Issues restricting HTTP purges based on an ACL

Andrew Langhorn andrew.langhorn at
Wed Feb 26 18:19:17 CET 2014

On 26 February 2014 16:47, Dridi Boukelmoune
<dridi.boukelmoune at>wrote:

> On Wed, Feb 26, 2014 at 5:13 PM, Andrew Langhorn
> <andrew.langhorn at> wrote:
> >
> > Hi Per,
> >
> > Yes - our CDN currently runs 2.1. I've tried Thomas' suggestion out, and
> I'm still able to purge from an IP I shouldn't be able to...
> I can't help you with varnish 2.1, and obviously there is no standard
> vmod before 3.0, and no custom logging (unless maybe with inline C)...
I hope that we'll be able to upgrade to Varnish 3 in the near future -
until then, I'm afraid I'm still stuck with 2.1.

> You can get the client.ip, http method, and request headers for each

request, can't you ?

Yes, we appear to be able to - using the client IP works fine elsewhere in
our VCL. I'll see what else our vendor's support can come up with.

Kind regards,

Andrew Langhorn
Web Operations
Government Digital Service

e: andrew.langhorn at
t: +44 (0)7810 737375
a: 6th Floor, Aviation House, 125 Kingsway, London, WC2B 6NH
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the varnish-misc mailing list