req.request != "DELETE") {
	# /* Non-RFC2616 or CONNECT which is weird. */
	# return (pipe);
	# }
	# if (req.request != "GET" && req.request != "HEAD") {
	# /* We only deal with GET and HEAD by default */
	# return (pass);
	# }
	# if (req.http.Authorization \|\| req.http.Cookie) {
	# /* Not cacheable by default */
	# return (pass);
	# }
	# return (lookup);
	# }
	#
	# sub vcl_pipe {
	# # Note that only the first request to the backend will have
	# # X-Forwarded-For set. If you use X-Forwarded-For and want to
	# # have it set for all requests, make sure to have:
	# # set bereq.http.connection = "close";
	# # here. It is not set by default as it might break some broken web
	# # applications, like IIS with NTLM authentication.
	# return (pipe);
	# }


	#}
	#
	#
	# sub vcl_pass {
	# return (pass);
	# }
	#
	# sub vcl_hash {
	# hash_data(req.url);
	# if (req.http.host) {
	# hash_data(req.http.host);
	# } else {
	# hash_data(server.ip);
	# }
	# return (hash);
	# }
	#
	# sub vcl_hit {
	# return (deliver);
	# }
	#
	# sub vcl_miss {
	# return (fetch);
	# }
	#
	# sub vcl_fetch {
	# if (beresp.ttl <= 0s \|\|
	# beresp.http.Set-Cookie \|\|
	# beresp.http.Vary == "*") {
	# /*
	# * Mark as "Hit-For-Pass" for the next 2 minutes
	# */
	# set beresp.ttl = 120 s;
	# return (hit_for_pass);
	# }
	# return (deliver);
	# }
	#
	# sub vcl_deliver {
	# return (deliver);
	# }
	#
	# sub vcl_error {
	# set obj.http.Content-Type = "text/html; charset=utf-8";
	# set obj.http.Retry-After = "5";
	# synthetic {"
	# <?xml version="1.0" encoding="utf-8"?>
	# <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
	# "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
	# <html>
	# <head>
	# <title>"} + obj.status + " " + obj.response + {"</title>
	# </head>
	# <body>
	# <h1>Error "} + obj.status + " " + obj.response + {"</h1>
	# <p>"} + obj.response + {"</p>
	# <h3>Guru Meditation:</h3>
	# <p>XID: "} + req.xid + {"</p>
	# <hr>
	# <p>Varnish cache server</p>
	# </body>
	# </html>
	# "};
	# return (deliver);
	# }
	#
	# sub vcl_init {
	# return (ok);
	# }
	#
	# sub vcl_fini {
	# return (ok);
	# }