Skip to content

Instantly share code, notes, and snippets.

@gistfrojd

gistfrojd/default.vcl

Last active March 24, 2016 08:10
Show Gist options
  • Save gistfrojd/fd6e5761719810879f99 to your computer and use it in GitHub Desktop.
Save gistfrojd/fd6e5761719810879f99 to your computer and use it in GitHub Desktop.
Download ZIP
Varnish 3.0 Configuration for Wordpress (this file has moved to https://github.com/Frojd/Manual)
Raw
default.vcl
# Normal users
backend default {
.host = "127.0.0.1";
.port = "8080";
}
# WP-Admin users
backend admin_backend {
.host = "127.0.0.1";
.port = "8080";
.first_byte_timeout = 10m;
.between_bytes_timeout = 10m;
}
# Purge permissions
acl purge {
"localhost";
"127.0.0.1";
}
#########################################################################################################################
# Called at the beginning of a request, after the complete request has been received and parsed. #
# Its purpose is to decide whether or not to serve the request, how to do it, and, if applicable, which backend to use. #
#########################################################################################################################
sub vcl_recv {
# Example: Ignore these domains
# if (req.http.host == "example.com") {
# return (pass);
# }
# Add purge
if (req.request == "PURGE" || req.request == "BAN") {
if (!client.ip ~ purge) {
error 405 "Not allowed.";
}
return (lookup);
}
# set standard proxied ip header for getting original remote address
if (req.http.X-Forwarded-For) {
set req.http.X-Forwarded-For = req.http.X-Forwarded-For;
} else {
set req.http.X-Forwarded-For = client.ip;
}
# logged in users must always pass
if (req.url ~ "wp-(login|admin)" || req.http.Cookie ~ "wordpress_logged_in_") {
set req.backend = admin_backend;
return (pass);
}
# Example: Exclude page
# if ( req.url ~ "\/testcategory\/testpage\/" ){
# return (pass);
#}
# Example: Exclude phpmyadmin
if (req.url ~ "^/phpmyadmin.*") {
return(pass);
}
# WP Plugin: Wordpress-social-login (Exclude WSL)
if (req.url ~ "wp-content/plugins/wordpress-social-login/hybridauth/\?"){
return (pass);
}
# don't cache search results
if (req.url ~ "\?s="){
return (pass);
}
# always pass through posted requests and those with basic auth
if (req.request == "POST" || req.http.Authorization) {
return (pass);
}
# else ok to fetch a cached page
unset req.http.Cookie;
return (lookup);
}
################################################################################
# Called after a cache lookup if the requested document was found in the cache.
################################################################################
sub vcl_hit {
if (req.request == "PURGE") {
purge;
error 200 "Purged.";
}
if (req.request == "BAN") {
ban("obj.http.x-url ~ " + req.url);
error 200 "Banned.";
}
}
################################################################################
# Called right after an object was looked up and not found in cache
################################################################################
sub vcl_miss {
if (req.request == "PURGE") {
purge;
error 200 "Purged.";
}
if (req.request == "BAN") {
ban("obj.http.x-url ~ " + req.url);
error 200 "Banned.";
}
}
################################################################################
# Called after a document has been successfully retrieved from the backend.
################################################################################
sub vcl_fetch {
# remove some headers we never want to see
unset beresp.http.Server;
unset beresp.http.X-Powered-By;
set beresp.http.x-url = req.url;
# only allow cookies to be set if we're in admin area - i.e. commenters stay logged out
if (beresp.http.Set-Cookie && req.url !~ "wp-(login|admin)") {
unset beresp.http.Set-Cookie;
}
# don't cache response to posted requests or those with basic auth
if (req.request == "POST" || req.http.Authorization) {
return (hit_for_pass);
}
# only cache status ok and 404´s
if (beresp.status != 200 && beresp.status != 404) {
return (hit_for_pass);
}
# Example: Exclude page
# if (req.url ~ "\/testcategory\/testpage\/"){
# return (hit_for_pass);
#}
# don't cache search results
if (req.url ~ "\?s=") {
return (hit_for_pass);
}
# Example: exclude phpmyadmin
# if (req.url ~ "^/phpmyadmin.*") {
# return (hit_for_pass);
#}
# else ok to cache the response
set beresp.ttl = 10m;
return (deliver);
}
################################################################################
# Called before a cached object is delivered to the client.
################################################################################
sub vcl_deliver {
# add debugging headers, so we can see what's cached
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
} else {
set resp.http.X-Cache = "MISS";
}
# remove some headers added by varnish
unset resp.http.Via;
unset resp.http.X-Varnish;
unset resp.http.x-url;
}
####################################################################################################
# Use req.hash += req.http.Cookie or similar to include the Cookie HTTP header in the hash string.
####################################################################################################
sub vcl_hash {
hash_data(req.url);
if (req.http.host) {
hash_data(req.http.host);
} else {
hash_data(server.ip);
}
if (req.http.X-Forwarded-Proto) {
hash_data(req.http.X-Forwarded-Proto);
}
return (hash);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment