Skip to content

Instantly share code, notes, and snippets.

@marcofbb
marcofbb / cloudflare_remove_gets.vcl
Created April 3, 2020 01:41
Varnish remove GET parameters Cloudflare under attack challange
# in vcl_recv
if (req.url ~ "(\?|&)(__cf_chl_jschl_tk__)=") {
set req.url = regsuball(req.url, "&(__cf_chl_jschl_tk__)=([A-z0-9_\-\.%25]+)", "");
set req.url = regsuball(req.url, "\?(__cf_chl_jschl_tk__)=([A-z0-9_\-\.%25]+)", "?");
set req.url = regsub(req.url, "\?&", "?");
set req.url = regsub(req.url, "\?$", "");
}
@marcofbb
marcofbb / default.vcl
Last active December 28, 2021 12:24
Varnish cache different for Mobile / PC/ Tablet
## ## Not complete default.vcl code
# Routine to try and identify device
sub identify_device {
# Default to thinking it's desktop
set req.http.X-UA-Device = "desktop";
if (req.http.User-Agent ~ "iPad" ) {
# It says its a iPad - so let's give them the tablet-site
set req.http.X-UA-Device = "tablet";
@marcofbb
marcofbb / default.vcl
Created April 3, 2020 01:53
Varnish cache different for each country with Cloudflare header
## ## Not complete default.vcl code
sub vcl_recv {
set req.http.IPCountry = "no-specified";
# usage ISO 3166-1 alpha-2 ( https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 )
## If I want to group BR and US in same group cache
if (req.http.CF-IPCountry == "BR" || req.http.CF-IPCountry == "US") {
set req.http.IPCountry = "group-br-and-us";
} else {
set req.http.IPCountry = req.http.CF-IPCountry;
}
@marcofbb
marcofbb / limit_rate.vcl
Created April 3, 2020 04:57
varnish limit rate request for seconds with cloudflare
## ## Not complete default.vcl code
# Install https://github.com/varnish/varnish-modules
import vsthrottle;
# If I want to implement limitation to any request (do not declare req.http.X-Actual-IP again in other subsequent subroutines)
sub vcl_recv {
# GET REAL IP USER from proxy CLOUDFLARE
set req.http.X-Actual-IP = regsub(req.http.X-Forwarded-For, "[, ].*$", "");
if(vsthrottle.is_denied(req.http.X-Actual-IP, 50, 5s, 60s)) {
@marcofbb
marcofbb / signed_url_google_storage.php
Last active May 6, 2020 21:43
Signed manually url google storage PHP
<?php
/*
DOCS:
https://cloud.google.com/storage/docs/access-control/signed-urls
https://cloud.google.com/storage/docs/access-control/signing-urls-manually
Translate to PHP of code Python: https://github.com/GoogleCloudPlatform/python-docs-samples/blob/master/storage/signed_urls/generate_signed_urls.py
*/
function generate_signed_url_google($service_account_file, $bucket_name, $object_name, $subresource = null, $expiration=604800, $http_method='GET', $query_parameters = array(), $headers = array()){
date_default_timezone_set('UTC');
@marcofbb
marcofbb / command-varnish.sh
Last active June 13, 2024 18:22
TOP and Logs command varnish 4
# Muestro las URL que se envian al backend
varnishtop -i BereqURL
# Muestro los host de peticiones al back
varnishtop -b -I BeReqHeader:Host
# Muestro todas URL peticionadas
varnishtop -i requrl
# Mostrar peticiones metodo
@marcofbb
marcofbb / cloudflare-masive.php
Created June 5, 2022 02:05
Cloudflare delete all DNS records and set news (MASSIVE PHP)
<?php
/*
RUN:
composer install cloudflare/sdk
*/
require_once('vendor/autoload.php');
$domains = array('domain1.com','domain2.com');
$key = new \Cloudflare\API\Auth\APIKey('useremail@email.com', 'ApiKey');