section-io-gists

## CustomMaintenancePage.vcl
import std;

acl whitelist {
    "123.123.123.123";
    "216.3.128.12";
}

sub vcl_recv {
  # If not a whitelisted IP, then display maintenance page. Requires std library.
  if(std.ip(regsub(req.http.X-Forwarded-For, "[, ].*$", ""), client.ip) !~ whitelist) {

## Varnish 4.0: Add HTTP response headers to indicate cache hit or miss
sub vcl_deliver {
  if (obj.hits > 0) {
    set resp.http.X-Cache = "HIT";
  } else {
    set resp.http.X-Cache = "MISS";
  }
}

## varnish-anonymous-wordpress.vcl
# Please note: There is an underlying default Varnish behavior that occurs after the VCL logic
# you see below. You can see the bultin code here
# https://github.com/varnishcache/varnish-cache/blob/5.1/bin/varnishd/builtin.vcl
#
# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples.

# Marker to tell the VCL compiler that this VCL has been adapted to the
# new 4.0 format.
vcl 4.0;

## bareDomainRedirectVCL3.vcl
sub vcl_recv {
  if (req.http.host !~ "www") {
    error 850 "Moved Permanently";
  }
}

sub vcl_error {
  if(obj.status == 850) {
    set obj.http.Location = "https://www." + req.http.host + req.url;
    set obj.status = 301;

## bareDomainRedirectVCL4.vcl
sub vcl_recv {
  if (req.http.host !~ "www") {
    return (synth(850, "Moved Permanently"));
  }
}

sub vcl_synth {
  if(resp.status == 850) {
    set resp.http.Location = "https://www." + req.http.host + req.url;
    set resp.status = 301;

## pagespeed-requirement.vcl
# Note: You will want to add the snippet: `include "pagespeed-requirement.vcl";` above your `vcl_recv` in the default.vcl file.

sub vcl_recv {
    call pagespeed_capability_detection;
}

# Function derived from requirements here https://modpagespeed.com/doc/downstream-caching#ps-capabilitylist
# Additional detection logic for crawlers, tablet and mobile devices.
sub pagespeed_capability_detection {
    if (req.http.User-Agent ~ "(?i)Chrome/[3][2-9]+\.|Chrome/[4-9][0-9]+\.|Chrome/[0-9]{3,}\.") {

## ForceHTTPSVarnish4.vcl
sub vcl_recv {
  if (req.http.X-Forwarded-Proto !~ "https") {
    return (synth(850, "Moved Permanently"));
  }
}

sub vcl_synth {
  if(resp.status == 850) {
    set resp.http.Location = "https://" + req.http.host + req.url;
    set resp.status = 301;

## basicAuthVCL4.vcl
sub vcl_recv {

  if (! req.http.Authorization ~ "Basic dXNlcm5hbWU6cGFzc3dvcmQ=") {
  # This is checking for base64 encoded username:password combination
        return(synth(401, "Authentication required"));
  }
  unset req.http.Authorization;

}

## templarbit-agent.json
{
    "property-id": "<insert perperty ID>",
    "secret-key": "<insert secret key>",
    "monitor-only": true
}

## wordpressConfig.vcl
# Ref: https://www.varnish-software.com/blog/step-step-speed-wordpress-varnish-software

# This is an example VCL file for Varnish.
#
# It does not do anything by default, delegating control to the
# builtin VCL. The builtin VCL is called when there is no explicit
# return statement.
#
# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples.
	import std;

	acl whitelist {
	"123.123.123.123";
	"216.3.128.12";
	}

	sub vcl_recv {
	# If not a whitelisted IP, then display maintenance page. Requires std library.
	if(std.ip(regsub(req.http.X-Forwarded-For, "[, ].*$", ""), client.ip) !~ whitelist) {
	sub vcl_deliver {
	if (obj.hits > 0) {
	set resp.http.X-Cache = "HIT";
	} else {
	set resp.http.X-Cache = "MISS";
	}
	}
	# Please note: There is an underlying default Varnish behavior that occurs after the VCL logic
	# you see below. You can see the bultin code here
	# https://github.com/varnishcache/varnish-cache/blob/5.1/bin/varnishd/builtin.vcl
	#
	# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
	# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples.

	# Marker to tell the VCL compiler that this VCL has been adapted to the
	# new 4.0 format.
	vcl 4.0;
	sub vcl_recv {
	if (req.http.host !~ "www") {
	error 850 "Moved Permanently";
	}
	}

	sub vcl_error {
	if(obj.status == 850) {
	set obj.http.Location = "https://www." + req.http.host + req.url;
	set obj.status = 301;
	sub vcl_recv {
	if (req.http.host !~ "www") {
	return (synth(850, "Moved Permanently"));
	}
	}

	sub vcl_synth {
	if(resp.status == 850) {
	set resp.http.Location = "https://www." + req.http.host + req.url;
	set resp.status = 301;
	# Note: You will want to add the snippet: `include "pagespeed-requirement.vcl";` above your `vcl_recv` in the default.vcl file.

	sub vcl_recv {
	call pagespeed_capability_detection;
	}

	# Function derived from requirements here https://modpagespeed.com/doc/downstream-caching#ps-capabilitylist
	# Additional detection logic for crawlers, tablet and mobile devices.
	sub pagespeed_capability_detection {
	if (req.http.User-Agent ~ "(?i)Chrome/[3][2-9]+\.\|Chrome/[4-9][0-9]+\.\|Chrome/[0-9]{3,}\.") {
	sub vcl_recv {
	if (req.http.X-Forwarded-Proto !~ "https") {
	return (synth(850, "Moved Permanently"));
	}
	}

	sub vcl_synth {
	if(resp.status == 850) {
	set resp.http.Location = "https://" + req.http.host + req.url;
	set resp.status = 301;
	sub vcl_recv {

	if (! req.http.Authorization ~ "Basic dXNlcm5hbWU6cGFzc3dvcmQ=") {
	# This is checking for base64 encoded username:password combination
	return(synth(401, "Authentication required"));
	}
	unset req.http.Authorization;

	}
	{
	"property-id": "<insert perperty ID>",
	"secret-key": "<insert secret key>",
	"monitor-only": true
	}
	# Ref: https://www.varnish-software.com/blog/step-step-speed-wordpress-varnish-software

	# This is an example VCL file for Varnish.
	#
	# It does not do anything by default, delegating control to the
	# builtin VCL. The builtin VCL is called when there is no explicit
	# return statement.
	#
	# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
	# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples.