Issues restricting HTTP purges based on an ACL

Andrew Langhorn andrew.langhorn at digital.cabinet-office.gov.uk
Wed Feb 26 18:19:17 CET 2014


On 26 February 2014 16:47, Dridi Boukelmoune
<dridi.boukelmoune at zenika.com>wrote:

> On Wed, Feb 26, 2014 at 5:13 PM, Andrew Langhorn
> <andrew.langhorn at digital.cabinet-office.gov.uk> wrote:
> >
> > Hi Per,
> >
> > Yes - our CDN currently runs 2.1. I've tried Thomas' suggestion out, and
> I'm still able to purge from an IP I shouldn't be able to...
>
> I can't help you with varnish 2.1, and obviously there is no standard
> vmod before 3.0, and no custom logging (unless maybe with inline C)...
>
>
I hope that we'll be able to upgrade to Varnish 3 in the near future -
until then, I'm afraid I'm still stuck with 2.1.


> You can get the client.ip, http method, and request headers for each

request, can't you ?
>

Yes, we appear to be able to - using the client IP works fine elsewhere in
our VCL. I'll see what else our vendor's support can come up with.



-- 
Kind regards,

Andrew Langhorn
Web Operations
Government Digital Service

e: andrew.langhorn at digital.cabinet-office.gov.uk
t: +44 (0)7810 737375
a: 6th Floor, Aviation House, 125 Kingsway, London, WC2B 6NH
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20140226/7bf3c5fc/attachment.html>


More information about the varnish-misc mailing list