Skip to content

Instantly share code, notes, and snippets.

@forlogos

forlogos/varnish default.vcl

Created November 3, 2014 21:34
Star
Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
Latest version of default.vcl for varnish that am using.
Raw
varnish default.vcl
# Default backend definition. Set this to point to your content server.
backend default {
.host = "127.0.0.1";
.port = "8080";
.connect_timeout = 60s;
.first_byte_timeout = 60s;
.between_bytes_timeout = 60s;
.max_connections = 800;
}
acl purge {
"127.0.0.1";
"localhost";
}
sub vcl_recv {
set req.grace = 2m;
# Exclude these entire sites from being varnish'd
if ( req.http.host == "subdomain.example.com" || req.http.host == "example.com" ) {
return (pipe);
}
### do not cache these files:
if (req.request == "GET" && (req.url ~ "(wp-admin|wp-login|wp-cron|xmlrpc.php)")) {
return(pipe);
}
# any pages with captchas need to be excluded
if (req.url ~ "^/contact/" || req.url ~ "^/links/domains-for-sale/") {
return(pipe);
}
# Check the cookies for wordpress-specific items, Don't serve cached pages to logged in users & don't cache authenticated sessions
if (req.http.Cookie && req.http.Cookie ~ "(wordpress_|PHPSESSID|comment_)") {
return (pipe);
}
# Set X-Forwarded-For header for logging a visitors correct IP address, not 127.0.0.1
remove req.http.X-Forwarded-For;
set req.http.X-Forwarded-For = client.ip;
#doesn't work
# Remove has_js and CloudFlare/Google Analytics __* cookies and statcounter is_unique
set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(_[_a-z]+|has_js|is_unique)=[^;]*", "");
# Remove a ";" prefix, if present.
set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", "");
# Either not the admin pages or the login
if (!(req.url ~ "wp-(login|admin)")) {
unset req.http.cookie;
}
# Remove the wp-settings-1 cookie
set req.http.Cookie = regsuball(req.http.Cookie, "wp-settings-1=[^;]+(; )?", "");
# Remove the wp-settings-time-1 cookie
set req.http.Cookie = regsuball(req.http.Cookie, "wp-settings-time-1=[^;]+(; )?", "");
# Remove the wp test cookie
set req.http.Cookie = regsuball(req.http.Cookie, "wordpress_test_cookie=[^;]+(; )?", "");
# Remove empty cookies.
if (req.http.Cookie ~ "^\s*$") {
unset req.http.Cookie;
}
# Always cache the following file types for all users, Strip cookies for static files
if (req.url ~ "(?i)\.(png|gif|jpeg|jpg|ico|swf|css|js|html|htm)(\?[a-z0-9]+)?$" ) {
unset req.http.cookie;
return(lookup);
}
#never cache POST requests
if (req.request == "POST") {
return(pass);
}
# Pass anything other than GET and HEAD directly.
if (req.request != "GET" && req.request != "HEAD") {
return( pass );
}
# allow PURGE from localhost
if (req.request == "PURGE") {
if (!client.ip ~ purge) {
error 405 "Not allowed.";
}
return (lookup);
}
# Force lookup if the request is a no-cache request from the client
if (req.http.Cache-Control ~ "no-cache") {
return (pass);
}
# don't cache ajax requests
if(req.http.X-Requested-With == "XMLHttpRequest" || req.url ~ "nocache" || req.url~"(control.php|wp-comments-post.php|wp-login.php|bb-login.php|bb-reset-password.php|register.php)") {
return (pass);
}
# Try a cache-lookup
return (lookup);
}
sub vcl_fetch {
set beresp.ttl = 24h;
# Strip cookies for static files and set a long cache expiry time.
if (req.url ~ "\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|pdf|txt|js|flv|swf|html|htm)$") {
unset beresp.http.set-cookie;
set beresp.ttl = 24h;
}
# If WordPress cookies found then page is not cacheable
if (req.http.Cookie ~"(wp-postpass|wordpress_logged_in|comment_author_)") {
# set beresp.cacheable = false;#versions less than 3 beresp.ttl>0 is cacheable so 0 will not be cached
set beresp.ttl = 0s;
} else {
# set beresp.cacheable = true;
set beresp.ttl=24h;#cache for 24hrs
}
# Varnish determined the object was not cacheable
#if ttl is not > 0 seconds then it is cachebale
if (!beresp.ttl > 0s) {
set beresp.http.X-Cacheable = "NO:Not Cacheable";
} else if ( req.http.Cookie ~"(wp-postpass|wordpress_logged_in|comment_author_)" ) {
# You don't wish to cache content for logged in users
set beresp.http.X-Cacheable = "NO:Got Session";
return(hit_for_pass); #previously just pass but changed in v3+
} else if ( beresp.http.Cache-Control ~ "private") {
# You are respecting the Cache-Control=private header from the backend
set beresp.http.X-Cacheable = "NO:Cache-Control=private";
return(hit_for_pass);
} else if ( beresp.ttl < 1s ) {
# You are extending the lifetime of the object artificially
set beresp.ttl = 300s;
set beresp.grace = 300s;
set beresp.http.X-Cacheable = "YES:Forced";
} else {
# Varnish determined the object was cacheable
set beresp.http.X-Cacheable = "YES";
}
if (beresp.status == 404 || beresp.status >= 500) {
set beresp.ttl = 0s;
}
# Deliver the content
return(deliver);
if (!(req.url ~ "wp-(login|admin)")) {
unset beresp.http.set-cookie;
}
#set obj.grace = 5m;
# set beresp.grace = 2m;
}
sub vcl_hit {
if (req.request == "PURGE") {
purge;
error 200 "Purged.";
}
}
sub vcl_miss {
if (req.request == "PURGE") {
purge;
error 200 "Purged.";
}
}
sub vcl_deliver {
remove resp.http.Via;
remove resp.http.X-Whatever;
remove resp.http.X-Powered-By;
remove resp.http.X-Varnish;
remove resp.http.Age;
remove resp.http.Server;
set resp.http.Server = "Linode";
set resp.http.X-Powered-By = "Open Source";
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment