Issues restricting HTTP purges based on an ACL

[Dridi Boukelmoune]

On Wed, Feb 26, 2014 at 5:13 PM, Andrew Langhorn
<andrew.langhorn at digital.cabinet-office.gov.uk> wrote:
>
> Hi Per,
>
> Yes - our CDN currently runs 2.1. I've tried Thomas' suggestion out, and I'm still able to purge from an IP I shouldn't be able to...

I can't help you with varnish 2.1, and obviously there is no standard
vmod before 3.0, and no custom logging (unless maybe with inline C)...

You can get the client.ip, http method, and request headers for each
request, can't you ?

Dridi

> Andrew