Varnish bypass return(pass) with php session_id
Christian Cantinelli
morphey at morphey.org
Tue Jun 28 12:15:30 CEST 2016
Hi,
I have a problem with varnish 4.1.2.
I have a setup like this:
++++++++++++
[...cut...]
sub vcl_recv {
set req.http.Host = regsub(req.http.Host, ":[0-9]+", "");
[...cut...]
if (req.http.Host ~ "^dev.mytest.it") {
return (pass);
}
[...cut....]
}
sub vcl_backend_response {
if (beresp.ttl < 120s) {
set beresp.ttl = 120s;
unset beresp.http.Cache-Control;
}
if ( (!(bereq.url ~ "(wp-(login|admin)|login)")) ||
(bereq.method == "GET") ) {
unset beresp.http.set-cookie;
set beresp.ttl = 1h;
}
if (bereq.url ~
"(?i)\.(jpe?g|png|gif|tiff|ico|pdf|swf|gz|bz2|xz|tgz|tbz|mp3|ogg|ogv|avi|flv|mp4|mpe?g|webm|woff|eot|otf|ttf|txt|html?|css|js)(\?.*)?$")
{
unset beresp.http.set-cookie;
set beresp.ttl = 1h;
} else {
set beresp.ttl = 4m;
}
}
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
} else {
set resp.http.X-Cache = "MISS";
}
set resp.http.Access-Control-Allow-Origin = "*";
}
sub vcl_hit {
if (req.method == "PURGE") {
return(synth(200,"OK"));
}
}
sub vcl_miss {
if (req.method == "PURGE") {
return(synth(404,"Not cached"));
}
}
[...cut...]
++++++++++++
And I have a page with this content:
++++++++++++
<?php
$a = session_id();
if(empty($a)) session_start();
echo "SID: ".SID."<br>session_id(): ".session_id()."<br>COOKIE:
".$_COOKIE["PHPSESSID"];
++++++++++++
If I make a request from the web server, PHP creates a session properly
and keeps it.
If the request passes for varnish, PHP creates a session for each call
without maintaining the previous.
Inquiry for varnish, however, is marked as a MISS (so it should be
completely bypassed).
Has anyone had a problem like that?
--
Chris
Unix System Administrator - Network Administrator
Programmer - Webdesigner - Webmaster
More information about the varnish-misc
mailing list