Skip to content

Instantly share code, notes, and snippets.

Avatar

section-io-gists

View GitHub Profile
@section-io-gists
section-io-gists / Varnish 4.0: Add HTTP response headers to indicate cache hit or miss
Last active Aug 29, 2015
Varnish 4.0: Add HTTP response headers to indicate cache hit/miss
View Varnish 4.0: Add HTTP response headers to indicate cache hit or miss
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
} else {
set resp.http.X-Cache = "MISS";
}
}
@section-io-gists
section-io-gists / cacheStaticContent.vcl
Last active Dec 15, 2017
section.io VCL - Static Caching
View cacheStaticContent.vcl
#section.io VCL sample. Copy paste into your section.io account to implement instantly
#vcl_recv - copy this code into the section called sub vcl_recv
if (req.url ~ ".*\.(?:css|js|jpe?g|png|gif|ico|swf)(?=\?|&|$)") {
unset req.http.Cookie;
#Varnish <= 3.x calls this "return (lookup);" instead of "return (hash);"
return (hash);
}
#vcl_backend_response - copy this code into the section called sub vcl_backend_response
@section-io-gists
section-io-gists / normaliseAcceptEncoding.vcl
Created Jul 2, 2015
section.io VCL - Normalise Accept Encoding
View normaliseAcceptEncoding.vcl
#section.io VCL sample. Copy paste into your section.io account to implement instantly
#vcl_recv - copy this code into the section called sub vcl_recv
if (req.http.Accept-Encoding) {
if (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
} else if (req.http.Accept-Encoding ~ "deflate") {
set req.http.Accept-Encoding = "deflate";
} else {
unset req.http.Accept-Encoding;
@section-io-gists
section-io-gists / starterConfig.vcl
Last active Jan 27, 2016
section.io VCL - Starter Config
View starterConfig.vcl
#section.io VCL sample. Copy paste into your section.io account to implement instantly
#vcl_recv - copy this code into the section called sub vcl_recv
if (req.url ~ ".*\.(?:css|js|jpe?g|png|gif|ico|swf)(?=\?|&|$)") {
unset req.http.Cookie;
#Varnish <= 3.x calls this "return (lookup);"
return (hash);
}
#vcl_backend_response - copy this code into the section called sub vcl_backend_response
@section-io-gists
section-io-gists / performanceConfig.vcl
Last active Jan 27, 2016
section.io VCL - Performance Config
View performanceConfig.vcl
#section.io VCL sample. Copy paste into your section.io account to implement instantly
#vcl_recv - copy this code into the section called sub vcl_recv
if (req.http.Accept-Encoding) {
if (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
} else if (req.http.Accept-Encoding ~ "deflate") {
set req.http.Accept-Encoding = "deflate";
} else {
unset req.http.Accept-Encoding;
View geoIPLookup.vcl
#section.io VCL sample. Copy paste into your section.io account to implement instantly
#This code example requires you to use a Varnish version that has the GEO IP vmod installed
#Import vmod to do geoip on requests
import geoip;
#vcl_recv - copy this code into the section called sub vcl_recv
set req.http.X-Country-Code = geoip.country_code(regsub(req.http.X-Forwarded-For, ",.*",""));
View enforce_https.vcl
sub vcl_recv {
//Use req.proto instead of req.http.X-Forwarded-Proto if your varnish server isn't behind a load balancer
if ( req.http.X-Forwarded-Proto !~ "(?i)https") {
//The 750 number is arbitrary, you just need a unique number to check for in the vcl_synth sub
return (synth(750, ""));
}
}
sub vcl_synth {
if (resp.status == 750) {
@section-io-gists
section-io-gists / security_headers.vcl
Last active Apr 3, 2017
Send standard HTTPS security headers with VCL
View security_headers.vcl
sub vcl_deliver {
set resp.http.X-Frame-Options = "SAMEORIGIN";
set resp.http.X-XSS-Protection = "1; mode=block";
set resp.http.X-Content-Type-Options = "nosniff";
set resp.http.Strict-Transport-Security= "max-age=31536000; includeSubDomains";
set resp.http.Content-Security-Policy-Report-Only = "default-src 'self' ; script-src 'self' r-login.wordpress.com s0.wp.com s1.wp.com s2.wp.com stats.wp.com 0.gravatar.com platform.twitter.com; style-src 'self' s2.wp.com 0.gravatar.com fonts.googleapis.com; img-src 'self' pixel.wp.com 2.gravatar.com ; font-src 'self' data: fonts.gstatic.com; upgrade-insecure-requests; report-uri https://example.report-uri-example.io/report/example-endpoint;";
unset resp.http.Server;
}
@section-io-gists
section-io-gists / block_access.vcl
Created Aug 14, 2015
Block access to your site with VCL
View block_access.vcl
sub vcl_recv {
if (req.http.User-Agent ~ "(?i)ima-naughty-bot") {
return (synth(403, "Forbidden"));
}
}
@section-io-gists
section-io-gists / wordpressConfig.vcl
Last active Jan 13, 2020
A full Wordpress Varnish configuration to copy paste into section.io
View wordpressConfig.vcl
# Ref: https://www.varnish-software.com/blog/step-step-speed-wordpress-varnish-software
# This is an example VCL file for Varnish.
#
# It does not do anything by default, delegating control to the
# builtin VCL. The builtin VCL is called when there is no explicit
# return statement.
#
# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples.