-
-
Save nowakpiotrek/8ddb1e2f87ee2dcc906156f7afbe7e95 to your computer and use it in GitHub Desktop.
Nopio Varnish4 Wordpress VCL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
vcl 4.0; | |
# Default backend definition. Set this to point to your content server. | |
backend default { | |
.host = "127.0.0.1"; | |
.port = "8080"; | |
.connect_timeout = 600s; | |
.first_byte_timeout = 600s; | |
.between_bytes_timeout = 600s; | |
.max_connections = 800; | |
} | |
# Only allow purging from specific IPs | |
acl purge { | |
"localhost"; | |
"127.0.0.1"; | |
} | |
# This function is used when a request is send by a HTTP client (Browser) | |
sub vcl_recv { | |
# Normalize the header, remove the port (in case you're testing this on various TCP ports) | |
set req.http.Host = regsub(req.http.Host, ":[0-9]+", ""); | |
# Remove has_js and CloudFlare/Google Analytics __* cookies. | |
set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(_[_a-z]+|has_js)=[^;]*", ""); | |
# Remove a ";" prefix, if present. | |
set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", ""); | |
# Allow purging from ACL | |
if (req.method == "PURGE") { | |
# If not allowed then a error 405 is returned | |
if (!client.ip ~ purge) { | |
return(synth(405, "This IP is not allowed to send PURGE requests.")); | |
} | |
if (req.http.X-Purge-Method) { | |
# Allow banning of URL sets using regex | |
if (req.http.X-Purge-Method ~ "(?i)regex") { | |
ban("req.url ~ " + req.url); | |
} else { | |
return (purge); | |
} | |
} else { | |
# If allowed, do a cache_lookup -> vlc_hit() or vlc_miss() | |
return (purge); | |
} | |
} | |
# Post requests will not be cached | |
if (req.http.Authorization || req.method == "POST") { | |
return (pass); | |
} | |
# --- WordPress specific configuration | |
# Do not cache the admin are, login page or preview pages | |
if (req.url ~ "wp-(login|admin)" || req.url ~ "preview=true") { | |
return (pass); | |
} | |
# Remove the "has_js" cookie | |
set req.http.Cookie = regsuball(req.http.Cookie, "has_js=[^;]+(; )?", ""); | |
# Remove any Google Analytics based cookies | |
set req.http.Cookie = regsuball(req.http.Cookie, "__utm.=[^;]+(; )?", ""); | |
# Remove the Quant Capital cookies (added by some plugin, all __qca) | |
set req.http.Cookie = regsuball(req.http.Cookie, "__qc.=[^;]+(; )?", ""); | |
# Remove the wp-settings-1 cookie | |
set req.http.Cookie = regsuball(req.http.Cookie, "wp-settings-1=[^;]+(; )?", ""); | |
# Remove the wp-settings-time-1 cookie | |
set req.http.Cookie = regsuball(req.http.Cookie, "wp-settings-time-1=[^;]+(; )?", ""); | |
# Remove the wp test cookie | |
set req.http.Cookie = regsuball(req.http.Cookie, "wordpress_test_cookie=[^;]+(; )?", ""); | |
# Are there cookies left with only spaces or that are empty? | |
if (req.http.cookie ~ "^ *$") { | |
unset req.http.cookie; | |
} | |
# Cache the following files extensions | |
if (req.url ~ "\.(css|js|png|gif|jp(e)?g|swf|ico|mp4|webm)") { | |
unset req.http.cookie; | |
} | |
# Normalize Accept-Encoding header and compression | |
# https://www.varnish-cache.org/docs/3.0/tutorial/vary.html | |
if (req.http.Accept-Encoding) { | |
# Do no compress compressed files... | |
if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") { | |
unset req.http.Accept-Encoding; | |
} elsif (req.http.Accept-Encoding ~ "gzip") { | |
set req.http.Accept-Encoding = "gzip"; | |
} elsif (req.http.Accept-Encoding ~ "deflate") { | |
set req.http.Accept-Encoding = "deflate"; | |
} else { | |
unset req.http.Accept-Encoding; | |
} | |
} | |
# Check the cookies for wordpress-specific items | |
if (req.http.Cookie ~ "wordpress_" || req.http.Cookie ~ "comment_") { | |
return (pass); | |
} | |
if (!req.http.cookie) { | |
unset req.http.cookie; | |
} | |
# --- End of WordPress specific configuration | |
# Did not cache HTTP authentication and HTTP Cookie | |
if (req.http.Authorization || req.http.Cookie) { | |
# Not cacheable by default | |
return (pass); | |
} | |
# Cache all others requests | |
return (hash); | |
} | |
sub vcl_pipe { | |
return (pipe); | |
} | |
sub vcl_pass { | |
return (fetch); | |
} | |
# The data on which the hashing will take place | |
sub vcl_hash { | |
hash_data(req.url); | |
if (req.http.host) { | |
hash_data(req.http.host); | |
} else { | |
hash_data(server.ip); | |
} | |
# If the client supports compression, keep that in a different cache | |
if (req.http.Accept-Encoding) { | |
hash_data(req.http.Accept-Encoding); | |
} | |
return (lookup); | |
} | |
# This function is used when a request is sent by our backend (Nginx server) | |
sub vcl_backend_response { | |
# Remove some headers we never want to see | |
unset beresp.http.Server; | |
unset beresp.http.X-Powered-By; | |
# For static content set Expire headers | |
if (bereq.url ~ "\.(css|js|png|gif|jp(e?)g)|swf|ico|mp4|webm|ttf|woff|woff2") { | |
set beresp.ttl = 365d; | |
set beresp.http.Expires = "" + (now + beresp.ttl); | |
set beresp.http.age = "0"; | |
unset beresp.http.cookie; | |
} | |
# Do not cache admin area or preview pages | |
if (bereq.url ~ "wp-(login|admin)" || bereq.url ~ "preview=true") { | |
set beresp.uncacheable = true; | |
set beresp.ttl = 30s; | |
return (deliver); | |
} | |
# Only allow cookies to be set if we're in admin area | |
if (!(bereq.url ~ "(wp-login|wp-admin|preview=true)")) { | |
unset beresp.http.set-cookie; | |
} | |
# Do not cache responses to POST requests or those with basic auth | |
if ( bereq.method == "POST" || bereq.http.Authorization ) { | |
set beresp.uncacheable = true; | |
set beresp.ttl = 120s; | |
return (deliver); | |
} | |
# (Optional) Do not cache search results | |
#if ( bereq.url ~ "\?s=" ){ | |
# set beresp.uncacheable = true; | |
# set beresp.ttl = 120s; | |
# return (deliver); | |
#} | |
# Cache only successful responses | |
if ( beresp.status != 200 ) { | |
set beresp.uncacheable = true; | |
set beresp.ttl = 120s; | |
return (deliver); | |
} | |
# A TTL (cache length) to 1 month. | |
set beresp.ttl = 30d; | |
# Define the default grace period to serve cached content | |
set beresp.grace = 1h; | |
return (deliver); | |
} | |
# The routine when we deliver the HTTP request to the user | |
# Last chance to modify headers that are sent to the client | |
sub vcl_deliver { | |
set resp.http.Access-Control-Allow-Origin = "*"; | |
set resp.http.Access-Control-Allow-Credentials = "true"; | |
if (req.method == "OPTIONS") { | |
set resp.http.Access-Control-Max-Age = "1728000"; | |
set resp.http.Access-Control-Allow-Methods = "GET, POST, PUT, DELETE, PATCH, OPTIONS"; | |
set resp.http.Access-Control-Allow-Headers = "Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since"; | |
set resp.http.Content-Length = "0"; | |
set resp.http.Content-Type = "text/plain charset=UTF-8"; | |
set resp.status = 204; | |
} | |
if (obj.hits > 0) { | |
set resp.http.X-Cache = "HIT"; | |
} else { | |
set resp.http.x-Cache = "MISS"; | |
} | |
# Remove some headers: PHP version | |
unset resp.http.X-Powered-By; | |
# Remove some headers: Apache version & OS | |
unset resp.http.Server; | |
# Remove some heanders: Varnish | |
unset resp.http.Via; | |
unset resp.http.X-Varnish; | |
return (deliver); | |
} | |
sub vcl_init { | |
return (ok); | |
} | |
sub vcl_fini { | |
return (ok); | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment