/varnish default.vcl
Created Nov 3, 2014
Latest version of default.vcl for varnish that am using.
| # Default backend definition. Set this to point to your content server. | |
| backend default { | |
| .host = "127.0.0.1"; | |
| .port = "8080"; | |
| .connect_timeout = 60s; | |
| .first_byte_timeout = 60s; | |
| .between_bytes_timeout = 60s; | |
| .max_connections = 800; | |
| } | |
| acl purge { | |
| "127.0.0.1"; | |
| "localhost"; | |
| } | |
| sub vcl_recv { | |
| set req.grace = 2m; | |
| # Exclude these entire sites from being varnish'd | |
| if ( req.http.host == "subdomain.example.com" || req.http.host == "example.com" ) { | |
| return (pipe); | |
| } | |
| ### do not cache these files: | |
| if (req.request == "GET" && (req.url ~ "(wp-admin|wp-login|wp-cron|xmlrpc.php)")) { | |
| return(pipe); | |
| } | |
| # any pages with captchas need to be excluded | |
| if (req.url ~ "^/contact/" || req.url ~ "^/links/domains-for-sale/") { | |
| return(pipe); | |
| } | |
| # Check the cookies for wordpress-specific items, Don't serve cached pages to logged in users & don't cache authenticated sessions | |
| if (req.http.Cookie && req.http.Cookie ~ "(wordpress_|PHPSESSID|comment_)") { | |
| return (pipe); | |
| } | |
| # Set X-Forwarded-For header for logging a visitors correct IP address, not 127.0.0.1 | |
| remove req.http.X-Forwarded-For; | |
| set req.http.X-Forwarded-For = client.ip; | |
| #doesn't work | |
| # Remove has_js and CloudFlare/Google Analytics __* cookies and statcounter is_unique | |
| set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(_[_a-z]+|has_js|is_unique)=[^;]*", ""); | |
| # Remove a ";" prefix, if present. | |
| set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", ""); | |
| # Either not the admin pages or the login | |
| if (!(req.url ~ "wp-(login|admin)")) { | |
| unset req.http.cookie; | |
| } | |
| # Remove the wp-settings-1 cookie | |
| set req.http.Cookie = regsuball(req.http.Cookie, "wp-settings-1=[^;]+(; )?", ""); | |
| # Remove the wp-settings-time-1 cookie | |
| set req.http.Cookie = regsuball(req.http.Cookie, "wp-settings-time-1=[^;]+(; )?", ""); | |
| # Remove the wp test cookie | |
| set req.http.Cookie = regsuball(req.http.Cookie, "wordpress_test_cookie=[^;]+(; )?", ""); | |
| # Remove empty cookies. | |
| if (req.http.Cookie ~ "^\s*$") { | |
| unset req.http.Cookie; | |
| } | |
| # Always cache the following file types for all users, Strip cookies for static files | |
| if (req.url ~ "(?i)\.(png|gif|jpeg|jpg|ico|swf|css|js|html|htm)(\?[a-z0-9]+)?$" ) { | |
| unset req.http.cookie; | |
| return(lookup); | |
| } | |
| #never cache POST requests | |
| if (req.request == "POST") { | |
| return(pass); | |
| } | |
| # Pass anything other than GET and HEAD directly. | |
| if (req.request != "GET" && req.request != "HEAD") { | |
| return( pass ); | |
| } | |
| # allow PURGE from localhost | |
| if (req.request == "PURGE") { | |
| if (!client.ip ~ purge) { | |
| error 405 "Not allowed."; | |
| } | |
| return (lookup); | |
| } | |
| # Force lookup if the request is a no-cache request from the client | |
| if (req.http.Cache-Control ~ "no-cache") { | |
| return (pass); | |
| } | |
| # don't cache ajax requests | |
| if(req.http.X-Requested-With == "XMLHttpRequest" || req.url ~ "nocache" || req.url~"(control.php|wp-comments-post.php|wp-login.php|bb-login.php|bb-reset-password.php|register.php)") { | |
| return (pass); | |
| } | |
| # Try a cache-lookup | |
| return (lookup); | |
| } | |
| sub vcl_fetch { | |
| set beresp.ttl = 24h; | |
| # Strip cookies for static files and set a long cache expiry time. | |
| if (req.url ~ "\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|pdf|txt|js|flv|swf|html|htm)$") { | |
| unset beresp.http.set-cookie; | |
| set beresp.ttl = 24h; | |
| } | |
| # If WordPress cookies found then page is not cacheable | |
| if (req.http.Cookie ~"(wp-postpass|wordpress_logged_in|comment_author_)") { | |
| # set beresp.cacheable = false;#versions less than 3 beresp.ttl>0 is cacheable so 0 will not be cached | |
| set beresp.ttl = 0s; | |
| } else { | |
| # set beresp.cacheable = true; | |
| set beresp.ttl=24h;#cache for 24hrs | |
| } | |
| # Varnish determined the object was not cacheable | |
| #if ttl is not > 0 seconds then it is cachebale | |
| if (!beresp.ttl > 0s) { | |
| set beresp.http.X-Cacheable = "NO:Not Cacheable"; | |
| } else if ( req.http.Cookie ~"(wp-postpass|wordpress_logged_in|comment_author_)" ) { | |
| # You don't wish to cache content for logged in users | |
| set beresp.http.X-Cacheable = "NO:Got Session"; | |
| return(hit_for_pass); #previously just pass but changed in v3+ | |
| } else if ( beresp.http.Cache-Control ~ "private") { | |
| # You are respecting the Cache-Control=private header from the backend | |
| set beresp.http.X-Cacheable = "NO:Cache-Control=private"; | |
| return(hit_for_pass); | |
| } else if ( beresp.ttl < 1s ) { | |
| # You are extending the lifetime of the object artificially | |
| set beresp.ttl = 300s; | |
| set beresp.grace = 300s; | |
| set beresp.http.X-Cacheable = "YES:Forced"; | |
| } else { | |
| # Varnish determined the object was cacheable | |
| set beresp.http.X-Cacheable = "YES"; | |
| } | |
| if (beresp.status == 404 || beresp.status >= 500) { | |
| set beresp.ttl = 0s; | |
| } | |
| # Deliver the content | |
| return(deliver); | |
| if (!(req.url ~ "wp-(login|admin)")) { | |
| unset beresp.http.set-cookie; | |
| } | |
| #set obj.grace = 5m; | |
| # set beresp.grace = 2m; | |
| } | |
| sub vcl_hit { | |
| if (req.request == "PURGE") { | |
| purge; | |
| error 200 "Purged."; | |
| } | |
| } | |
| sub vcl_miss { | |
| if (req.request == "PURGE") { | |
| purge; | |
| error 200 "Purged."; | |
| } | |
| } | |
| sub vcl_deliver { | |
| remove resp.http.Via; | |
| remove resp.http.X-Whatever; | |
| remove resp.http.X-Powered-By; | |
| remove resp.http.X-Varnish; | |
| remove resp.http.Age; | |
| remove resp.http.Server; | |
| set resp.http.Server = "Linode"; | |
| set resp.http.X-Powered-By = "Open Source"; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment