XenForo default.vcl settings
Ayberk Kimsesiz
ayberk.kimsesiz at gmail.com
Fri Aug 5 21:01:07 CEST 2016
This issue really wore me out :)
What i want is the ability to login XenForo while Varnish continuing to
work, so no MISS. Solutions here prevent Varnish from working. In fact, a
very simple matter so again i want your help. To ensure Wordpress leaves
cookie control to XenForo will be sufficient.
*XenForo's login and register links:*
/forum/login.php
/forum/register.php
*XenForo's cookie control:*
xf_session
*Wordpress login and register links:*
wp-admin
wp-login
*Wordpress' cookie control:*
wordpress_logged_in
*1- if ( req.http.cookie ~ "wordpress_logged_in" ) {*
* return( pass );*
* }*
*2- if (!(req.url ~ "wp-(login|admin)") *
* && !(req.url ~ "&preview=true" ) *
* ){*
* unset req.http.cookie;*
* }*
*3- sub vcl_backend_response {*
* if (!(bereq.url ~ "wp-(login|admin)") && !bereq.http.cookie ~
"wordpress_logged_in" ) {*
* unset beresp.http.set-cookie;*
* set beresp.ttl = 52w;*
* }*
2016-08-05 15:36 GMT+03:00 Lane, Richard <rlane at ahbelo.com>:
> Can you send more of the log that shows a full /request response of a MISS?
>
> This line right here is going to cause most request to be a MISS because
> it is only checking the existence of Cookie and not a specific cookie.
>
> # IF BASIC AUTH IS ON THEN DO NOT CACHE
> # ##########################################################
> if (req.http.Authorization || req.http.Cookie) {
> return (pass);
> }
>
> On Fri, Aug 5, 2016 at 2:44 AM, Ayberk Kimsesiz <ayberk.kimsesiz at gmail.com
> > wrote:
>
>> Hi again,
>>
>> I deleted all the Wordpress records and only added the following to
>> xenForo. People can now login to forum but Varnish shows MISS once again.
>> What kind of setting should i use?
>>
>> /* SET THE HOST AND PORT OF WORDPRESS
>> * *********************************************************/
>> vcl 4.0;
>> import std;
>>
>> backend default {
>> .host = "*****''
>> .port = "8080";
>> .connect_timeout = 600s;
>> .first_byte_timeout = 600s;
>> .between_bytes_timeout = 600s;
>> .max_connections = 800;
>> }
>>
>> # SET THE ALLOWED IP OF PURGE REQUESTS
>> # ##########################################################
>> acl purge {
>> "localhost";
>> "127.0.0.1";
>> }
>>
>> #THE RECV FUNCTION
>> # ##########################################################
>> sub vcl_recv {
>>
>> # set realIP by trimming CloudFlare IP which will be used for various
>> checks
>> set req.http.X-Actual-IP = regsub(req.http.X-Forwarded-For, "[, ].*$",
>> "");
>>
>> # FORWARD THE IP OF THE REQUEST
>> if (req.restarts == 0) {
>> if (req.http.x-forwarded-for) {
>> set req.http.X-Forwarded-For =
>> req.http.X-Forwarded-For + ", " + client.ip;
>> } else {
>> set req.http.X-Forwarded-For = client.ip;
>> }
>> }
>>
>> # Purge request check sections for hash_always_miss, purge and ban
>> # BLOCK IF NOT IP is not in purge acl
>> # ##########################################################
>>
>> # Enable smart refreshing using hash_always_miss
>> if (req.http.Cache-Control ~ "no-cache") {
>> if (client.ip ~ purge || !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~
>> purge) {
>> set req.hash_always_miss = true;
>> }
>> }
>>
>> if (req.method == "PURGE") {
>> if (!client.ip ~ purge || !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~
>> purge) {
>> return(synth(405,"Not allowed."));
>> }
>> return (purge);
>>
>> }
>> if (req.method == "BAN") {
>> # Same ACL check as above:
>> if (!client.ip ~ purge || !std.ip(req.http.X-Actual-IP,
>> "1.2.3.4") ~ purge) {
>> return(synth(403, "Not allowed."));
>> }
>> ban("req.http.host == " + req.http.host +
>> " && req.url == " + req.url);
>>
>> # Throw a synthetic page so the
>> # request won't go to the backend.
>> return(synth(200, "Ban added"));
>> }
>>
>> # Unset cloudflare cookies
>> # Remove has_js and CloudFlare/Google Analytics __* cookies.
>> set req.http.Cookie = regsuball(req.http.Cookie,
>> "(^|;\s*)(_[_a-z]+|has_js)=[^;]*", "");
>> # Remove a ";" prefix, if present.
>> set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", "");
>>
>> # For Testing: If you want to test with Varnish passing (not caching)
>> uncomment
>> # return( pass );
>>
>> # FORWARD THE IP OF THE REQUEST
>> if (req.restarts == 0) {
>> if (req.http.x-forwarded-for) {
>> set req.http.X-Forwarded-For =
>> req.http.X-Forwarded-For + ", " + client.ip;
>> } else {
>> set req.http.X-Forwarded-For = client.ip;
>> }
>> }
>>
>> # DO NOT CACHE RSS FEED
>> if (req.url ~ "/feed(/)?") {
>> return ( pass );
>> }
>>
>> ## Do not cache search results, comment these 3 lines if you do want to
>> cache them
>>
>> if (req.url ~ "/\?s\=") {
>> return ( pass );
>> }
>>
>> # CLEAN UP THE ENCODING HEADER.
>> # SET TO GZIP, DEFLATE, OR REMOVE ENTIRELY. WITH VARY ACCEPT-ENCODING
>> # VARNISH WILL CREATE SEPARATE CACHES FOR EACH
>> # DO NOT ACCEPT-ENCODING IMAGES, ZIPPED FILES, AUDIO, ETC.
>> # ##########################################################
>> if (req.http.Accept-Encoding) {
>> if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {
>> # No point in compressing these
>> unset req.http.Accept-Encoding;
>> } elsif (req.http.Accept-Encoding ~ "gzip") {
>> set req.http.Accept-Encoding = "gzip";
>> } elsif (req.http.Accept-Encoding ~ "deflate") {
>> set req.http.Accept-Encoding = "deflate";
>> } else {
>> # unknown algorithm
>> unset req.http.Accept-Encoding;
>> }
>> }
>>
>> # PIPE ALL NON-STANDARD REQUESTS
>> # ##########################################################
>> if (req.method != "GET" &&
>> req.method != "HEAD" &&
>> req.method != "PUT" &&
>> req.method != "POST" &&
>> req.method != "TRACE" &&
>> req.method != "OPTIONS" &&
>> req.method != "DELETE") {
>> return (pipe);
>> }
>>
>> # ONLY CACHE GET AND HEAD REQUESTS
>> # ##########################################################
>> if (req.method != "GET" && req.method != "HEAD") {
>> return (pass);
>> }
>>
>> # OPTIONAL: DO NOT CACHE LOGGED IN USERS (THIS OCCURS IN FETCH TOO,
>> EITHER
>> # COMMENT OR UNCOMMENT BOTH
>> # ##########################################################
>>
>>
>> # IF THE REQUEST IS NOT FOR A PREVIEW, WP-ADMIN OR WP-LOGIN
>> # THEN UNSET THE COOKIES
>> # ##########################################################
>>
>>
>> # IF BASIC AUTH IS ON THEN DO NOT CACHE
>> # ##########################################################
>> if (req.http.Authorization || req.http.Cookie) {
>> return (pass);
>> }
>>
>> # IF YOU GET HERE THEN THIS REQUEST SHOULD BE CACHED
>> # ##########################################################
>> return (hash);
>> # This is for phpmyadmin
>> if (req.http.Host == "ki1.org") {
>> return (pass);
>> }
>>
>> if (req.http.Host == "mysql.ki1.org") {
>> return (pass);
>> }
>>
>> }
>>
>> # HIT FUNCTION
>> # ##########################################################
>> sub vcl_hit {
>> # IF THIS IS A PURGE REQUEST THEN DO THE PURGE
>> # ##########################################################
>> if (req.method == "PURGE") {
>> #
>> # This is now handled in vcl_recv.
>> #
>> # purge;
>> return (synth(200, "Purged."));
>> }
>> return (deliver);
>> }
>>
>> # MISS FUNCTION
>> # ##########################################################
>> sub vcl_miss {
>> if (req.method == "PURGE") {
>> #
>> # This is now handled in vcl_recv.
>> #
>> # purge;
>> return (synth(200, "Purged."));
>> }
>> return (fetch);
>> }
>>
>> # FETCH FUNCTION
>> # ##########################################################
>> sub vcl_backend_response {
>> if (beresp.http.Set-Cookie ~ "xf_(session|user)") {
>> set beresp.uncacheable = true;
>> set beresp.ttl = 1w;
>> return (deliver);
>> }
>>
>> # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC
>> # TENDANCY TO SET VARY USER-AGENT. YOU MAY OR MAY NOT WANT
>> # TO DO THIS
>> # ##########################################################
>> set beresp.http.Vary = "Accept-Encoding";
>>
>> # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF
>> # TIME THIS PAGE WILL STAY CACHED (TTL)
>> # ##########################################################
>>
>>
>> if (beresp.ttl <= 0s ||
>> beresp.http.Set-Cookie ||
>> beresp.http.Vary == "*") {
>> set beresp.ttl = 120 s;
>> # set beresp.ttl = 120s;
>> set beresp.uncacheable = true;
>> return (deliver);
>> }
>>
>> return (deliver);
>> }
>>
>> # DELIVER FUNCTION
>> # ##########################################################
>> sub vcl_deliver {
>> # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT' TEXT
>> # IN THE HEADER (GREAT FOR DEBUGGING)
>> # ##########################################################
>> if (obj.hits > 0) {
>> set resp.http.X-Cache = "HIT";
>> # IF THIS IS A MISS RETURN THAT IN THE HEADER
>> # ##########################################################
>> } else {
>> set resp.http.X-Cache = "MISS";
>> }
>> }
>>
>>
>> *Wordpress: *
>>
>> Accept-Ranges bytes
>> Age 0
>> Cache-Control max-age=3600, public
>> Connection keep-alive
>> Content-Encoding gzip
>> Content-Type text/html
>> Date Fri, 05 Aug 2016 07:34:11 GMT
>> Etag 9090a91bf774ce89d892f8dd7fedd527
>> Expires Fri, 05 Aug 2016 08:34:11 GMT
>> Last-Modified Thu, 01 Jan 1970 00:00:00 GMT
>> Pragma public
>> Server Apache/2
>> Transfer-Encoding chunked
>> Vary Accept-Encoding
>> Via 1.1 varnish-v4
>> X-Cache MISS
>> X-Powered-By W3 Total Cache/0.9.4.1
>> X-Varnish 3048080
>>
>> *xenForo*
>>
>> Accept-Ranges bytes
>> Age 0
>> Cache-control private, max-age=0
>> Connection keep-alive
>> Content-Encoding gzip
>> Content-Length 11721
>> Content-Type text/html; charset=UTF-8
>> Date Fri, 05 Aug 2016 07:35:03 GMT
>> Expires Thu, 19 Nov 1981 08:52:00 GMT
>> Last-Modified Fri, 05 Aug 2016 07:35:03 GMT
>> Server Apache/2
>> Vary Accept-Encoding
>> Via 1.1 varnish-v4
>> X-Cache MISS
>> X-Frame-Options SAMEORIGIN
>> X-Powered-By PHP/5.5.34
>> X-Varnish 3277302
>>
>>
>>
>>
>>
>>
>>
>> 2016-08-04 23:54 GMT+03:00 Ayberk Kimsesiz <ayberk.kimsesiz at gmail.com>:
>>
>>> I added the code but it FAILED. In fact, i want to make people to be
>>> able to login and register to /forum.
>>> When i use these codes that works but MISS appears at the same time.
>>>
>>> # FETCH FUNCTION
>>> # ##########################################################
>>> sub vcl_backend_response {
>>>
>>> # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC
>>> # TENDANCY TO SET VARY USER-AGENT. YOU MAY OR MAY NOT WANT
>>> # TO DO THIS
>>> # ##########################################################
>>> set beresp.http.Vary = "Accept-Encoding";
>>>
>>> # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF
>>> # TIME THIS PAGE WILL STAY CACHED (TTL)
>>> # ##########################################################
>>> *if (beresp.http.Set-Cookie ~ "xf_(session|user)") *
>>> *{ set beresp.uncacheable = true;*
>>> * set beresp.ttl = 1w;*
>>> * return (deliver);*
>>> * }*
>>>
>>> if (beresp.ttl <= 0s ||
>>> beresp.http.Set-Cookie ||
>>> beresp.http.Vary == "*") {
>>> set beresp.ttl = 120 s;
>>> # set beresp.ttl = 120s;
>>> set beresp.uncacheable = true;
>>> return (deliver);
>>> }
>>>
>>> return (deliver);
>>> }
>>>
>>> # DELIVER FUNCTION
>>> # ##########################################################
>>> sub vcl_deliver {
>>> # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT' TEXT
>>> # IN THE HEADER (GREAT FOR DEBUGGING)
>>> # ##########################################################
>>> if (obj.hits > 0) {
>>> set resp.http.X-Cache = "HIT";
>>> # IF THIS IS A MISS RETURN THAT IN THE HEADER
>>> # ##########################################################
>>> } else {
>>> set resp.http.X-Cache = "MISS";
>>> }
>>> }
>>>
>>> 2016-08-04 22:50 GMT+03:00 Lane, Richard <rlane at ahbelo.com>:
>>>
>>>> This was what I was talking about when I said you may need additional
>>>> logic to handle both.
>>>>
>>>> You will need to add the cookie check along with the path for forum to
>>>> that pass block. So something like...
>>>>
>>>> if( req.http.Cookie ~ "xf_(session|user)" && req.url ~ '^/forum.*') {
>>>> return (pass);
>>>> }
>>>>
>>>> On Thu, Aug 4, 2016 at 2:44 PM, Ayberk Kimsesiz <
>>>> ayberk.kimsesiz at gmail.com> wrote:
>>>>
>>>>> Yes, i want /forum to be MISS, there is no problem. However, Wordpress
>>>>> (homepage) shows MISS too.
>>>>>
>>>>> 2016-08-04 22:34 GMT+03:00 Lane, Richard <rlane at ahbelo.com>:
>>>>>
>>>>>> If you PASS then your request will not be cached. Varnish marks these
>>>>>> non-cached items as a MISS since they go to the backend each time and
>>>>>> therefore a miss and not a hit on cache.
>>>>>>
>>>>>> What were you expecting? Is this still requests with the forum
>>>>>> cookies?
>>>>>>
>>>>>> If you want to cache request from logged in users you will need to
>>>>>> add the specific user cookies to the hash so each user served their cached
>>>>>> copy.
>>>>>>
>>>>>> On Thu, Aug 4, 2016 at 2:16 PM, Ayberk Kimsesiz <
>>>>>> ayberk.kimsesiz at gmail.com> wrote:
>>>>>>
>>>>>>> If i use the given settings MISS appears in the Header.
>>>>>>>
>>>>>>> Accept-Ranges bytes
>>>>>>> Age 0
>>>>>>> Cache-control private, max-age=0
>>>>>>> Content-Encoding gzip
>>>>>>> Content-Length 10075
>>>>>>> Content-Type text/html; charset=UTF-8
>>>>>>> Date Thu, 04 Aug 2016 18:30:52 GMT
>>>>>>> Expires Thu, 19 Nov 1981 08:52:00 GMT
>>>>>>> Last-Modified Thu, 04 Aug 2016 18:30:52 GMT
>>>>>>> Server Apache/2
>>>>>>> Vary Accept-Encoding
>>>>>>> Via 1.1 varnish-v4
>>>>>>> X-Cache MISS
>>>>>>>
>>>>>>> What do you suggest me to do?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> 2016-08-04 19:07 GMT+03:00 Ayberk Kimsesiz <
>>>>>>> ayberk.kimsesiz at gmail.com>:
>>>>>>>
>>>>>>>> Finally!
>>>>>>>> Login function is now working with the following settings but
>>>>>>>> X-Cache shows MISS instead of HIT.
>>>>>>>>
>>>>>>>> #THE RECV FUNCTION
>>>>>>>> # ##########################################################
>>>>>>>> sub vcl_recv {
>>>>>>>> if( req.http.Cookie ~ "xf_(session|user)") {
>>>>>>>> return (pass);
>>>>>>>> }
>>>>>>>>
>>>>>>>> # FETCH FUNCTION
>>>>>>>> # ##########################################################
>>>>>>>> sub vcl_backend_response {
>>>>>>>>
>>>>>>>> # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC
>>>>>>>> # TENDANCY TO SET VARY USER-AGENT. YOU MAY OR MAY NOT WANT
>>>>>>>> # TO DO THIS
>>>>>>>> # ##########################################################
>>>>>>>> set beresp.http.Vary = "Accept-Encoding";
>>>>>>>>
>>>>>>>> # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF
>>>>>>>> # TIME THIS PAGE WILL STAY CACHED (TTL)
>>>>>>>> # ##########################################################
>>>>>>>> if (beresp.http.Set-Cookie ~ "xf_(session|user)")
>>>>>>>> { set beresp.uncacheable = true;
>>>>>>>> set beresp.ttl = 1w;
>>>>>>>> return (deliver);
>>>>>>>> }
>>>>>>>>
>>>>>>>> if (beresp.ttl <= 0s ||
>>>>>>>> beresp.http.Set-Cookie ||
>>>>>>>> beresp.http.Vary == "*") {
>>>>>>>> set beresp.ttl = 120 s;
>>>>>>>> # set beresp.ttl = 120s;
>>>>>>>> set beresp.uncacheable = true;
>>>>>>>> return (deliver);
>>>>>>>> }
>>>>>>>>
>>>>>>>> return (deliver);
>>>>>>>> }
>>>>>>>>
>>>>>>>> # DELIVER FUNCTION
>>>>>>>> # ##########################################################
>>>>>>>> sub vcl_deliver {
>>>>>>>> # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT' TEXT
>>>>>>>> # IN THE HEADER (GREAT FOR DEBUGGING)
>>>>>>>> # ##########################################################
>>>>>>>> if (obj.hits > 0) {
>>>>>>>> set resp.http.X-Cache = "HIT";
>>>>>>>> # IF THIS IS A MISS RETURN THAT IN THE HEADER
>>>>>>>> # ##########################################################
>>>>>>>> } else {
>>>>>>>> set resp.http.X-Cache = "MISS";
>>>>>>>> }
>>>>>>>> }
>>>>>>>>
>>>>>>>> 2016-08-04 18:47 GMT+03:00 Ayberk Kimsesiz <
>>>>>>>> ayberk.kimsesiz at gmail.com>:
>>>>>>>>
>>>>>>>>> Finally!
>>>>>>>>> Login function is now working with the following settings but
>>>>>>>>> X-Cache shows MISS instead of HIT.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> *#THE RECV FUNCTION*
>>>>>>>>> *# ##########################################################*
>>>>>>>>> *sub vcl_recv { *
>>>>>>>>> * if( req.http.Cookie ~ "xf_(session|user)") {*
>>>>>>>>> * return (pass);*
>>>>>>>>> * }*
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> *# FETCH FUNCTION*
>>>>>>>>> *# ##########################################################*
>>>>>>>>> *sub vcl_backend_response { *
>>>>>>>>>
>>>>>>>>> * # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC *
>>>>>>>>> * # TENDANCY TO SET VARY USER-AGENT. YOU MAY OR MAY NOT WANT*
>>>>>>>>> * # TO DO THIS*
>>>>>>>>> * # ##########################################################*
>>>>>>>>> * set beresp.http.Vary = "Accept-Encoding";*
>>>>>>>>>
>>>>>>>>> * # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF *
>>>>>>>>> * # TIME THIS PAGE WILL STAY CACHED (TTL)*
>>>>>>>>> * # ##########################################################*
>>>>>>>>> *if (beresp.http.Set-Cookie ~ "xf_(session|user)") *
>>>>>>>>> *{ set beresp.uncacheable = true;*
>>>>>>>>> * set beresp.ttl = 1w;*
>>>>>>>>> * return (deliver);*
>>>>>>>>> * }*
>>>>>>>>>
>>>>>>>>> * if (beresp.ttl <= 0s ||*
>>>>>>>>> * beresp.http.Set-Cookie ||*
>>>>>>>>> * beresp.http.Vary == "*") {*
>>>>>>>>> * set beresp.ttl = 120 s;*
>>>>>>>>> * # set beresp.ttl = 120s;*
>>>>>>>>> * set beresp.uncacheable = true;*
>>>>>>>>> * return (deliver);*
>>>>>>>>> * }*
>>>>>>>>>
>>>>>>>>> * return (deliver);*
>>>>>>>>> *}*
>>>>>>>>>
>>>>>>>>> *# DELIVER FUNCTION*
>>>>>>>>> *# ##########################################################*
>>>>>>>>> *sub vcl_deliver {*
>>>>>>>>> * # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT' TEXT *
>>>>>>>>> * # IN THE HEADER (GREAT FOR DEBUGGING)*
>>>>>>>>> * # ##########################################################*
>>>>>>>>> * if (obj.hits > 0) {*
>>>>>>>>> * set resp.http.X-Cache = "HIT";*
>>>>>>>>> * # IF THIS IS A MISS RETURN THAT IN THE HEADER*
>>>>>>>>> * # ##########################################################*
>>>>>>>>> * } else {*
>>>>>>>>> * set resp.http.X-Cache = "MISS";*
>>>>>>>>> * }*
>>>>>>>>> *}*
>>>>>>>>>
>>>>>>>>> 2016-08-04 18:02 GMT+03:00 Lane, Richard <rlane at ahbelo.com>:
>>>>>>>>>
>>>>>>>>>> I agree that the order of execution may be getting you here. If
>>>>>>>>>> you need the WordPress rules then you may need to put additional logic to
>>>>>>>>>> ensure non-wordpress applications are not negatively affected.
>>>>>>>>>>
>>>>>>>>>> What happens if you change the order of these two blocks? Put
>>>>>>>>>> your Set-Cookie check block before the wp-login check.
>>>>>>>>>>
>>>>>>>>>> > # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF
>>>>>>>>>> > # TIME THIS PAGE WILL STAY CACHED (TTL)
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> > if (!(bereq.url ~ "wp-(login|admin)") && !bereq.http.cookie ~
>>>>>>>>>> "wordpress_logged_in" ) {
>>>>>>>>>> > unset beresp.http.set-cookie;
>>>>>>>>>> > set beresp.ttl = 52w;
>>>>>>>>>> > # set beresp.grace =1w;
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > if (beresp.http.Set-Cookie ~ "xf_(session|user)") {
>>>>>>>>>> > set beresp.uncacheable = true;
>>>>>>>>>> > set beresp.ttl = 1w;
>>>>>>>>>> > return (deliver);
>>>>>>>>>> > }
>>>>>>>>>>
>>>>>>>>>> On Thu, Aug 4, 2016 at 9:50 AM, Andrei <lagged at gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>>> The log output suggests the xf_ cookie check in vcl_recv is not
>>>>>>>>>>> the first thing to run as you pasted earlier. Also, looking a bit closer,
>>>>>>>>>>> your issue the fact that you unset the cookie in vcl_backend_response if
>>>>>>>>>>> it's not wordpress related. Again, you should really audit your entire VCL,
>>>>>>>>>>> and remove unneeded stuff, like all the WordPress related rules if you're
>>>>>>>>>>> not using it.
>>>>>>>>>>>
>>>>>>>>>>> On Thu, Aug 4, 2016 at 9:43 AM, Ayberk Kimsesiz <
>>>>>>>>>>> ayberk.kimsesiz at gmail.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Log message:
>>>>>>>>>>>>
>>>>>>>>>>>> [root at ns1 ~]# varnishlog | grep -A15 -B15 "PPPAASS"
>>>>>>>>>>>> - ReqHeader If-None-Match: "1787d-5392dab8f2b4e-gzip"
>>>>>>>>>>>> - ReqHeader If-Modified-Since: Wed, 03 Aug 2016 16:53:18
>>>>>>>>>>>> GMT
>>>>>>>>>>>> - ReqHeader X-Forwarded-For: 95.5.187.232
>>>>>>>>>>>> - VCL_call RECV
>>>>>>>>>>>> - ReqHeader X-Actual-IP: 95.5.187.232
>>>>>>>>>>>> - ReqUnset X-Forwarded-For: 95.5.187.232
>>>>>>>>>>>> - ReqHeader X-Forwarded-For: 95.5.187.232, 95.5.187.232
>>>>>>>>>>>> - ReqUnset Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>>>>> pps_show_100=Th
>>>>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>>>>> pps_times_showed_100=1;
>>>>>>>>>>>> __gads=ID=83a3a88cd0381f62:T=1470300206:S=ALNI_MawbfRUla
>>>>>>>>>>>> wFoW2XT0IpqCIsH5v7bQ; xf_session=
>>>>>>>>>>>> - ReqHeader Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>>>>> pps_show_100=Th
>>>>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>>>>> pps_times_showed_100=1;
>>>>>>>>>>>> xf_session=87bea6639553d44d72f0d612924b52ac; wordpress_t
>>>>>>>>>>>> est_cookie=WP+Cookie+check
>>>>>>>>>>>> - ReqUnset Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>>>>> pps_show_100=Th
>>>>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>>>>> pps_times_showed_100=1;
>>>>>>>>>>>> xf_session=87bea6639553d44d72f0d612924b52ac; wordpress_t
>>>>>>>>>>>> est_cookie=WP+Cookie+check
>>>>>>>>>>>> - ReqHeader Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>>>>> pps_show_100=Th
>>>>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>>>>> pps_times_showed_100=1;
>>>>>>>>>>>> xf_session=87bea6639553d44d72f0d612924b52ac; wordpress_t
>>>>>>>>>>>> est_cookie=WP+Cookie+check
>>>>>>>>>>>> - ReqUnset X-Forwarded-For: 95.5.187.232, 95.5.187.232
>>>>>>>>>>>> - ReqHeader X-Forwarded-For: 95.5.187.232, 95.5.187.232,
>>>>>>>>>>>> 95.5.187.232
>>>>>>>>>>>> - ReqUnset Accept-Encoding: gzip, deflate, sdch
>>>>>>>>>>>> - ReqHeader Accept-Encoding: gzip
>>>>>>>>>>>> - VCL_Log PPPAASS
>>>>>>>>>>>> - VCL_return pass
>>>>>>>>>>>> - VCL_call HASH
>>>>>>>>>>>> - VCL_return lookup
>>>>>>>>>>>> - VCL_call PASS
>>>>>>>>>>>> - VCL_return fetch
>>>>>>>>>>>> - Link bereq 524435 pass
>>>>>>>>>>>> - Timestamp Fetch: 1470321283.617655 0.005758 0.005758
>>>>>>>>>>>> - RespProtocol HTTP/1.1
>>>>>>>>>>>> - RespStatus 200
>>>>>>>>>>>> - RespReason OK
>>>>>>>>>>>> - RespHeader Date: Thu, 04 Aug 2016 14:34:43 GMT
>>>>>>>>>>>> - RespHeader Server: Apache/2
>>>>>>>>>>>> - RespHeader Last-Modified: Wed, 03 Aug 2016 16:53:18 GMT
>>>>>>>>>>>> - RespHeader ETag: "1787d-5392dab8f2b4e-gzip"
>>>>>>>>>>>> - RespHeader Accept-Ranges: bytes
>>>>>>>>>>>> --
>>>>>>>>>>>> - ReqHeader If-Modified-Since: Thu, 04 Aug 2016 09:32:51
>>>>>>>>>>>> GMT
>>>>>>>>>>>> - ReqHeader X-Forwarded-For: 95.5.187.232
>>>>>>>>>>>> - VCL_call RECV
>>>>>>>>>>>> - ReqHeader X-Actual-IP: 95.5.187.232
>>>>>>>>>>>> - ReqUnset X-Forwarded-For: 95.5.187.232
>>>>>>>>>>>> - ReqHeader X-Forwarded-For: 95.5.187.232, 95.5.187.232
>>>>>>>>>>>> - ReqUnset Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>>>>> pps_show_100=Th
>>>>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>>>>> pps_times_showed_100=1;
>>>>>>>>>>>> __gads=ID=83a3a88cd0381f62:T=1470300206:S=ALNI_MawbfRUla
>>>>>>>>>>>> wFoW2XT0IpqCIsH5v7bQ; xf_session=
>>>>>>>>>>>> - ReqHeader Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>>>>> pps_show_100=Th
>>>>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>>>>> pps_times_showed_100=1;
>>>>>>>>>>>> xf_session=87bea6639553d44d72f0d612924b52ac; wordpress_t
>>>>>>>>>>>> est_cookie=WP+Cookie+check
>>>>>>>>>>>> - ReqUnset Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>>>>> pps_show_100=Th
>>>>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>>>>> pps_times_showed_100=1;
>>>>>>>>>>>> xf_session=87bea6639553d44d72f0d612924b52ac; wordpress_t
>>>>>>>>>>>> est_cookie=WP+Cookie+check
>>>>>>>>>>>> - ReqHeader Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>>>>> pps_show_100=Th
>>>>>>>>>>>>
>>>>>>>>>>>> 2016-08-04 17:24 GMT+03:00 Lane, Richard <rlane at ahbelo.com>:
>>>>>>>>>>>>
>>>>>>>>>>>>> I assume you reloaded/restarted Varnish after these changes
>>>>>>>>>>>>> were made. If so, can you verify that you do have the cookies set on the
>>>>>>>>>>>>> request?
>>>>>>>>>>>>>
>>>>>>>>>>>>> maybe add this log message right before returning
>>>>>>>>>>>>>
>>>>>>>>>>>>> if(req.http.Cookie ~ "xf_(session|user)") {
>>>>>>>>>>>>> std.log( "PPPAASS Cookie set for forum");
>>>>>>>>>>>>> return (pass);
>>>>>>>>>>>>>
>>>>>>>>>>>>> }
>>>>>>>>>>>>>
>>>>>>>>>>>>> Then you can use varnishlog command (below) to verify cookie
>>>>>>>>>>>>> is found
>>>>>>>>>>>>>
>>>>>>>>>>>>> varnishlog | grep -A15 -B15 "PPPAASS"
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> Cheers,
>>>>>>>>>>>>> Richard
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Thu, Aug 4, 2016 at 9:06 AM, Ayberk Kimsesiz <
>>>>>>>>>>>>> ayberk.kimsesiz at gmail.com> wrote:
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > First of all, thank you. However the problem continues. Can
>>>>>>>>>>>>> you examine the codes?
>>>>>>>>>>>>> >
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > /* SET THE HOST AND PORT OF WORDPRESS
>>>>>>>>>>>>> > * ******************************
>>>>>>>>>>>>> ***************************/
>>>>>>>>>>>>> > vcl 4.0;
>>>>>>>>>>>>> > import std;
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > backend default {
>>>>>>>>>>>>> > .host = "*******";
>>>>>>>>>>>>> > .port = "8080";
>>>>>>>>>>>>> > .connect_timeout = 600s;
>>>>>>>>>>>>> > .first_byte_timeout = 600s;
>>>>>>>>>>>>> > .between_bytes_timeout = 600s;
>>>>>>>>>>>>> > .max_connections = 800;
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # SET THE ALLOWED IP OF PURGE REQUESTS
>>>>>>>>>>>>> > # ##########################################################
>>>>>>>>>>>>> > acl purge {
>>>>>>>>>>>>> > "localhost";
>>>>>>>>>>>>> > "127.0.0.1";
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > #THE RECV FUNCTION
>>>>>>>>>>>>> > # ##########################################################
>>>>>>>>>>>>> > sub vcl_recv {
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > if(req.http.Cookie ~ "xf_(session|user)") {
>>>>>>>>>>>>> > return (pass);
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # set realIP by trimming CloudFlare IP which will be used
>>>>>>>>>>>>> for various checks
>>>>>>>>>>>>> > set req.http.X-Actual-IP = regsub(req.http.X-Forwarded-For,
>>>>>>>>>>>>> "[, ].*$", "");
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # FORWARD THE IP OF THE REQUEST
>>>>>>>>>>>>> > if (req.restarts == 0) {
>>>>>>>>>>>>> > if (req.http.x-forwarded-for) {
>>>>>>>>>>>>> > set req.http.X-Forwarded-For =
>>>>>>>>>>>>> > req.http.X-Forwarded-For + ", " + client.ip;
>>>>>>>>>>>>> > } else {
>>>>>>>>>>>>> > set req.http.X-Forwarded-For = client.ip;
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # Purge request check sections for hash_always_miss, purge
>>>>>>>>>>>>> and ban
>>>>>>>>>>>>> > # BLOCK IF NOT IP is not in purge acl
>>>>>>>>>>>>> > # ##############################
>>>>>>>>>>>>> ############################
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # Enable smart refreshing using hash_always_miss
>>>>>>>>>>>>> > if (req.http.Cache-Control ~ "no-cache") {
>>>>>>>>>>>>> > if (client.ip ~ purge || !std.ip(req.http.X-Actual-IP,
>>>>>>>>>>>>> "1.2.3.4") ~ purge) {
>>>>>>>>>>>>> > set req.hash_always_miss = true;
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > if (req.method == "PURGE") {
>>>>>>>>>>>>> > if (!client.ip ~ purge || !std.ip(req.http.X-Actual-IP,
>>>>>>>>>>>>> "1.2.3.4") ~ purge) {
>>>>>>>>>>>>> > return(synth(405,"Not allowed."));
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> > return (purge);
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> > if (req.method == "BAN") {
>>>>>>>>>>>>> > # Same ACL check as above:
>>>>>>>>>>>>> > if (!client.ip ~ purge ||
>>>>>>>>>>>>> !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~ purge) {
>>>>>>>>>>>>> > return(synth(403, "Not allowed."));
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> > ban("req.http.host == " + req.http.host +
>>>>>>>>>>>>> > " && req.url == " + req.url);
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # Throw a synthetic page so the
>>>>>>>>>>>>> > # request won't go to the backend.
>>>>>>>>>>>>> > return(synth(200, "Ban added"));
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # Unset cloudflare cookies
>>>>>>>>>>>>> > # Remove has_js and CloudFlare/Google Analytics __* cookies.
>>>>>>>>>>>>> > set req.http.Cookie = regsuball(req.http.Cookie,
>>>>>>>>>>>>> "(^|;\s*)(_[_a-z]+|has_js)=[^;]*", "");
>>>>>>>>>>>>> > # Remove a ";" prefix, if present.
>>>>>>>>>>>>> > set req.http.Cookie = regsub(req.http.Cookie, "^;\s*",
>>>>>>>>>>>>> "");
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # For Testing: If you want to test with Varnish passing
>>>>>>>>>>>>> (not caching) uncomment
>>>>>>>>>>>>> > # return( pass );
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # FORWARD THE IP OF THE REQUEST
>>>>>>>>>>>>> > if (req.restarts == 0) {
>>>>>>>>>>>>> > if (req.http.x-forwarded-for) {
>>>>>>>>>>>>> > set req.http.X-Forwarded-For =
>>>>>>>>>>>>> > req.http.X-Forwarded-For + ", " + client.ip;
>>>>>>>>>>>>> > } else {
>>>>>>>>>>>>> > set req.http.X-Forwarded-For = client.ip;
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # DO NOT CACHE RSS FEED
>>>>>>>>>>>>> > if (req.url ~ "/feed(/)?") {
>>>>>>>>>>>>> > return ( pass );
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > ## Do not cache search results, comment these 3 lines if you
>>>>>>>>>>>>> do want to cache them
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > if (req.url ~ "/\?s\=") {
>>>>>>>>>>>>> > return ( pass );
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # CLEAN UP THE ENCODING HEADER.
>>>>>>>>>>>>> > # SET TO GZIP, DEFLATE, OR REMOVE ENTIRELY. WITH VARY
>>>>>>>>>>>>> ACCEPT-ENCODING
>>>>>>>>>>>>> > # VARNISH WILL CREATE SEPARATE CACHES FOR EACH
>>>>>>>>>>>>> > # DO NOT ACCEPT-ENCODING IMAGES, ZIPPED FILES, AUDIO, ETC.
>>>>>>>>>>>>> > # ##############################
>>>>>>>>>>>>> ############################
>>>>>>>>>>>>> > if (req.http.Accept-Encoding) {
>>>>>>>>>>>>> > if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$")
>>>>>>>>>>>>> {
>>>>>>>>>>>>> > # No point in compressing these
>>>>>>>>>>>>> > unset req.http.Accept-Encoding;
>>>>>>>>>>>>> > } elsif (req.http.Accept-Encoding ~ "gzip") {
>>>>>>>>>>>>> > set req.http.Accept-Encoding = "gzip";
>>>>>>>>>>>>> > } elsif (req.http.Accept-Encoding ~ "deflate") {
>>>>>>>>>>>>> > set req.http.Accept-Encoding = "deflate";
>>>>>>>>>>>>> > } else {
>>>>>>>>>>>>> > # unknown algorithm
>>>>>>>>>>>>> > unset req.http.Accept-Encoding;
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # PIPE ALL NON-STANDARD REQUESTS
>>>>>>>>>>>>> > # ##############################
>>>>>>>>>>>>> ############################
>>>>>>>>>>>>> > if (req.method != "GET" &&
>>>>>>>>>>>>> > req.method != "HEAD" &&
>>>>>>>>>>>>> > req.method != "PUT" &&
>>>>>>>>>>>>> > req.method != "POST" &&
>>>>>>>>>>>>> > req.method != "TRACE" &&
>>>>>>>>>>>>> > req.method != "OPTIONS" &&
>>>>>>>>>>>>> > req.method != "DELETE") {
>>>>>>>>>>>>> > return (pipe);
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # ONLY CACHE GET AND HEAD REQUESTS
>>>>>>>>>>>>> > # ##############################
>>>>>>>>>>>>> ############################
>>>>>>>>>>>>> > if (req.method != "GET" && req.method != "HEAD") {
>>>>>>>>>>>>> > return (pass);
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # OPTIONAL: DO NOT CACHE LOGGED IN USERS (THIS OCCURS IN
>>>>>>>>>>>>> FETCH TOO, EITHER
>>>>>>>>>>>>> > # COMMENT OR UNCOMMENT BOTH
>>>>>>>>>>>>> > # ##############################
>>>>>>>>>>>>> ############################
>>>>>>>>>>>>> > if ( req.http.cookie ~ "wordpress_logged_in" ) {
>>>>>>>>>>>>> > return( pass );
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # IF THE REQUEST IS NOT FOR A PREVIEW, WP-ADMIN OR WP-LOGIN
>>>>>>>>>>>>> > # THEN UNSET THE COOKIES
>>>>>>>>>>>>> > # ##############################
>>>>>>>>>>>>> ############################
>>>>>>>>>>>>> > if (!(req.url ~ "wp-(login|admin)")
>>>>>>>>>>>>> > && !(req.url ~ "&preview=true" )
>>>>>>>>>>>>> > ){
>>>>>>>>>>>>> > unset req.http.cookie;
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # IF BASIC AUTH IS ON THEN DO NOT CACHE
>>>>>>>>>>>>> > # ##############################
>>>>>>>>>>>>> ############################
>>>>>>>>>>>>> > if (req.http.Authorization || req.http.Cookie) {
>>>>>>>>>>>>> > return (pass);
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # IF YOU GET HERE THEN THIS REQUEST SHOULD BE CACHED
>>>>>>>>>>>>> > # ##############################
>>>>>>>>>>>>> ############################
>>>>>>>>>>>>> > return (hash);
>>>>>>>>>>>>> > # This is for phpmyadmin
>>>>>>>>>>>>> > if (req.http.Host == "ki1.org") {
>>>>>>>>>>>>> > return (pass);
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > if (req.http.Host == "mysql.ki1.org") {
>>>>>>>>>>>>> > return (pass);
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # HIT FUNCTION
>>>>>>>>>>>>> > # ##########################################################
>>>>>>>>>>>>> > sub vcl_hit {
>>>>>>>>>>>>> > # IF THIS IS A PURGE REQUEST THEN DO THE PURGE
>>>>>>>>>>>>> > # ##############################
>>>>>>>>>>>>> ############################
>>>>>>>>>>>>> > if (req.method == "PURGE") {
>>>>>>>>>>>>> > #
>>>>>>>>>>>>> > # This is now handled in vcl_recv.
>>>>>>>>>>>>> > #
>>>>>>>>>>>>> > # purge;
>>>>>>>>>>>>> > return (synth(200, "Purged."));
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> > return (deliver);
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # MISS FUNCTION
>>>>>>>>>>>>> > # ##########################################################
>>>>>>>>>>>>> > sub vcl_miss {
>>>>>>>>>>>>> > if (req.method == "PURGE") {
>>>>>>>>>>>>> > #
>>>>>>>>>>>>> > # This is now handled in vcl_recv.
>>>>>>>>>>>>> > #
>>>>>>>>>>>>> > # purge;
>>>>>>>>>>>>> > return (synth(200, "Purged."));
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> > return (fetch);
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # FETCH FUNCTION
>>>>>>>>>>>>> > # ##########################################################
>>>>>>>>>>>>> > sub vcl_backend_response {
>>>>>>>>>>>>> > # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC
>>>>>>>>>>>>> > # TENDANCY TO SET VARY USER-AGENT. YOU MAY OR MAY NOT WANT
>>>>>>>>>>>>> > # TO DO THIS
>>>>>>>>>>>>> > # ##############################
>>>>>>>>>>>>> ############################
>>>>>>>>>>>>> > set beresp.http.Vary = "Accept-Encoding";
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF
>>>>>>>>>>>>> > # TIME THIS PAGE WILL STAY CACHED (TTL)
>>>>>>>>>>>>> > # ##############################
>>>>>>>>>>>>> ############################
>>>>>>>>>>>>> > if (!(bereq.url ~ "wp-(login|admin)") &&
>>>>>>>>>>>>> !bereq.http.cookie ~ "wordpress_logged_in" ) {
>>>>>>>>>>>>> > unset beresp.http.set-cookie;
>>>>>>>>>>>>> > set beresp.ttl = 52w;
>>>>>>>>>>>>> > # set beresp.grace =1w;
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > if (beresp.http.Set-Cookie ~ "xf_(session|user)") {
>>>>>>>>>>>>> > set beresp.uncacheable = true;
>>>>>>>>>>>>> > set beresp.ttl = 1w;
>>>>>>>>>>>>> > return (deliver);
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > if (beresp.ttl <= 0s ||
>>>>>>>>>>>>> > beresp.http.Set-Cookie ||
>>>>>>>>>>>>> > beresp.http.Vary == "*") {
>>>>>>>>>>>>> > set beresp.ttl = 120 s;
>>>>>>>>>>>>> > # set beresp.ttl = 120s;
>>>>>>>>>>>>> > set beresp.uncacheable = true;
>>>>>>>>>>>>> > return (deliver);
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > return (deliver);
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > # DELIVER FUNCTION
>>>>>>>>>>>>> > # ##########################################################
>>>>>>>>>>>>> > sub vcl_deliver {
>>>>>>>>>>>>> > # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT' TEXT
>>>>>>>>>>>>> > # IN THE HEADER (GREAT FOR DEBUGGING)
>>>>>>>>>>>>> > # ##############################
>>>>>>>>>>>>> ############################
>>>>>>>>>>>>> > if (obj.hits > 0) {
>>>>>>>>>>>>> > set resp.http.X-Cache = "HIT";
>>>>>>>>>>>>> > # IF THIS IS A MISS RETURN THAT IN THE HEADER
>>>>>>>>>>>>> > # ##############################
>>>>>>>>>>>>> ############################
>>>>>>>>>>>>> > } else {
>>>>>>>>>>>>> > set resp.http.X-Cache = "MISS";
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> > }
>>>>>>>>>>>>> >
>>>>>>>>>>>>> >
>>>>>>>>>>>>> >
>>>>>>>>>>>>> > 2016-08-04 16:36 GMT+03:00 Andrei <lagged at gmail.com>:
>>>>>>>>>>>>> >>
>>>>>>>>>>>>> >> correction:
>>>>>>>>>>>>> >>
>>>>>>>>>>>>> >> sub vcl_recv {
>>>>>>>>>>>>> >> if(req.http.Cookie ~ "xf_(session|user)") {
>>>>>>>>>>>>> >> return (pass);
>>>>>>>>>>>>> >> }
>>>>>>>>>>>>> >> }
>>>>>>>>>>>>> >>
>>>>>>>>>>>>> >> sub vcl_backend_response {
>>>>>>>>>>>>> >> if (beresp.http.Set-Cookie ~ "xf_(session|user)") {
>>>>>>>>>>>>> >> set beresp.uncacheable = true;
>>>>>>>>>>>>> >> set beresp.ttl = 1w;
>>>>>>>>>>>>> >> return (deliver);
>>>>>>>>>>>>> >> }
>>>>>>>>>>>>> >> }
>>>>>>>>>>>>> >>
>>>>>>>>>>>>> >> On Thu, Aug 4, 2016 at 8:34 AM, Andrei <lagged at gmail.com>
>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>> >>>
>>>>>>>>>>>>> >>> Hello,
>>>>>>>>>>>>> >>>
>>>>>>>>>>>>> >>> Aside from the provided VCL being for WordPress, while
>>>>>>>>>>>>> you're running XenForo, the xf_ cookies are being dropped by your config. A
>>>>>>>>>>>>> quick fix is:
>>>>>>>>>>>>> >>>
>>>>>>>>>>>>> >>> sub vcl_recv {
>>>>>>>>>>>>> >>> if( req.http.Cookie ~ "xf_(session|user)") {
>>>>>>>>>>>>> >>> return (pass);
>>>>>>>>>>>>> >>> }
>>>>>>>>>>>>> >>> }
>>>>>>>>>>>>> >>>
>>>>>>>>>>>>> >>> sub vcl_backend_response {
>>>>>>>>>>>>> >>> if (req.http.Cookie ~ "xf_(session|user)") {
>>>>>>>>>>>>> >>> set beresp.uncacheable = true;
>>>>>>>>>>>>> >>> set beresp.ttl = 1w;
>>>>>>>>>>>>> >>> return (deliver);
>>>>>>>>>>>>> >>> }
>>>>>>>>>>>>> >>> }
>>>>>>>>>>>>> >>>
>>>>>>>>>>>>> >>> However, I suggest auditing your VCL, and only including
>>>>>>>>>>>>> rules specific to the application(s) which you are running.
>>>>>>>>>>>>> >>>
>>>>>>>>>>>>> >>>
>>>>>>>>>>>>> >>> On Thu, Aug 4, 2016 at 8:09 AM, Ayberk Kimsesiz <
>>>>>>>>>>>>> ayberk.kimsesiz at gmail.com> wrote:
>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>> >>>> Users can't login or register to domain.com/forum with
>>>>>>>>>>>>> the current settings. So we need to make a change related to xf_user and
>>>>>>>>>>>>> xf_session but how?
>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>> >>>> 2016-08-04 15:26 GMT+03:00 Lane, Richard <
>>>>>>>>>>>>> rlane at ahbelo.com>:
>>>>>>>>>>>>> >>>>>
>>>>>>>>>>>>> >>>>> If you want Varnish to ignore request for a path you
>>>>>>>>>>>>> need to tell it to pass. In your example you have a rule for the RSS feed.
>>>>>>>>>>>>> You can do the same for /forum/ in your vcl_recv block.
>>>>>>>>>>>>> >>>>>
>>>>>>>>>>>>> >>>>> *# DO NOT CACHE RSS FEED*
>>>>>>>>>>>>> >>>>> * if (req.url ~ "/feed(/)?") {*
>>>>>>>>>>>>> >>>>> * return ( pass ); *
>>>>>>>>>>>>> >>>>> *}*
>>>>>>>>>>>>> >>>>>
>>>>>>>>>>>>> >>>>> *# DO NOT CACHE FORUM*
>>>>>>>>>>>>> >>>>> if (req.url ~ "/forum(/)?") {
>>>>>>>>>>>>> >>>>> return ( pass );
>>>>>>>>>>>>> >>>>> }
>>>>>>>>>>>>> >>>>>
>>>>>>>>>>>>> >>>>> Cheers,
>>>>>>>>>>>>> >>>>> Richard
>>>>>>>>>>>>> >>>>>
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> Message: 1
>>>>>>>>>>>>> >>>>>> Date: Wed, 3 Aug 2016 23:34:40 +0300
>>>>>>>>>>>>> >>>>>> From: Ayberk Kimsesiz <ayberk.kimsesiz at gmail.com>
>>>>>>>>>>>>> >>>>>> To: varnish-misc <varnish-misc at varnish-cache.org>
>>>>>>>>>>>>> >>>>>> Subject: XenForo default.vcl settings
>>>>>>>>>>>>> >>>>>> Message-ID:
>>>>>>>>>>>>> >>>>>> <CAPQGzE29n1QOmHarn9L-9ztquGfe
>>>>>>>>>>>>> u-AwNJUaDrHm_w-5BXmA_Q at mail.gmail.com>
>>>>>>>>>>>>> >>>>>> Content-Type: text/plain; charset="utf-8"
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> Hi,
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> Could you please share the appropriate Default.vcl
>>>>>>>>>>>>> settings for XenForo
>>>>>>>>>>>>> >>>>>> Forums? No one can register to the forum at the moment.
>>>>>>>>>>>>> My current
>>>>>>>>>>>>> >>>>>> Default.vcl settings are as follows.
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> Forum address: domain.com/forum
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> */* SET THE HOST AND PORT OF WORDPRESS*
>>>>>>>>>>>>> >>>>>> * * ******************************
>>>>>>>>>>>>> ***************************/*
>>>>>>>>>>>>> >>>>>> *vcl 4.0;*
>>>>>>>>>>>>> >>>>>> *import std;*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> *backend default {*
>>>>>>>>>>>>> >>>>>> * .host = "*******";*
>>>>>>>>>>>>> >>>>>> * .port = "8080";*
>>>>>>>>>>>>> >>>>>> * .connect_timeout = 600s;*
>>>>>>>>>>>>> >>>>>> * .first_byte_timeout = 600s;*
>>>>>>>>>>>>> >>>>>> * .between_bytes_timeout = 600s;*
>>>>>>>>>>>>> >>>>>> * .max_connections = 800;*
>>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> *# SET THE ALLOWED IP OF PURGE REQUESTS*
>>>>>>>>>>>>> >>>>>> *# ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> *acl purge {*
>>>>>>>>>>>>> >>>>>> * "localhost";*
>>>>>>>>>>>>> >>>>>> * "127.0.0.1";*
>>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> *#THE RECV FUNCTION*
>>>>>>>>>>>>> >>>>>> *# ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> *sub vcl_recv {*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> *# set realIP by trimming CloudFlare IP which will be
>>>>>>>>>>>>> used for various
>>>>>>>>>>>>> >>>>>> checks*
>>>>>>>>>>>>> >>>>>> *set req.http.X-Actual-IP =
>>>>>>>>>>>>> regsub(req.http.X-Forwarded-For, "[, ].*$",
>>>>>>>>>>>>> >>>>>> ""); *
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> * # FORWARD THE IP OF THE REQUEST*
>>>>>>>>>>>>> >>>>>> * if (req.restarts == 0) {*
>>>>>>>>>>>>> >>>>>> * if (req.http.x-forwarded-for) {*
>>>>>>>>>>>>> >>>>>> * set req.http.X-Forwarded-For =*
>>>>>>>>>>>>> >>>>>> * req.http.X-Forwarded-For + ", " + client.ip;*
>>>>>>>>>>>>> >>>>>> * } else {*
>>>>>>>>>>>>> >>>>>> * set req.http.X-Forwarded-For = client.ip;*
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> * # Purge request check sections for hash_always_miss,
>>>>>>>>>>>>> purge and ban*
>>>>>>>>>>>>> >>>>>> * # BLOCK IF NOT IP is not in purge acl*
>>>>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> * # Enable smart refreshing using hash_always_miss*
>>>>>>>>>>>>> >>>>>> *if (req.http.Cache-Control ~ "no-cache") {*
>>>>>>>>>>>>> >>>>>> * if (client.ip ~ purge ||
>>>>>>>>>>>>> !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~
>>>>>>>>>>>>> >>>>>> purge) {*
>>>>>>>>>>>>> >>>>>> * set req.hash_always_miss = true;*
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> *if (req.method == "PURGE") {*
>>>>>>>>>>>>> >>>>>> * if (!client.ip ~ purge ||
>>>>>>>>>>>>> !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~
>>>>>>>>>>>>> >>>>>> purge) {*
>>>>>>>>>>>>> >>>>>> * return(synth(405,"Not allowed."));*
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>> * return (purge);*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>> *if (req.method == "BAN") {*
>>>>>>>>>>>>> >>>>>> * # Same ACL check as above:*
>>>>>>>>>>>>> >>>>>> * if (!client.ip ~ purge ||
>>>>>>>>>>>>> !std.ip(req.http.X-Actual-IP, "1.2.3.4")
>>>>>>>>>>>>> >>>>>> ~ purge) {*
>>>>>>>>>>>>> >>>>>> * return(synth(403, "Not
>>>>>>>>>>>>> allowed."));*
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>> * ban("req.http.host == " + req.http.host +*
>>>>>>>>>>>>> >>>>>> * " && req.url == " + req.url);*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> * # Throw a synthetic page so the*
>>>>>>>>>>>>> >>>>>> * # request won't go to the backend.*
>>>>>>>>>>>>> >>>>>> * return(synth(200, "Ban added"));*
>>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> *# Unset cloudflare cookies*
>>>>>>>>>>>>> >>>>>> *# Remove has_js and CloudFlare/Google Analytics __*
>>>>>>>>>>>>> cookies.*
>>>>>>>>>>>>> >>>>>> * set req.http.Cookie = regsuball(req.http.Cookie,
>>>>>>>>>>>>> >>>>>> "(^|;\s*)(_[_a-z]+|has_js)=[^;]*", "");*
>>>>>>>>>>>>> >>>>>> * # Remove a ";" prefix, if present.*
>>>>>>>>>>>>> >>>>>> * set req.http.Cookie = regsub(req.http.Cookie,
>>>>>>>>>>>>> "^;\s*", "");*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> * # For Testing: If you want to test with Varnish
>>>>>>>>>>>>> passing (not caching)
>>>>>>>>>>>>> >>>>>> uncomment*
>>>>>>>>>>>>> >>>>>> * # return( pass );*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> * # FORWARD THE IP OF THE REQUEST*
>>>>>>>>>>>>> >>>>>> * if (req.restarts == 0) {*
>>>>>>>>>>>>> >>>>>> * if (req.http.x-forwarded-for) {*
>>>>>>>>>>>>> >>>>>> * set req.http.X-Forwarded-For =*
>>>>>>>>>>>>> >>>>>> * req.http.X-Forwarded-For + ", " + client.ip;*
>>>>>>>>>>>>> >>>>>> * } else {*
>>>>>>>>>>>>> >>>>>> * set req.http.X-Forwarded-For = client.ip;*
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> *# DO NOT CACHE RSS FEED*
>>>>>>>>>>>>> >>>>>> * if (req.url ~ "/feed(/)?") {*
>>>>>>>>>>>>> >>>>>> * return ( pass ); *
>>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> *## Do not cache search results, comment these 3 lines
>>>>>>>>>>>>> if you do want to
>>>>>>>>>>>>> >>>>>> cache them*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> *if (req.url ~ "/\?s\=") {*
>>>>>>>>>>>>> >>>>>> * return ( pass ); *
>>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> *# CLEAN UP THE ENCODING HEADER.*
>>>>>>>>>>>>> >>>>>> * # SET TO GZIP, DEFLATE, OR REMOVE ENTIRELY. WITH
>>>>>>>>>>>>> VARY ACCEPT-ENCODING*
>>>>>>>>>>>>> >>>>>> * # VARNISH WILL CREATE SEPARATE CACHES FOR EACH*
>>>>>>>>>>>>> >>>>>> * # DO NOT ACCEPT-ENCODING IMAGES, ZIPPED FILES,
>>>>>>>>>>>>> AUDIO, ETC.*
>>>>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> * if (req.http.Accept-Encoding) {*
>>>>>>>>>>>>> >>>>>> * if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$")
>>>>>>>>>>>>> {*
>>>>>>>>>>>>> >>>>>> * # No point in compressing these*
>>>>>>>>>>>>> >>>>>> * unset req.http.Accept-Encoding;*
>>>>>>>>>>>>> >>>>>> * } elsif (req.http.Accept-Encoding ~ "gzip") {*
>>>>>>>>>>>>> >>>>>> * set req.http.Accept-Encoding = "gzip";*
>>>>>>>>>>>>> >>>>>> * } elsif (req.http.Accept-Encoding ~ "deflate") {*
>>>>>>>>>>>>> >>>>>> * set req.http.Accept-Encoding = "deflate";*
>>>>>>>>>>>>> >>>>>> * } else {*
>>>>>>>>>>>>> >>>>>> * # unknown algorithm*
>>>>>>>>>>>>> >>>>>> * unset req.http.Accept-Encoding;*
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> * # PIPE ALL NON-STANDARD REQUESTS*
>>>>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> * if (req.method != "GET" &&*
>>>>>>>>>>>>> >>>>>> * req.method != "HEAD" &&*
>>>>>>>>>>>>> >>>>>> * req.method != "PUT" && *
>>>>>>>>>>>>> >>>>>> * req.method != "POST" &&*
>>>>>>>>>>>>> >>>>>> * req.method != "TRACE" &&*
>>>>>>>>>>>>> >>>>>> * req.method != "OPTIONS" &&*
>>>>>>>>>>>>> >>>>>> * req.method != "DELETE") {*
>>>>>>>>>>>>> >>>>>> * return (pipe);*
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> * # ONLY CACHE GET AND HEAD REQUESTS*
>>>>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> * if (req.method != "GET" && req.method != "HEAD") {*
>>>>>>>>>>>>> >>>>>> * return (pass);*
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> * # OPTIONAL: DO NOT CACHE LOGGED IN USERS (THIS
>>>>>>>>>>>>> OCCURS IN FETCH TOO,
>>>>>>>>>>>>> >>>>>> EITHER*
>>>>>>>>>>>>> >>>>>> * # COMMENT OR UNCOMMENT BOTH*
>>>>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> * if ( req.http.cookie ~ "wordpress_logged_in" ) {*
>>>>>>>>>>>>> >>>>>> * return( pass );*
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> * # IF THE REQUEST IS NOT FOR A PREVIEW, WP-ADMIN OR
>>>>>>>>>>>>> WP-LOGIN*
>>>>>>>>>>>>> >>>>>> * # THEN UNSET THE COOKIES*
>>>>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> * if (!(req.url ~ "wp-(login|admin)") *
>>>>>>>>>>>>> >>>>>> * && !(req.url ~ "&preview=true" ) *
>>>>>>>>>>>>> >>>>>> * ){*
>>>>>>>>>>>>> >>>>>> * unset req.http.cookie;*
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> * # IF BASIC AUTH IS ON THEN DO NOT CACHE*
>>>>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> * if (req.http.Authorization || req.http.Cookie) {*
>>>>>>>>>>>>> >>>>>> * return (pass);*
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> * # IF YOU GET HERE THEN THIS REQUEST SHOULD BE CACHED*
>>>>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> * return (hash);*
>>>>>>>>>>>>> >>>>>> * # This is for phpmyadmin*
>>>>>>>>>>>>> >>>>>> *if (req.http.Host == "ki1.org <http://ki1.org>") {*
>>>>>>>>>>>>> >>>>>> *return (pass);*
>>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> *if (req.http.Host == "mysql.ki1.org <
>>>>>>>>>>>>> http://mysql.ki1.org>") {*
>>>>>>>>>>>>> >>>>>> *return (pass);*
>>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> *# HIT FUNCTION*
>>>>>>>>>>>>> >>>>>> *# ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> *sub vcl_hit {*
>>>>>>>>>>>>> >>>>>> * # IF THIS IS A PURGE REQUEST THEN DO THE PURGE*
>>>>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> * if (req.method == "PURGE") {*
>>>>>>>>>>>>> >>>>>> * #*
>>>>>>>>>>>>> >>>>>> * # This is now handled in vcl_recv.*
>>>>>>>>>>>>> >>>>>> * #*
>>>>>>>>>>>>> >>>>>> * # purge;*
>>>>>>>>>>>>> >>>>>> * return (synth(200, "Purged."));*
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>> * return (deliver);*
>>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> *# MISS FUNCTION*
>>>>>>>>>>>>> >>>>>> *# ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> *sub vcl_miss {*
>>>>>>>>>>>>> >>>>>> * if (req.method == "PURGE") {*
>>>>>>>>>>>>> >>>>>> * #*
>>>>>>>>>>>>> >>>>>> * # This is now handled in vcl_recv.*
>>>>>>>>>>>>> >>>>>> * #*
>>>>>>>>>>>>> >>>>>> * # purge;*
>>>>>>>>>>>>> >>>>>> * return (synth(200, "Purged."));*
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>> * return (fetch);*
>>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> *# FETCH FUNCTION*
>>>>>>>>>>>>> >>>>>> *# ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> *sub vcl_backend_response {*
>>>>>>>>>>>>> >>>>>> * # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES
>>>>>>>>>>>>> W3TC *
>>>>>>>>>>>>> >>>>>> * # TENDANCY TO SET VARY USER-AGENT. YOU MAY OR MAY
>>>>>>>>>>>>> NOT WANT*
>>>>>>>>>>>>> >>>>>> * # TO DO THIS*
>>>>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> * set beresp.http.Vary = "Accept-Encoding";*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> * # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE
>>>>>>>>>>>>> AMOUNT OF *
>>>>>>>>>>>>> >>>>>> * # TIME THIS PAGE WILL STAY CACHED (TTL)*
>>>>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> * if (!(bereq.url ~ "wp-(login|admin)") &&
>>>>>>>>>>>>> !bereq.http.cookie ~
>>>>>>>>>>>>> >>>>>> "wordpress_logged_in" ) {*
>>>>>>>>>>>>> >>>>>> * unset beresp.http.set-cookie;*
>>>>>>>>>>>>> >>>>>> * set beresp.ttl = 52w;*
>>>>>>>>>>>>> >>>>>> *# set beresp.grace =1w;*
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> * if (beresp.ttl <= 0s ||*
>>>>>>>>>>>>> >>>>>> * beresp.http.Set-Cookie ||*
>>>>>>>>>>>>> >>>>>> * beresp.http.Vary == "*") {*
>>>>>>>>>>>>> >>>>>> * set beresp.ttl = 120 s;*
>>>>>>>>>>>>> >>>>>> * # set beresp.ttl = 120s;*
>>>>>>>>>>>>> >>>>>> * set beresp.uncacheable = true;*
>>>>>>>>>>>>> >>>>>> * return (deliver);*
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> * return (deliver);*
>>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> *# DELIVER FUNCTION*
>>>>>>>>>>>>> >>>>>> *# ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> *sub vcl_deliver {*
>>>>>>>>>>>>> >>>>>> * # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT'
>>>>>>>>>>>>> TEXT *
>>>>>>>>>>>>> >>>>>> * # IN THE HEADER (GREAT FOR DEBUGGING)*
>>>>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> * if (obj.hits > 0) {*
>>>>>>>>>>>>> >>>>>> * set resp.http.X-Cache = "HIT";*
>>>>>>>>>>>>> >>>>>> * # IF THIS IS A MISS RETURN THAT IN THE HEADER*
>>>>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> * } else {*
>>>>>>>>>>>>> >>>>>> * set resp.http.X-Cache = "MISS";*
>>>>>>>>>>>>> >>>>>> * }*
>>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> Thanks,
>>>>>>>>>>>>> >>>>>> -------------- next part --------------
>>>>>>>>>>>>> >>>>>> An HTML attachment was scrubbed...
>>>>>>>>>>>>> >>>>>> URL: <https://www.varnish-cache.org
>>>>>>>>>>>>> /lists/pipermail/varnish-misc/attachments/20160803/d572e4b2/
>>>>>>>>>>>>> attachment-0001.html>
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> ------------------------------
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> Message: 2
>>>>>>>>>>>>> >>>>>> Date: Thu, 4 Aug 2016 12:14:36 +0300
>>>>>>>>>>>>> >>>>>> From: Ayberk Kimsesiz <ayberk.kimsesiz at gmail.com>
>>>>>>>>>>>>> >>>>>> To: varnish-misc <varnish-misc at varnish-cache.org>
>>>>>>>>>>>>> >>>>>> Subject: Re: XenForo default.vcl settings
>>>>>>>>>>>>> >>>>>> Message-ID:
>>>>>>>>>>>>> >>>>>> <CAPQGzE39XkXy_44z5oUXBO5q5sF5
>>>>>>>>>>>>> CvQmNP5k771DPi4O3i1ofA at mail.gmail.com>
>>>>>>>>>>>>> >>>>>> Content-Type: text/plain; charset="utf-8"
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> I need to add the followings to default.vcl for
>>>>>>>>>>>>> Xenforo. However, solutions
>>>>>>>>>>>>> >>>>>> in the Xenforo forums for this didn't work. Can you
>>>>>>>>>>>>> please help?
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> xf_session_admin
>>>>>>>>>>>>> >>>>>> xf_user
>>>>>>>>>>>>> >>>>>> xf_session
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> Or how can i block Varnish in a way that it doesn't
>>>>>>>>>>>>> work in *domain.com/forum
>>>>>>>>>>>>> >>>>>> <http://domain.com/forum>*
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> 2016-08-03 23:34 GMT+03:00 Ayberk Kimsesiz <
>>>>>>>>>>>>> ayberk.kimsesiz at gmail.com>:
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> > Hi,
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > Could you please share the appropriate Default.vcl
>>>>>>>>>>>>> settings for XenForo
>>>>>>>>>>>>> >>>>>> > Forums? No one can register to the forum at the
>>>>>>>>>>>>> moment. My current
>>>>>>>>>>>>> >>>>>> > Default.vcl settings are as follows.
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > Forum address: domain.com/forum
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > */* SET THE HOST AND PORT OF WORDPRESS*
>>>>>>>>>>>>> >>>>>> > * * ******************************
>>>>>>>>>>>>> ***************************/*
>>>>>>>>>>>>> >>>>>> > *vcl 4.0;*
>>>>>>>>>>>>> >>>>>> > *import std;*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > *backend default {*
>>>>>>>>>>>>> >>>>>> > * .host = "*******";*
>>>>>>>>>>>>> >>>>>> > * .port = "8080";*
>>>>>>>>>>>>> >>>>>> > * .connect_timeout = 600s;*
>>>>>>>>>>>>> >>>>>> > * .first_byte_timeout = 600s;*
>>>>>>>>>>>>> >>>>>> > * .between_bytes_timeout = 600s;*
>>>>>>>>>>>>> >>>>>> > * .max_connections = 800;*
>>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > *# SET THE ALLOWED IP OF PURGE REQUESTS*
>>>>>>>>>>>>> >>>>>> > *# ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> > *acl purge {*
>>>>>>>>>>>>> >>>>>> > * "localhost";*
>>>>>>>>>>>>> >>>>>> > * "127.0.0.1";*
>>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > *#THE RECV FUNCTION*
>>>>>>>>>>>>> >>>>>> > *# ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> > *sub vcl_recv {*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > *# set realIP by trimming CloudFlare IP which will be
>>>>>>>>>>>>> used for various
>>>>>>>>>>>>> >>>>>> > checks*
>>>>>>>>>>>>> >>>>>> > *set req.http.X-Actual-IP =
>>>>>>>>>>>>> regsub(req.http.X-Forwarded-For, "[, ].*$",
>>>>>>>>>>>>> >>>>>> > ""); *
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > * # FORWARD THE IP OF THE REQUEST*
>>>>>>>>>>>>> >>>>>> > * if (req.restarts == 0) {*
>>>>>>>>>>>>> >>>>>> > * if (req.http.x-forwarded-for) {*
>>>>>>>>>>>>> >>>>>> > * set req.http.X-Forwarded-For =*
>>>>>>>>>>>>> >>>>>> > * req.http.X-Forwarded-For + ", " + client.ip;*
>>>>>>>>>>>>> >>>>>> > * } else {*
>>>>>>>>>>>>> >>>>>> > * set req.http.X-Forwarded-For = client.ip;*
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > * # Purge request check sections for
>>>>>>>>>>>>> hash_always_miss, purge and ban*
>>>>>>>>>>>>> >>>>>> > * # BLOCK IF NOT IP is not in purge acl*
>>>>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > * # Enable smart refreshing using hash_always_miss*
>>>>>>>>>>>>> >>>>>> > *if (req.http.Cache-Control ~ "no-cache") {*
>>>>>>>>>>>>> >>>>>> > * if (client.ip ~ purge ||
>>>>>>>>>>>>> !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~
>>>>>>>>>>>>> >>>>>> > purge) {*
>>>>>>>>>>>>> >>>>>> > * set req.hash_always_miss = true;*
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > *if (req.method == "PURGE") {*
>>>>>>>>>>>>> >>>>>> > * if (!client.ip ~ purge ||
>>>>>>>>>>>>> !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~
>>>>>>>>>>>>> >>>>>> > purge) {*
>>>>>>>>>>>>> >>>>>> > * return(synth(405,"Not allowed."));*
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> > * return (purge);*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> > *if (req.method == "BAN") {*
>>>>>>>>>>>>> >>>>>> > * # Same ACL check as above:*
>>>>>>>>>>>>> >>>>>> > * if (!client.ip ~ purge ||
>>>>>>>>>>>>> !std.ip(req.http.X-Actual-IP,
>>>>>>>>>>>>> >>>>>> > "1.2.3.4") ~ purge) {*
>>>>>>>>>>>>> >>>>>> > * return(synth(403, "Not
>>>>>>>>>>>>> allowed."));*
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> > * ban("req.http.host == " + req.http.host +*
>>>>>>>>>>>>> >>>>>> > * " && req.url == " + req.url);*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > * # Throw a synthetic page so the*
>>>>>>>>>>>>> >>>>>> > * # request won't go to the backend.*
>>>>>>>>>>>>> >>>>>> > * return(synth(200, "Ban added"));*
>>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > *# Unset cloudflare cookies*
>>>>>>>>>>>>> >>>>>> > *# Remove has_js and CloudFlare/Google Analytics __*
>>>>>>>>>>>>> cookies.*
>>>>>>>>>>>>> >>>>>> > * set req.http.Cookie =
>>>>>>>>>>>>> regsuball(req.http.Cookie,
>>>>>>>>>>>>> >>>>>> > "(^|;\s*)(_[_a-z]+|has_js)=[^;]*", "");*
>>>>>>>>>>>>> >>>>>> > * # Remove a ";" prefix, if present.*
>>>>>>>>>>>>> >>>>>> > * set req.http.Cookie = regsub(req.http.Cookie,
>>>>>>>>>>>>> "^;\s*", "");*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > * # For Testing: If you want to test with Varnish
>>>>>>>>>>>>> passing (not caching)
>>>>>>>>>>>>> >>>>>> > uncomment*
>>>>>>>>>>>>> >>>>>> > * # return( pass );*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > * # FORWARD THE IP OF THE REQUEST*
>>>>>>>>>>>>> >>>>>> > * if (req.restarts == 0) {*
>>>>>>>>>>>>> >>>>>> > * if (req.http.x-forwarded-for) {*
>>>>>>>>>>>>> >>>>>> > * set req.http.X-Forwarded-For =*
>>>>>>>>>>>>> >>>>>> > * req.http.X-Forwarded-For + ", " + client.ip;*
>>>>>>>>>>>>> >>>>>> > * } else {*
>>>>>>>>>>>>> >>>>>> > * set req.http.X-Forwarded-For = client.ip;*
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > *# DO NOT CACHE RSS FEED*
>>>>>>>>>>>>> >>>>>> > * if (req.url ~ "/feed(/)?") {*
>>>>>>>>>>>>> >>>>>> > * return ( pass ); *
>>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > *## Do not cache search results, comment these 3
>>>>>>>>>>>>> lines if you do want to
>>>>>>>>>>>>> >>>>>> > cache them*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > *if (req.url ~ "/\?s\=") {*
>>>>>>>>>>>>> >>>>>> > * return ( pass ); *
>>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > *# CLEAN UP THE ENCODING HEADER.*
>>>>>>>>>>>>> >>>>>> > * # SET TO GZIP, DEFLATE, OR REMOVE ENTIRELY. WITH
>>>>>>>>>>>>> VARY ACCEPT-ENCODING*
>>>>>>>>>>>>> >>>>>> > * # VARNISH WILL CREATE SEPARATE CACHES FOR EACH*
>>>>>>>>>>>>> >>>>>> > * # DO NOT ACCEPT-ENCODING IMAGES, ZIPPED FILES,
>>>>>>>>>>>>> AUDIO, ETC.*
>>>>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> > * if (req.http.Accept-Encoding) {*
>>>>>>>>>>>>> >>>>>> > * if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$")
>>>>>>>>>>>>> {*
>>>>>>>>>>>>> >>>>>> > * # No point in compressing these*
>>>>>>>>>>>>> >>>>>> > * unset req.http.Accept-Encoding;*
>>>>>>>>>>>>> >>>>>> > * } elsif (req.http.Accept-Encoding ~ "gzip") {*
>>>>>>>>>>>>> >>>>>> > * set req.http.Accept-Encoding = "gzip";*
>>>>>>>>>>>>> >>>>>> > * } elsif (req.http.Accept-Encoding ~ "deflate") {*
>>>>>>>>>>>>> >>>>>> > * set req.http.Accept-Encoding = "deflate";*
>>>>>>>>>>>>> >>>>>> > * } else {*
>>>>>>>>>>>>> >>>>>> > * # unknown algorithm*
>>>>>>>>>>>>> >>>>>> > * unset req.http.Accept-Encoding;*
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > * # PIPE ALL NON-STANDARD REQUESTS*
>>>>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> > * if (req.method != "GET" &&*
>>>>>>>>>>>>> >>>>>> > * req.method != "HEAD" &&*
>>>>>>>>>>>>> >>>>>> > * req.method != "PUT" && *
>>>>>>>>>>>>> >>>>>> > * req.method != "POST" &&*
>>>>>>>>>>>>> >>>>>> > * req.method != "TRACE" &&*
>>>>>>>>>>>>> >>>>>> > * req.method != "OPTIONS" &&*
>>>>>>>>>>>>> >>>>>> > * req.method != "DELETE") {*
>>>>>>>>>>>>> >>>>>> > * return (pipe);*
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > * # ONLY CACHE GET AND HEAD REQUESTS*
>>>>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> > * if (req.method != "GET" && req.method != "HEAD") {*
>>>>>>>>>>>>> >>>>>> > * return (pass);*
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > * # OPTIONAL: DO NOT CACHE LOGGED IN USERS (THIS
>>>>>>>>>>>>> OCCURS IN FETCH TOO,
>>>>>>>>>>>>> >>>>>> > EITHER*
>>>>>>>>>>>>> >>>>>> > * # COMMENT OR UNCOMMENT BOTH*
>>>>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> > * if ( req.http.cookie ~ "wordpress_logged_in" ) {*
>>>>>>>>>>>>> >>>>>> > * return( pass );*
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > * # IF THE REQUEST IS NOT FOR A PREVIEW, WP-ADMIN OR
>>>>>>>>>>>>> WP-LOGIN*
>>>>>>>>>>>>> >>>>>> > * # THEN UNSET THE COOKIES*
>>>>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> > * if (!(req.url ~ "wp-(login|admin)") *
>>>>>>>>>>>>> >>>>>> > * && !(req.url ~ "&preview=true" ) *
>>>>>>>>>>>>> >>>>>> > * ){*
>>>>>>>>>>>>> >>>>>> > * unset req.http.cookie;*
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > * # IF BASIC AUTH IS ON THEN DO NOT CACHE*
>>>>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> > * if (req.http.Authorization || req.http.Cookie) {*
>>>>>>>>>>>>> >>>>>> > * return (pass);*
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > * # IF YOU GET HERE THEN THIS REQUEST SHOULD BE
>>>>>>>>>>>>> CACHED*
>>>>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> > * return (hash);*
>>>>>>>>>>>>> >>>>>> > * # This is for phpmyadmin*
>>>>>>>>>>>>> >>>>>> > *if (req.http.Host == "ki1.org <http://ki1.org>") {*
>>>>>>>>>>>>> >>>>>> > *return (pass);*
>>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > *if (req.http.Host == "mysql.ki1.org <
>>>>>>>>>>>>> http://mysql.ki1.org>") {*
>>>>>>>>>>>>> >>>>>> > *return (pass);*
>>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > *# HIT FUNCTION*
>>>>>>>>>>>>> >>>>>> > *# ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> > *sub vcl_hit {*
>>>>>>>>>>>>> >>>>>> > * # IF THIS IS A PURGE REQUEST THEN DO THE PURGE*
>>>>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> > * if (req.method == "PURGE") {*
>>>>>>>>>>>>> >>>>>> > * #*
>>>>>>>>>>>>> >>>>>> > * # This is now handled in vcl_recv.*
>>>>>>>>>>>>> >>>>>> > * #*
>>>>>>>>>>>>> >>>>>> > * # purge;*
>>>>>>>>>>>>> >>>>>> > * return (synth(200, "Purged."));*
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> > * return (deliver);*
>>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > *# MISS FUNCTION*
>>>>>>>>>>>>> >>>>>> > *# ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> > *sub vcl_miss {*
>>>>>>>>>>>>> >>>>>> > * if (req.method == "PURGE") {*
>>>>>>>>>>>>> >>>>>> > * #*
>>>>>>>>>>>>> >>>>>> > * # This is now handled in vcl_recv.*
>>>>>>>>>>>>> >>>>>> > * #*
>>>>>>>>>>>>> >>>>>> > * # purge;*
>>>>>>>>>>>>> >>>>>> > * return (synth(200, "Purged."));*
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> > * return (fetch);*
>>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > *# FETCH FUNCTION*
>>>>>>>>>>>>> >>>>>> > *# ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> > *sub vcl_backend_response {*
>>>>>>>>>>>>> >>>>>> > * # I SET THE VARY TO ACCEPT-ENCODING, THIS
>>>>>>>>>>>>> OVERRIDES W3TC *
>>>>>>>>>>>>> >>>>>> > * # TENDANCY TO SET VARY USER-AGENT. YOU MAY OR MAY
>>>>>>>>>>>>> NOT WANT*
>>>>>>>>>>>>> >>>>>> > * # TO DO THIS*
>>>>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> > * set beresp.http.Vary = "Accept-Encoding";*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > * # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE
>>>>>>>>>>>>> AMOUNT OF *
>>>>>>>>>>>>> >>>>>> > * # TIME THIS PAGE WILL STAY CACHED (TTL)*
>>>>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> > * if (!(bereq.url ~ "wp-(login|admin)") &&
>>>>>>>>>>>>> !bereq.http.cookie ~
>>>>>>>>>>>>> >>>>>> > "wordpress_logged_in" ) {*
>>>>>>>>>>>>> >>>>>> > * unset beresp.http.set-cookie;*
>>>>>>>>>>>>> >>>>>> > * set beresp.ttl = 52w;*
>>>>>>>>>>>>> >>>>>> > *# set beresp.grace =1w;*
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > * if (beresp.ttl <= 0s ||*
>>>>>>>>>>>>> >>>>>> > * beresp.http.Set-Cookie ||*
>>>>>>>>>>>>> >>>>>> > * beresp.http.Vary == "*") {*
>>>>>>>>>>>>> >>>>>> > * set beresp.ttl = 120 s;*
>>>>>>>>>>>>> >>>>>> > * # set beresp.ttl = 120s;*
>>>>>>>>>>>>> >>>>>> > * set beresp.uncacheable = true;*
>>>>>>>>>>>>> >>>>>> > * return (deliver);*
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > * return (deliver);*
>>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > *# DELIVER FUNCTION*
>>>>>>>>>>>>> >>>>>> > *# ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> > *sub vcl_deliver {*
>>>>>>>>>>>>> >>>>>> > * # IF THIS PAGE IS ALREADY CACHED THEN RETURN A
>>>>>>>>>>>>> 'HIT' TEXT *
>>>>>>>>>>>>> >>>>>> > * # IN THE HEADER (GREAT FOR DEBUGGING)*
>>>>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> > * if (obj.hits > 0) {*
>>>>>>>>>>>>> >>>>>> > * set resp.http.X-Cache = "HIT";*
>>>>>>>>>>>>> >>>>>> > * # IF THIS IS A MISS RETURN THAT IN THE HEADER*
>>>>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>>>>> ############################*
>>>>>>>>>>>>> >>>>>> > * } else {*
>>>>>>>>>>>>> >>>>>> > * set resp.http.X-Cache = "MISS";*
>>>>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> > Thanks,
>>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>>> >>>>>> -------------- next part --------------
>>>>>>>>>>>>> >>>>>> An HTML attachment was scrubbed...
>>>>>>>>>>>>> >>>>>> URL: <https://www.varnish-cache.org
>>>>>>>>>>>>> /lists/pipermail/varnish-misc/attachments/20160804/4e3f064a/
>>>>>>>>>>>>> attachment.html>
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> ------------------------------
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> _______________________________________________
>>>>>>>>>>>>> >>>>>> varnish-misc mailing list
>>>>>>>>>>>>> >>>>>> varnish-misc at varnish-cache.org
>>>>>>>>>>>>> >>>>>> https://www.varnish-cache.org/
>>>>>>>>>>>>> lists/mailman/listinfo/varnish-misc
>>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>>> >>>>>> End of varnish-misc Digest, Vol 125, Issue 14
>>>>>>>>>>>>> >>>>>> *********************************************
>>>>>>>>>>>>> >>>>>
>>>>>>>>>>>>> >>>>>
>>>>>>>>>>>>> >>>>>
>>>>>>>>>>>>> >>>>> _______________________________________________
>>>>>>>>>>>>> >>>>> varnish-misc mailing list
>>>>>>>>>>>>> >>>>> varnish-misc at varnish-cache.org
>>>>>>>>>>>>> >>>>> https://www.varnish-cache.org/
>>>>>>>>>>>>> lists/mailman/listinfo/varnish-misc
>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>> >>>> _______________________________________________
>>>>>>>>>>>>> >>>> varnish-misc mailing list
>>>>>>>>>>>>> >>>> varnish-misc at varnish-cache.org
>>>>>>>>>>>>> >>>> https://www.varnish-cache.org/
>>>>>>>>>>>>> lists/mailman/listinfo/varnish-misc
>>>>>>>>>>>>> >>>
>>>>>>>>>>>>> >>>
>>>>>>>>>>>>> >>
>>>>>>>>>>>>> >
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20160805/2f55af3a/attachment-0001.html>
More information about the varnish-misc
mailing list