XenForo default.vcl settings
Ayberk Kimsesiz
ayberk.kimsesiz at gmail.com
Thu Aug 4 22:54:50 CEST 2016
I added the code but it FAILED. In fact, i want to make people to be able
to login and register to /forum.
When i use these codes that works but MISS appears at the same time.
# FETCH FUNCTION
# ##########################################################
sub vcl_backend_response {
# I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC
# TENDANCY TO SET VARY USER-AGENT. YOU MAY OR MAY NOT WANT
# TO DO THIS
# ##########################################################
set beresp.http.Vary = "Accept-Encoding";
# IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF
# TIME THIS PAGE WILL STAY CACHED (TTL)
# ##########################################################
*if (beresp.http.Set-Cookie ~ "xf_(session|user)") *
*{ set beresp.uncacheable = true;*
* set beresp.ttl = 1w;*
* return (deliver);*
* }*
if (beresp.ttl <= 0s ||
beresp.http.Set-Cookie ||
beresp.http.Vary == "*") {
set beresp.ttl = 120 s;
# set beresp.ttl = 120s;
set beresp.uncacheable = true;
return (deliver);
}
return (deliver);
}
# DELIVER FUNCTION
# ##########################################################
sub vcl_deliver {
# IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT' TEXT
# IN THE HEADER (GREAT FOR DEBUGGING)
# ##########################################################
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
# IF THIS IS A MISS RETURN THAT IN THE HEADER
# ##########################################################
} else {
set resp.http.X-Cache = "MISS";
}
}
2016-08-04 22:50 GMT+03:00 Lane, Richard <rlane at ahbelo.com>:
> This was what I was talking about when I said you may need additional
> logic to handle both.
>
> You will need to add the cookie check along with the path for forum to
> that pass block. So something like...
>
> if( req.http.Cookie ~ "xf_(session|user)" && req.url ~ '^/forum.*') {
> return (pass);
> }
>
> On Thu, Aug 4, 2016 at 2:44 PM, Ayberk Kimsesiz <ayberk.kimsesiz at gmail.com
> > wrote:
>
>> Yes, i want /forum to be MISS, there is no problem. However, Wordpress
>> (homepage) shows MISS too.
>>
>> 2016-08-04 22:34 GMT+03:00 Lane, Richard <rlane at ahbelo.com>:
>>
>>> If you PASS then your request will not be cached. Varnish marks these
>>> non-cached items as a MISS since they go to the backend each time and
>>> therefore a miss and not a hit on cache.
>>>
>>> What were you expecting? Is this still requests with the forum cookies?
>>>
>>> If you want to cache request from logged in users you will need to add
>>> the specific user cookies to the hash so each user served their cached copy.
>>>
>>> On Thu, Aug 4, 2016 at 2:16 PM, Ayberk Kimsesiz <
>>> ayberk.kimsesiz at gmail.com> wrote:
>>>
>>>> If i use the given settings MISS appears in the Header.
>>>>
>>>> Accept-Ranges bytes
>>>> Age 0
>>>> Cache-control private, max-age=0
>>>> Content-Encoding gzip
>>>> Content-Length 10075
>>>> Content-Type text/html; charset=UTF-8
>>>> Date Thu, 04 Aug 2016 18:30:52 GMT
>>>> Expires Thu, 19 Nov 1981 08:52:00 GMT
>>>> Last-Modified Thu, 04 Aug 2016 18:30:52 GMT
>>>> Server Apache/2
>>>> Vary Accept-Encoding
>>>> Via 1.1 varnish-v4
>>>> X-Cache MISS
>>>>
>>>> What do you suggest me to do?
>>>>
>>>>
>>>>
>>>> 2016-08-04 19:07 GMT+03:00 Ayberk Kimsesiz <ayberk.kimsesiz at gmail.com>:
>>>>
>>>>> Finally!
>>>>> Login function is now working with the following settings but X-Cache
>>>>> shows MISS instead of HIT.
>>>>>
>>>>> #THE RECV FUNCTION
>>>>> # ##########################################################
>>>>> sub vcl_recv {
>>>>> if( req.http.Cookie ~ "xf_(session|user)") {
>>>>> return (pass);
>>>>> }
>>>>>
>>>>> # FETCH FUNCTION
>>>>> # ##########################################################
>>>>> sub vcl_backend_response {
>>>>>
>>>>> # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC
>>>>> # TENDANCY TO SET VARY USER-AGENT. YOU MAY OR MAY NOT WANT
>>>>> # TO DO THIS
>>>>> # ##########################################################
>>>>> set beresp.http.Vary = "Accept-Encoding";
>>>>>
>>>>> # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF
>>>>> # TIME THIS PAGE WILL STAY CACHED (TTL)
>>>>> # ##########################################################
>>>>> if (beresp.http.Set-Cookie ~ "xf_(session|user)")
>>>>> { set beresp.uncacheable = true;
>>>>> set beresp.ttl = 1w;
>>>>> return (deliver);
>>>>> }
>>>>>
>>>>> if (beresp.ttl <= 0s ||
>>>>> beresp.http.Set-Cookie ||
>>>>> beresp.http.Vary == "*") {
>>>>> set beresp.ttl = 120 s;
>>>>> # set beresp.ttl = 120s;
>>>>> set beresp.uncacheable = true;
>>>>> return (deliver);
>>>>> }
>>>>>
>>>>> return (deliver);
>>>>> }
>>>>>
>>>>> # DELIVER FUNCTION
>>>>> # ##########################################################
>>>>> sub vcl_deliver {
>>>>> # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT' TEXT
>>>>> # IN THE HEADER (GREAT FOR DEBUGGING)
>>>>> # ##########################################################
>>>>> if (obj.hits > 0) {
>>>>> set resp.http.X-Cache = "HIT";
>>>>> # IF THIS IS A MISS RETURN THAT IN THE HEADER
>>>>> # ##########################################################
>>>>> } else {
>>>>> set resp.http.X-Cache = "MISS";
>>>>> }
>>>>> }
>>>>>
>>>>> 2016-08-04 18:47 GMT+03:00 Ayberk Kimsesiz <ayberk.kimsesiz at gmail.com>
>>>>> :
>>>>>
>>>>>> Finally!
>>>>>> Login function is now working with the following settings but
>>>>>> X-Cache shows MISS instead of HIT.
>>>>>>
>>>>>>
>>>>>> *#THE RECV FUNCTION*
>>>>>> *# ##########################################################*
>>>>>> *sub vcl_recv { *
>>>>>> * if( req.http.Cookie ~ "xf_(session|user)") {*
>>>>>> * return (pass);*
>>>>>> * }*
>>>>>>
>>>>>>
>>>>>> *# FETCH FUNCTION*
>>>>>> *# ##########################################################*
>>>>>> *sub vcl_backend_response { *
>>>>>>
>>>>>> * # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC *
>>>>>> * # TENDANCY TO SET VARY USER-AGENT. YOU MAY OR MAY NOT WANT*
>>>>>> * # TO DO THIS*
>>>>>> * # ##########################################################*
>>>>>> * set beresp.http.Vary = "Accept-Encoding";*
>>>>>>
>>>>>> * # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF *
>>>>>> * # TIME THIS PAGE WILL STAY CACHED (TTL)*
>>>>>> * # ##########################################################*
>>>>>> *if (beresp.http.Set-Cookie ~ "xf_(session|user)") *
>>>>>> *{ set beresp.uncacheable = true;*
>>>>>> * set beresp.ttl = 1w;*
>>>>>> * return (deliver);*
>>>>>> * }*
>>>>>>
>>>>>> * if (beresp.ttl <= 0s ||*
>>>>>> * beresp.http.Set-Cookie ||*
>>>>>> * beresp.http.Vary == "*") {*
>>>>>> * set beresp.ttl = 120 s;*
>>>>>> * # set beresp.ttl = 120s;*
>>>>>> * set beresp.uncacheable = true;*
>>>>>> * return (deliver);*
>>>>>> * }*
>>>>>>
>>>>>> * return (deliver);*
>>>>>> *}*
>>>>>>
>>>>>> *# DELIVER FUNCTION*
>>>>>> *# ##########################################################*
>>>>>> *sub vcl_deliver {*
>>>>>> * # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT' TEXT *
>>>>>> * # IN THE HEADER (GREAT FOR DEBUGGING)*
>>>>>> * # ##########################################################*
>>>>>> * if (obj.hits > 0) {*
>>>>>> * set resp.http.X-Cache = "HIT";*
>>>>>> * # IF THIS IS A MISS RETURN THAT IN THE HEADER*
>>>>>> * # ##########################################################*
>>>>>> * } else {*
>>>>>> * set resp.http.X-Cache = "MISS";*
>>>>>> * }*
>>>>>> *}*
>>>>>>
>>>>>> 2016-08-04 18:02 GMT+03:00 Lane, Richard <rlane at ahbelo.com>:
>>>>>>
>>>>>>> I agree that the order of execution may be getting you here. If you
>>>>>>> need the WordPress rules then you may need to put additional logic to
>>>>>>> ensure non-wordpress applications are not negatively affected.
>>>>>>>
>>>>>>> What happens if you change the order of these two blocks? Put your
>>>>>>> Set-Cookie check block before the wp-login check.
>>>>>>>
>>>>>>> > # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF
>>>>>>> > # TIME THIS PAGE WILL STAY CACHED (TTL)
>>>>>>> > # ##########################################################
>>>>>>> > if (!(bereq.url ~ "wp-(login|admin)") && !bereq.http.cookie ~
>>>>>>> "wordpress_logged_in" ) {
>>>>>>> > unset beresp.http.set-cookie;
>>>>>>> > set beresp.ttl = 52w;
>>>>>>> > # set beresp.grace =1w;
>>>>>>> > }
>>>>>>> >
>>>>>>> > if (beresp.http.Set-Cookie ~ "xf_(session|user)") {
>>>>>>> > set beresp.uncacheable = true;
>>>>>>> > set beresp.ttl = 1w;
>>>>>>> > return (deliver);
>>>>>>> > }
>>>>>>>
>>>>>>> On Thu, Aug 4, 2016 at 9:50 AM, Andrei <lagged at gmail.com> wrote:
>>>>>>>
>>>>>>>> The log output suggests the xf_ cookie check in vcl_recv is not the
>>>>>>>> first thing to run as you pasted earlier. Also, looking a bit closer, your
>>>>>>>> issue the fact that you unset the cookie in vcl_backend_response if it's
>>>>>>>> not wordpress related. Again, you should really audit your entire VCL, and
>>>>>>>> remove unneeded stuff, like all the WordPress related rules if you're not
>>>>>>>> using it.
>>>>>>>>
>>>>>>>> On Thu, Aug 4, 2016 at 9:43 AM, Ayberk Kimsesiz <
>>>>>>>> ayberk.kimsesiz at gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Log message:
>>>>>>>>>
>>>>>>>>> [root at ns1 ~]# varnishlog | grep -A15 -B15 "PPPAASS"
>>>>>>>>> - ReqHeader If-None-Match: "1787d-5392dab8f2b4e-gzip"
>>>>>>>>> - ReqHeader If-Modified-Since: Wed, 03 Aug 2016 16:53:18 GMT
>>>>>>>>> - ReqHeader X-Forwarded-For: 95.5.187.232
>>>>>>>>> - VCL_call RECV
>>>>>>>>> - ReqHeader X-Actual-IP: 95.5.187.232
>>>>>>>>> - ReqUnset X-Forwarded-For: 95.5.187.232
>>>>>>>>> - ReqHeader X-Forwarded-For: 95.5.187.232, 95.5.187.232
>>>>>>>>> - ReqUnset Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>> pps_show_100=Th
>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>> pps_times_showed_100=1;
>>>>>>>>> __gads=ID=83a3a88cd0381f62:T=1470300206:S=ALNI_MawbfRUla
>>>>>>>>> wFoW2XT0IpqCIsH5v7bQ; xf_session=
>>>>>>>>> - ReqHeader Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>> pps_show_100=Th
>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>> pps_times_showed_100=1;
>>>>>>>>> xf_session=87bea6639553d44d72f0d612924b52ac; wordpress_t
>>>>>>>>> est_cookie=WP+Cookie+check
>>>>>>>>> - ReqUnset Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>> pps_show_100=Th
>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>> pps_times_showed_100=1;
>>>>>>>>> xf_session=87bea6639553d44d72f0d612924b52ac; wordpress_t
>>>>>>>>> est_cookie=WP+Cookie+check
>>>>>>>>> - ReqHeader Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>> pps_show_100=Th
>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>> pps_times_showed_100=1;
>>>>>>>>> xf_session=87bea6639553d44d72f0d612924b52ac; wordpress_t
>>>>>>>>> est_cookie=WP+Cookie+check
>>>>>>>>> - ReqUnset X-Forwarded-For: 95.5.187.232, 95.5.187.232
>>>>>>>>> - ReqHeader X-Forwarded-For: 95.5.187.232, 95.5.187.232,
>>>>>>>>> 95.5.187.232
>>>>>>>>> - ReqUnset Accept-Encoding: gzip, deflate, sdch
>>>>>>>>> - ReqHeader Accept-Encoding: gzip
>>>>>>>>> - VCL_Log PPPAASS
>>>>>>>>> - VCL_return pass
>>>>>>>>> - VCL_call HASH
>>>>>>>>> - VCL_return lookup
>>>>>>>>> - VCL_call PASS
>>>>>>>>> - VCL_return fetch
>>>>>>>>> - Link bereq 524435 pass
>>>>>>>>> - Timestamp Fetch: 1470321283.617655 0.005758 0.005758
>>>>>>>>> - RespProtocol HTTP/1.1
>>>>>>>>> - RespStatus 200
>>>>>>>>> - RespReason OK
>>>>>>>>> - RespHeader Date: Thu, 04 Aug 2016 14:34:43 GMT
>>>>>>>>> - RespHeader Server: Apache/2
>>>>>>>>> - RespHeader Last-Modified: Wed, 03 Aug 2016 16:53:18 GMT
>>>>>>>>> - RespHeader ETag: "1787d-5392dab8f2b4e-gzip"
>>>>>>>>> - RespHeader Accept-Ranges: bytes
>>>>>>>>> --
>>>>>>>>> - ReqHeader If-Modified-Since: Thu, 04 Aug 2016 09:32:51 GMT
>>>>>>>>> - ReqHeader X-Forwarded-For: 95.5.187.232
>>>>>>>>> - VCL_call RECV
>>>>>>>>> - ReqHeader X-Actual-IP: 95.5.187.232
>>>>>>>>> - ReqUnset X-Forwarded-For: 95.5.187.232
>>>>>>>>> - ReqHeader X-Forwarded-For: 95.5.187.232, 95.5.187.232
>>>>>>>>> - ReqUnset Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>> pps_show_100=Th
>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>> pps_times_showed_100=1;
>>>>>>>>> __gads=ID=83a3a88cd0381f62:T=1470300206:S=ALNI_MawbfRUla
>>>>>>>>> wFoW2XT0IpqCIsH5v7bQ; xf_session=
>>>>>>>>> - ReqHeader Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>> pps_show_100=Th
>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>> pps_times_showed_100=1;
>>>>>>>>> xf_session=87bea6639553d44d72f0d612924b52ac; wordpress_t
>>>>>>>>> est_cookie=WP+Cookie+check
>>>>>>>>> - ReqUnset Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>> pps_show_100=Th
>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>> pps_times_showed_100=1;
>>>>>>>>> xf_session=87bea6639553d44d72f0d612924b52ac; wordpress_t
>>>>>>>>> est_cookie=WP+Cookie+check
>>>>>>>>> - ReqHeader Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>> pps_show_100=Th
>>>>>>>>>
>>>>>>>>> 2016-08-04 17:24 GMT+03:00 Lane, Richard <rlane at ahbelo.com>:
>>>>>>>>>
>>>>>>>>>> I assume you reloaded/restarted Varnish after these changes were
>>>>>>>>>> made. If so, can you verify that you do have the cookies set on the request?
>>>>>>>>>>
>>>>>>>>>> maybe add this log message right before returning
>>>>>>>>>>
>>>>>>>>>> if(req.http.Cookie ~ "xf_(session|user)") {
>>>>>>>>>> std.log( "PPPAASS Cookie set for forum");
>>>>>>>>>> return (pass);
>>>>>>>>>>
>>>>>>>>>> }
>>>>>>>>>>
>>>>>>>>>> Then you can use varnishlog command (below) to verify cookie is
>>>>>>>>>> found
>>>>>>>>>>
>>>>>>>>>> varnishlog | grep -A15 -B15 "PPPAASS"
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Cheers,
>>>>>>>>>> Richard
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Thu, Aug 4, 2016 at 9:06 AM, Ayberk Kimsesiz <
>>>>>>>>>> ayberk.kimsesiz at gmail.com> wrote:
>>>>>>>>>> >
>>>>>>>>>> > First of all, thank you. However the problem continues. Can you
>>>>>>>>>> examine the codes?
>>>>>>>>>> >
>>>>>>>>>> >
>>>>>>>>>> > /* SET THE HOST AND PORT OF WORDPRESS
>>>>>>>>>> > * *********************************************************/
>>>>>>>>>> > vcl 4.0;
>>>>>>>>>> > import std;
>>>>>>>>>> >
>>>>>>>>>> > backend default {
>>>>>>>>>> > .host = "*******";
>>>>>>>>>> > .port = "8080";
>>>>>>>>>> > .connect_timeout = 600s;
>>>>>>>>>> > .first_byte_timeout = 600s;
>>>>>>>>>> > .between_bytes_timeout = 600s;
>>>>>>>>>> > .max_connections = 800;
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > # SET THE ALLOWED IP OF PURGE REQUESTS
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> > acl purge {
>>>>>>>>>> > "localhost";
>>>>>>>>>> > "127.0.0.1";
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > #THE RECV FUNCTION
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> > sub vcl_recv {
>>>>>>>>>> >
>>>>>>>>>> > if(req.http.Cookie ~ "xf_(session|user)") {
>>>>>>>>>> > return (pass);
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > # set realIP by trimming CloudFlare IP which will be used for
>>>>>>>>>> various checks
>>>>>>>>>> > set req.http.X-Actual-IP = regsub(req.http.X-Forwarded-For,
>>>>>>>>>> "[, ].*$", "");
>>>>>>>>>> >
>>>>>>>>>> > # FORWARD THE IP OF THE REQUEST
>>>>>>>>>> > if (req.restarts == 0) {
>>>>>>>>>> > if (req.http.x-forwarded-for) {
>>>>>>>>>> > set req.http.X-Forwarded-For =
>>>>>>>>>> > req.http.X-Forwarded-For + ", " + client.ip;
>>>>>>>>>> > } else {
>>>>>>>>>> > set req.http.X-Forwarded-For = client.ip;
>>>>>>>>>> > }
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > # Purge request check sections for hash_always_miss, purge and
>>>>>>>>>> ban
>>>>>>>>>> > # BLOCK IF NOT IP is not in purge acl
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> >
>>>>>>>>>> > # Enable smart refreshing using hash_always_miss
>>>>>>>>>> > if (req.http.Cache-Control ~ "no-cache") {
>>>>>>>>>> > if (client.ip ~ purge || !std.ip(req.http.X-Actual-IP,
>>>>>>>>>> "1.2.3.4") ~ purge) {
>>>>>>>>>> > set req.hash_always_miss = true;
>>>>>>>>>> > }
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > if (req.method == "PURGE") {
>>>>>>>>>> > if (!client.ip ~ purge || !std.ip(req.http.X-Actual-IP,
>>>>>>>>>> "1.2.3.4") ~ purge) {
>>>>>>>>>> > return(synth(405,"Not allowed."));
>>>>>>>>>> > }
>>>>>>>>>> > return (purge);
>>>>>>>>>> >
>>>>>>>>>> > }
>>>>>>>>>> > if (req.method == "BAN") {
>>>>>>>>>> > # Same ACL check as above:
>>>>>>>>>> > if (!client.ip ~ purge || !std.ip(req.http.X-Actual-IP,
>>>>>>>>>> "1.2.3.4") ~ purge) {
>>>>>>>>>> > return(synth(403, "Not allowed."));
>>>>>>>>>> > }
>>>>>>>>>> > ban("req.http.host == " + req.http.host +
>>>>>>>>>> > " && req.url == " + req.url);
>>>>>>>>>> >
>>>>>>>>>> > # Throw a synthetic page so the
>>>>>>>>>> > # request won't go to the backend.
>>>>>>>>>> > return(synth(200, "Ban added"));
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> >
>>>>>>>>>> > # Unset cloudflare cookies
>>>>>>>>>> > # Remove has_js and CloudFlare/Google Analytics __* cookies.
>>>>>>>>>> > set req.http.Cookie = regsuball(req.http.Cookie,
>>>>>>>>>> "(^|;\s*)(_[_a-z]+|has_js)=[^;]*", "");
>>>>>>>>>> > # Remove a ";" prefix, if present.
>>>>>>>>>> > set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", "");
>>>>>>>>>> >
>>>>>>>>>> > # For Testing: If you want to test with Varnish passing (not
>>>>>>>>>> caching) uncomment
>>>>>>>>>> > # return( pass );
>>>>>>>>>> >
>>>>>>>>>> > # FORWARD THE IP OF THE REQUEST
>>>>>>>>>> > if (req.restarts == 0) {
>>>>>>>>>> > if (req.http.x-forwarded-for) {
>>>>>>>>>> > set req.http.X-Forwarded-For =
>>>>>>>>>> > req.http.X-Forwarded-For + ", " + client.ip;
>>>>>>>>>> > } else {
>>>>>>>>>> > set req.http.X-Forwarded-For = client.ip;
>>>>>>>>>> > }
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > # DO NOT CACHE RSS FEED
>>>>>>>>>> > if (req.url ~ "/feed(/)?") {
>>>>>>>>>> > return ( pass );
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > ## Do not cache search results, comment these 3 lines if you do
>>>>>>>>>> want to cache them
>>>>>>>>>> >
>>>>>>>>>> > if (req.url ~ "/\?s\=") {
>>>>>>>>>> > return ( pass );
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > # CLEAN UP THE ENCODING HEADER.
>>>>>>>>>> > # SET TO GZIP, DEFLATE, OR REMOVE ENTIRELY. WITH VARY
>>>>>>>>>> ACCEPT-ENCODING
>>>>>>>>>> > # VARNISH WILL CREATE SEPARATE CACHES FOR EACH
>>>>>>>>>> > # DO NOT ACCEPT-ENCODING IMAGES, ZIPPED FILES, AUDIO, ETC.
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> > if (req.http.Accept-Encoding) {
>>>>>>>>>> > if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {
>>>>>>>>>> > # No point in compressing these
>>>>>>>>>> > unset req.http.Accept-Encoding;
>>>>>>>>>> > } elsif (req.http.Accept-Encoding ~ "gzip") {
>>>>>>>>>> > set req.http.Accept-Encoding = "gzip";
>>>>>>>>>> > } elsif (req.http.Accept-Encoding ~ "deflate") {
>>>>>>>>>> > set req.http.Accept-Encoding = "deflate";
>>>>>>>>>> > } else {
>>>>>>>>>> > # unknown algorithm
>>>>>>>>>> > unset req.http.Accept-Encoding;
>>>>>>>>>> > }
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > # PIPE ALL NON-STANDARD REQUESTS
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> > if (req.method != "GET" &&
>>>>>>>>>> > req.method != "HEAD" &&
>>>>>>>>>> > req.method != "PUT" &&
>>>>>>>>>> > req.method != "POST" &&
>>>>>>>>>> > req.method != "TRACE" &&
>>>>>>>>>> > req.method != "OPTIONS" &&
>>>>>>>>>> > req.method != "DELETE") {
>>>>>>>>>> > return (pipe);
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > # ONLY CACHE GET AND HEAD REQUESTS
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> > if (req.method != "GET" && req.method != "HEAD") {
>>>>>>>>>> > return (pass);
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > # OPTIONAL: DO NOT CACHE LOGGED IN USERS (THIS OCCURS IN
>>>>>>>>>> FETCH TOO, EITHER
>>>>>>>>>> > # COMMENT OR UNCOMMENT BOTH
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> > if ( req.http.cookie ~ "wordpress_logged_in" ) {
>>>>>>>>>> > return( pass );
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > # IF THE REQUEST IS NOT FOR A PREVIEW, WP-ADMIN OR WP-LOGIN
>>>>>>>>>> > # THEN UNSET THE COOKIES
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> > if (!(req.url ~ "wp-(login|admin)")
>>>>>>>>>> > && !(req.url ~ "&preview=true" )
>>>>>>>>>> > ){
>>>>>>>>>> > unset req.http.cookie;
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > # IF BASIC AUTH IS ON THEN DO NOT CACHE
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> > if (req.http.Authorization || req.http.Cookie) {
>>>>>>>>>> > return (pass);
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > # IF YOU GET HERE THEN THIS REQUEST SHOULD BE CACHED
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> > return (hash);
>>>>>>>>>> > # This is for phpmyadmin
>>>>>>>>>> > if (req.http.Host == "ki1.org") {
>>>>>>>>>> > return (pass);
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > if (req.http.Host == "mysql.ki1.org") {
>>>>>>>>>> > return (pass);
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > # HIT FUNCTION
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> > sub vcl_hit {
>>>>>>>>>> > # IF THIS IS A PURGE REQUEST THEN DO THE PURGE
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> > if (req.method == "PURGE") {
>>>>>>>>>> > #
>>>>>>>>>> > # This is now handled in vcl_recv.
>>>>>>>>>> > #
>>>>>>>>>> > # purge;
>>>>>>>>>> > return (synth(200, "Purged."));
>>>>>>>>>> > }
>>>>>>>>>> > return (deliver);
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > # MISS FUNCTION
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> > sub vcl_miss {
>>>>>>>>>> > if (req.method == "PURGE") {
>>>>>>>>>> > #
>>>>>>>>>> > # This is now handled in vcl_recv.
>>>>>>>>>> > #
>>>>>>>>>> > # purge;
>>>>>>>>>> > return (synth(200, "Purged."));
>>>>>>>>>> > }
>>>>>>>>>> > return (fetch);
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > # FETCH FUNCTION
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> > sub vcl_backend_response {
>>>>>>>>>> > # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC
>>>>>>>>>> > # TENDANCY TO SET VARY USER-AGENT. YOU MAY OR MAY NOT WANT
>>>>>>>>>> > # TO DO THIS
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> > set beresp.http.Vary = "Accept-Encoding";
>>>>>>>>>> >
>>>>>>>>>> > # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF
>>>>>>>>>> > # TIME THIS PAGE WILL STAY CACHED (TTL)
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> > if (!(bereq.url ~ "wp-(login|admin)") && !bereq.http.cookie ~
>>>>>>>>>> "wordpress_logged_in" ) {
>>>>>>>>>> > unset beresp.http.set-cookie;
>>>>>>>>>> > set beresp.ttl = 52w;
>>>>>>>>>> > # set beresp.grace =1w;
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > if (beresp.http.Set-Cookie ~ "xf_(session|user)") {
>>>>>>>>>> > set beresp.uncacheable = true;
>>>>>>>>>> > set beresp.ttl = 1w;
>>>>>>>>>> > return (deliver);
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> >
>>>>>>>>>> > if (beresp.ttl <= 0s ||
>>>>>>>>>> > beresp.http.Set-Cookie ||
>>>>>>>>>> > beresp.http.Vary == "*") {
>>>>>>>>>> > set beresp.ttl = 120 s;
>>>>>>>>>> > # set beresp.ttl = 120s;
>>>>>>>>>> > set beresp.uncacheable = true;
>>>>>>>>>> > return (deliver);
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > return (deliver);
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> > # DELIVER FUNCTION
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> > sub vcl_deliver {
>>>>>>>>>> > # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT' TEXT
>>>>>>>>>> > # IN THE HEADER (GREAT FOR DEBUGGING)
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> > if (obj.hits > 0) {
>>>>>>>>>> > set resp.http.X-Cache = "HIT";
>>>>>>>>>> > # IF THIS IS A MISS RETURN THAT IN THE HEADER
>>>>>>>>>> > # ##########################################################
>>>>>>>>>> > } else {
>>>>>>>>>> > set resp.http.X-Cache = "MISS";
>>>>>>>>>> > }
>>>>>>>>>> > }
>>>>>>>>>> >
>>>>>>>>>> >
>>>>>>>>>> >
>>>>>>>>>> > 2016-08-04 16:36 GMT+03:00 Andrei <lagged at gmail.com>:
>>>>>>>>>> >>
>>>>>>>>>> >> correction:
>>>>>>>>>> >>
>>>>>>>>>> >> sub vcl_recv {
>>>>>>>>>> >> if(req.http.Cookie ~ "xf_(session|user)") {
>>>>>>>>>> >> return (pass);
>>>>>>>>>> >> }
>>>>>>>>>> >> }
>>>>>>>>>> >>
>>>>>>>>>> >> sub vcl_backend_response {
>>>>>>>>>> >> if (beresp.http.Set-Cookie ~ "xf_(session|user)") {
>>>>>>>>>> >> set beresp.uncacheable = true;
>>>>>>>>>> >> set beresp.ttl = 1w;
>>>>>>>>>> >> return (deliver);
>>>>>>>>>> >> }
>>>>>>>>>> >> }
>>>>>>>>>> >>
>>>>>>>>>> >> On Thu, Aug 4, 2016 at 8:34 AM, Andrei <lagged at gmail.com>
>>>>>>>>>> wrote:
>>>>>>>>>> >>>
>>>>>>>>>> >>> Hello,
>>>>>>>>>> >>>
>>>>>>>>>> >>> Aside from the provided VCL being for WordPress, while you're
>>>>>>>>>> running XenForo, the xf_ cookies are being dropped by your config. A quick
>>>>>>>>>> fix is:
>>>>>>>>>> >>>
>>>>>>>>>> >>> sub vcl_recv {
>>>>>>>>>> >>> if( req.http.Cookie ~ "xf_(session|user)") {
>>>>>>>>>> >>> return (pass);
>>>>>>>>>> >>> }
>>>>>>>>>> >>> }
>>>>>>>>>> >>>
>>>>>>>>>> >>> sub vcl_backend_response {
>>>>>>>>>> >>> if (req.http.Cookie ~ "xf_(session|user)") {
>>>>>>>>>> >>> set beresp.uncacheable = true;
>>>>>>>>>> >>> set beresp.ttl = 1w;
>>>>>>>>>> >>> return (deliver);
>>>>>>>>>> >>> }
>>>>>>>>>> >>> }
>>>>>>>>>> >>>
>>>>>>>>>> >>> However, I suggest auditing your VCL, and only including
>>>>>>>>>> rules specific to the application(s) which you are running.
>>>>>>>>>> >>>
>>>>>>>>>> >>>
>>>>>>>>>> >>> On Thu, Aug 4, 2016 at 8:09 AM, Ayberk Kimsesiz <
>>>>>>>>>> ayberk.kimsesiz at gmail.com> wrote:
>>>>>>>>>> >>>>
>>>>>>>>>> >>>> Users can't login or register to domain.com/forum with the
>>>>>>>>>> current settings. So we need to make a change related to xf_user and
>>>>>>>>>> xf_session but how?
>>>>>>>>>> >>>>
>>>>>>>>>> >>>>
>>>>>>>>>> >>>>
>>>>>>>>>> >>>> 2016-08-04 15:26 GMT+03:00 Lane, Richard <rlane at ahbelo.com>:
>>>>>>>>>> >>>>>
>>>>>>>>>> >>>>> If you want Varnish to ignore request for a path you need
>>>>>>>>>> to tell it to pass. In your example you have a rule for the RSS feed. You
>>>>>>>>>> can do the same for /forum/ in your vcl_recv block.
>>>>>>>>>> >>>>>
>>>>>>>>>> >>>>> *# DO NOT CACHE RSS FEED*
>>>>>>>>>> >>>>> * if (req.url ~ "/feed(/)?") {*
>>>>>>>>>> >>>>> * return ( pass ); *
>>>>>>>>>> >>>>> *}*
>>>>>>>>>> >>>>>
>>>>>>>>>> >>>>> *# DO NOT CACHE FORUM*
>>>>>>>>>> >>>>> if (req.url ~ "/forum(/)?") {
>>>>>>>>>> >>>>> return ( pass );
>>>>>>>>>> >>>>> }
>>>>>>>>>> >>>>>
>>>>>>>>>> >>>>> Cheers,
>>>>>>>>>> >>>>> Richard
>>>>>>>>>> >>>>>
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> Message: 1
>>>>>>>>>> >>>>>> Date: Wed, 3 Aug 2016 23:34:40 +0300
>>>>>>>>>> >>>>>> From: Ayberk Kimsesiz <ayberk.kimsesiz at gmail.com>
>>>>>>>>>> >>>>>> To: varnish-misc <varnish-misc at varnish-cache.org>
>>>>>>>>>> >>>>>> Subject: XenForo default.vcl settings
>>>>>>>>>> >>>>>> Message-ID:
>>>>>>>>>> >>>>>> <CAPQGzE29n1QOmHarn9L-9ztquGfe
>>>>>>>>>> u-AwNJUaDrHm_w-5BXmA_Q at mail.gmail.com>
>>>>>>>>>> >>>>>> Content-Type: text/plain; charset="utf-8"
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> Hi,
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> Could you please share the appropriate Default.vcl
>>>>>>>>>> settings for XenForo
>>>>>>>>>> >>>>>> Forums? No one can register to the forum at the moment. My
>>>>>>>>>> current
>>>>>>>>>> >>>>>> Default.vcl settings are as follows.
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> Forum address: domain.com/forum
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> */* SET THE HOST AND PORT OF WORDPRESS*
>>>>>>>>>> >>>>>> * * ******************************
>>>>>>>>>> ***************************/*
>>>>>>>>>> >>>>>> *vcl 4.0;*
>>>>>>>>>> >>>>>> *import std;*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> *backend default {*
>>>>>>>>>> >>>>>> * .host = "*******";*
>>>>>>>>>> >>>>>> * .port = "8080";*
>>>>>>>>>> >>>>>> * .connect_timeout = 600s;*
>>>>>>>>>> >>>>>> * .first_byte_timeout = 600s;*
>>>>>>>>>> >>>>>> * .between_bytes_timeout = 600s;*
>>>>>>>>>> >>>>>> * .max_connections = 800;*
>>>>>>>>>> >>>>>> *}*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> *# SET THE ALLOWED IP OF PURGE REQUESTS*
>>>>>>>>>> >>>>>> *# ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> *acl purge {*
>>>>>>>>>> >>>>>> * "localhost";*
>>>>>>>>>> >>>>>> * "127.0.0.1";*
>>>>>>>>>> >>>>>> *}*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> *#THE RECV FUNCTION*
>>>>>>>>>> >>>>>> *# ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> *sub vcl_recv {*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> *# set realIP by trimming CloudFlare IP which will be used
>>>>>>>>>> for various
>>>>>>>>>> >>>>>> checks*
>>>>>>>>>> >>>>>> *set req.http.X-Actual-IP = regsub(req.http.X-Forwarded-For,
>>>>>>>>>> "[, ].*$",
>>>>>>>>>> >>>>>> ""); *
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> * # FORWARD THE IP OF THE REQUEST*
>>>>>>>>>> >>>>>> * if (req.restarts == 0) {*
>>>>>>>>>> >>>>>> * if (req.http.x-forwarded-for) {*
>>>>>>>>>> >>>>>> * set req.http.X-Forwarded-For =*
>>>>>>>>>> >>>>>> * req.http.X-Forwarded-For + ", " + client.ip;*
>>>>>>>>>> >>>>>> * } else {*
>>>>>>>>>> >>>>>> * set req.http.X-Forwarded-For = client.ip;*
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> * # Purge request check sections for hash_always_miss,
>>>>>>>>>> purge and ban*
>>>>>>>>>> >>>>>> * # BLOCK IF NOT IP is not in purge acl*
>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> * # Enable smart refreshing using hash_always_miss*
>>>>>>>>>> >>>>>> *if (req.http.Cache-Control ~ "no-cache") {*
>>>>>>>>>> >>>>>> * if (client.ip ~ purge ||
>>>>>>>>>> !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~
>>>>>>>>>> >>>>>> purge) {*
>>>>>>>>>> >>>>>> * set req.hash_always_miss = true;*
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>> *}*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> *if (req.method == "PURGE") {*
>>>>>>>>>> >>>>>> * if (!client.ip ~ purge ||
>>>>>>>>>> !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~
>>>>>>>>>> >>>>>> purge) {*
>>>>>>>>>> >>>>>> * return(synth(405,"Not allowed."));*
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>> * return (purge);*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>> *if (req.method == "BAN") {*
>>>>>>>>>> >>>>>> * # Same ACL check as above:*
>>>>>>>>>> >>>>>> * if (!client.ip ~ purge ||
>>>>>>>>>> !std.ip(req.http.X-Actual-IP, "1.2.3.4")
>>>>>>>>>> >>>>>> ~ purge) {*
>>>>>>>>>> >>>>>> * return(synth(403, "Not
>>>>>>>>>> allowed."));*
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>> * ban("req.http.host == " + req.http.host +*
>>>>>>>>>> >>>>>> * " && req.url == " + req.url);*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> * # Throw a synthetic page so the*
>>>>>>>>>> >>>>>> * # request won't go to the backend.*
>>>>>>>>>> >>>>>> * return(synth(200, "Ban added"));*
>>>>>>>>>> >>>>>> *}*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> *# Unset cloudflare cookies*
>>>>>>>>>> >>>>>> *# Remove has_js and CloudFlare/Google Analytics __*
>>>>>>>>>> cookies.*
>>>>>>>>>> >>>>>> * set req.http.Cookie = regsuball(req.http.Cookie,
>>>>>>>>>> >>>>>> "(^|;\s*)(_[_a-z]+|has_js)=[^;]*", "");*
>>>>>>>>>> >>>>>> * # Remove a ";" prefix, if present.*
>>>>>>>>>> >>>>>> * set req.http.Cookie = regsub(req.http.Cookie,
>>>>>>>>>> "^;\s*", "");*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> * # For Testing: If you want to test with Varnish passing
>>>>>>>>>> (not caching)
>>>>>>>>>> >>>>>> uncomment*
>>>>>>>>>> >>>>>> * # return( pass );*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> * # FORWARD THE IP OF THE REQUEST*
>>>>>>>>>> >>>>>> * if (req.restarts == 0) {*
>>>>>>>>>> >>>>>> * if (req.http.x-forwarded-for) {*
>>>>>>>>>> >>>>>> * set req.http.X-Forwarded-For =*
>>>>>>>>>> >>>>>> * req.http.X-Forwarded-For + ", " + client.ip;*
>>>>>>>>>> >>>>>> * } else {*
>>>>>>>>>> >>>>>> * set req.http.X-Forwarded-For = client.ip;*
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> *# DO NOT CACHE RSS FEED*
>>>>>>>>>> >>>>>> * if (req.url ~ "/feed(/)?") {*
>>>>>>>>>> >>>>>> * return ( pass ); *
>>>>>>>>>> >>>>>> *}*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> *## Do not cache search results, comment these 3 lines if
>>>>>>>>>> you do want to
>>>>>>>>>> >>>>>> cache them*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> *if (req.url ~ "/\?s\=") {*
>>>>>>>>>> >>>>>> * return ( pass ); *
>>>>>>>>>> >>>>>> *}*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> *# CLEAN UP THE ENCODING HEADER.*
>>>>>>>>>> >>>>>> * # SET TO GZIP, DEFLATE, OR REMOVE ENTIRELY. WITH VARY
>>>>>>>>>> ACCEPT-ENCODING*
>>>>>>>>>> >>>>>> * # VARNISH WILL CREATE SEPARATE CACHES FOR EACH*
>>>>>>>>>> >>>>>> * # DO NOT ACCEPT-ENCODING IMAGES, ZIPPED FILES, AUDIO,
>>>>>>>>>> ETC.*
>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> * if (req.http.Accept-Encoding) {*
>>>>>>>>>> >>>>>> * if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$")
>>>>>>>>>> {*
>>>>>>>>>> >>>>>> * # No point in compressing these*
>>>>>>>>>> >>>>>> * unset req.http.Accept-Encoding;*
>>>>>>>>>> >>>>>> * } elsif (req.http.Accept-Encoding ~ "gzip") {*
>>>>>>>>>> >>>>>> * set req.http.Accept-Encoding = "gzip";*
>>>>>>>>>> >>>>>> * } elsif (req.http.Accept-Encoding ~ "deflate") {*
>>>>>>>>>> >>>>>> * set req.http.Accept-Encoding = "deflate";*
>>>>>>>>>> >>>>>> * } else {*
>>>>>>>>>> >>>>>> * # unknown algorithm*
>>>>>>>>>> >>>>>> * unset req.http.Accept-Encoding;*
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> * # PIPE ALL NON-STANDARD REQUESTS*
>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> * if (req.method != "GET" &&*
>>>>>>>>>> >>>>>> * req.method != "HEAD" &&*
>>>>>>>>>> >>>>>> * req.method != "PUT" && *
>>>>>>>>>> >>>>>> * req.method != "POST" &&*
>>>>>>>>>> >>>>>> * req.method != "TRACE" &&*
>>>>>>>>>> >>>>>> * req.method != "OPTIONS" &&*
>>>>>>>>>> >>>>>> * req.method != "DELETE") {*
>>>>>>>>>> >>>>>> * return (pipe);*
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> * # ONLY CACHE GET AND HEAD REQUESTS*
>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> * if (req.method != "GET" && req.method != "HEAD") {*
>>>>>>>>>> >>>>>> * return (pass);*
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> * # OPTIONAL: DO NOT CACHE LOGGED IN USERS (THIS OCCURS
>>>>>>>>>> IN FETCH TOO,
>>>>>>>>>> >>>>>> EITHER*
>>>>>>>>>> >>>>>> * # COMMENT OR UNCOMMENT BOTH*
>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> * if ( req.http.cookie ~ "wordpress_logged_in" ) {*
>>>>>>>>>> >>>>>> * return( pass );*
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> * # IF THE REQUEST IS NOT FOR A PREVIEW, WP-ADMIN OR
>>>>>>>>>> WP-LOGIN*
>>>>>>>>>> >>>>>> * # THEN UNSET THE COOKIES*
>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> * if (!(req.url ~ "wp-(login|admin)") *
>>>>>>>>>> >>>>>> * && !(req.url ~ "&preview=true" ) *
>>>>>>>>>> >>>>>> * ){*
>>>>>>>>>> >>>>>> * unset req.http.cookie;*
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> * # IF BASIC AUTH IS ON THEN DO NOT CACHE*
>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> * if (req.http.Authorization || req.http.Cookie) {*
>>>>>>>>>> >>>>>> * return (pass);*
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> * # IF YOU GET HERE THEN THIS REQUEST SHOULD BE CACHED*
>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> * return (hash);*
>>>>>>>>>> >>>>>> * # This is for phpmyadmin*
>>>>>>>>>> >>>>>> *if (req.http.Host == "ki1.org <http://ki1.org>") {*
>>>>>>>>>> >>>>>> *return (pass);*
>>>>>>>>>> >>>>>> *}*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> *if (req.http.Host == "mysql.ki1.org <http://mysql.ki1.org>")
>>>>>>>>>> {*
>>>>>>>>>> >>>>>> *return (pass);*
>>>>>>>>>> >>>>>> *}*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> *}*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> *# HIT FUNCTION*
>>>>>>>>>> >>>>>> *# ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> *sub vcl_hit {*
>>>>>>>>>> >>>>>> * # IF THIS IS A PURGE REQUEST THEN DO THE PURGE*
>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> * if (req.method == "PURGE") {*
>>>>>>>>>> >>>>>> * #*
>>>>>>>>>> >>>>>> * # This is now handled in vcl_recv.*
>>>>>>>>>> >>>>>> * #*
>>>>>>>>>> >>>>>> * # purge;*
>>>>>>>>>> >>>>>> * return (synth(200, "Purged."));*
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>> * return (deliver);*
>>>>>>>>>> >>>>>> *}*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> *# MISS FUNCTION*
>>>>>>>>>> >>>>>> *# ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> *sub vcl_miss {*
>>>>>>>>>> >>>>>> * if (req.method == "PURGE") {*
>>>>>>>>>> >>>>>> * #*
>>>>>>>>>> >>>>>> * # This is now handled in vcl_recv.*
>>>>>>>>>> >>>>>> * #*
>>>>>>>>>> >>>>>> * # purge;*
>>>>>>>>>> >>>>>> * return (synth(200, "Purged."));*
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>> * return (fetch);*
>>>>>>>>>> >>>>>> *}*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> *# FETCH FUNCTION*
>>>>>>>>>> >>>>>> *# ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> *sub vcl_backend_response {*
>>>>>>>>>> >>>>>> * # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES
>>>>>>>>>> W3TC *
>>>>>>>>>> >>>>>> * # TENDANCY TO SET VARY USER-AGENT. YOU MAY OR MAY NOT
>>>>>>>>>> WANT*
>>>>>>>>>> >>>>>> * # TO DO THIS*
>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> * set beresp.http.Vary = "Accept-Encoding";*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> * # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT
>>>>>>>>>> OF *
>>>>>>>>>> >>>>>> * # TIME THIS PAGE WILL STAY CACHED (TTL)*
>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> * if (!(bereq.url ~ "wp-(login|admin)") &&
>>>>>>>>>> !bereq.http.cookie ~
>>>>>>>>>> >>>>>> "wordpress_logged_in" ) {*
>>>>>>>>>> >>>>>> * unset beresp.http.set-cookie;*
>>>>>>>>>> >>>>>> * set beresp.ttl = 52w;*
>>>>>>>>>> >>>>>> *# set beresp.grace =1w;*
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> * if (beresp.ttl <= 0s ||*
>>>>>>>>>> >>>>>> * beresp.http.Set-Cookie ||*
>>>>>>>>>> >>>>>> * beresp.http.Vary == "*") {*
>>>>>>>>>> >>>>>> * set beresp.ttl = 120 s;*
>>>>>>>>>> >>>>>> * # set beresp.ttl = 120s;*
>>>>>>>>>> >>>>>> * set beresp.uncacheable = true;*
>>>>>>>>>> >>>>>> * return (deliver);*
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> * return (deliver);*
>>>>>>>>>> >>>>>> *}*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> *# DELIVER FUNCTION*
>>>>>>>>>> >>>>>> *# ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> *sub vcl_deliver {*
>>>>>>>>>> >>>>>> * # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT'
>>>>>>>>>> TEXT *
>>>>>>>>>> >>>>>> * # IN THE HEADER (GREAT FOR DEBUGGING)*
>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> * if (obj.hits > 0) {*
>>>>>>>>>> >>>>>> * set resp.http.X-Cache = "HIT";*
>>>>>>>>>> >>>>>> * # IF THIS IS A MISS RETURN THAT IN THE HEADER*
>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> * } else {*
>>>>>>>>>> >>>>>> * set resp.http.X-Cache = "MISS";*
>>>>>>>>>> >>>>>> * }*
>>>>>>>>>> >>>>>> *}*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> Thanks,
>>>>>>>>>> >>>>>> -------------- next part --------------
>>>>>>>>>> >>>>>> An HTML attachment was scrubbed...
>>>>>>>>>> >>>>>> URL: <https://www.varnish-cache.org
>>>>>>>>>> /lists/pipermail/varnish-misc/attachments/20160803/d572e4b2/
>>>>>>>>>> attachment-0001.html>
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> ------------------------------
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> Message: 2
>>>>>>>>>> >>>>>> Date: Thu, 4 Aug 2016 12:14:36 +0300
>>>>>>>>>> >>>>>> From: Ayberk Kimsesiz <ayberk.kimsesiz at gmail.com>
>>>>>>>>>> >>>>>> To: varnish-misc <varnish-misc at varnish-cache.org>
>>>>>>>>>> >>>>>> Subject: Re: XenForo default.vcl settings
>>>>>>>>>> >>>>>> Message-ID:
>>>>>>>>>> >>>>>> <CAPQGzE39XkXy_44z5oUXBO5q5sF5
>>>>>>>>>> CvQmNP5k771DPi4O3i1ofA at mail.gmail.com>
>>>>>>>>>> >>>>>> Content-Type: text/plain; charset="utf-8"
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> I need to add the followings to default.vcl for Xenforo.
>>>>>>>>>> However, solutions
>>>>>>>>>> >>>>>> in the Xenforo forums for this didn't work. Can you please
>>>>>>>>>> help?
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> xf_session_admin
>>>>>>>>>> >>>>>> xf_user
>>>>>>>>>> >>>>>> xf_session
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> Or how can i block Varnish in a way that it doesn't work
>>>>>>>>>> in *domain.com/forum
>>>>>>>>>> >>>>>> <http://domain.com/forum>*
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> 2016-08-03 23:34 GMT+03:00 Ayberk Kimsesiz <
>>>>>>>>>> ayberk.kimsesiz at gmail.com>:
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> > Hi,
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > Could you please share the appropriate Default.vcl
>>>>>>>>>> settings for XenForo
>>>>>>>>>> >>>>>> > Forums? No one can register to the forum at the moment.
>>>>>>>>>> My current
>>>>>>>>>> >>>>>> > Default.vcl settings are as follows.
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > Forum address: domain.com/forum
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > */* SET THE HOST AND PORT OF WORDPRESS*
>>>>>>>>>> >>>>>> > * * ******************************
>>>>>>>>>> ***************************/*
>>>>>>>>>> >>>>>> > *vcl 4.0;*
>>>>>>>>>> >>>>>> > *import std;*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > *backend default {*
>>>>>>>>>> >>>>>> > * .host = "*******";*
>>>>>>>>>> >>>>>> > * .port = "8080";*
>>>>>>>>>> >>>>>> > * .connect_timeout = 600s;*
>>>>>>>>>> >>>>>> > * .first_byte_timeout = 600s;*
>>>>>>>>>> >>>>>> > * .between_bytes_timeout = 600s;*
>>>>>>>>>> >>>>>> > * .max_connections = 800;*
>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > *# SET THE ALLOWED IP OF PURGE REQUESTS*
>>>>>>>>>> >>>>>> > *# ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> > *acl purge {*
>>>>>>>>>> >>>>>> > * "localhost";*
>>>>>>>>>> >>>>>> > * "127.0.0.1";*
>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > *#THE RECV FUNCTION*
>>>>>>>>>> >>>>>> > *# ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> > *sub vcl_recv {*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > *# set realIP by trimming CloudFlare IP which will be
>>>>>>>>>> used for various
>>>>>>>>>> >>>>>> > checks*
>>>>>>>>>> >>>>>> > *set req.http.X-Actual-IP =
>>>>>>>>>> regsub(req.http.X-Forwarded-For, "[, ].*$",
>>>>>>>>>> >>>>>> > ""); *
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > * # FORWARD THE IP OF THE REQUEST*
>>>>>>>>>> >>>>>> > * if (req.restarts == 0) {*
>>>>>>>>>> >>>>>> > * if (req.http.x-forwarded-for) {*
>>>>>>>>>> >>>>>> > * set req.http.X-Forwarded-For =*
>>>>>>>>>> >>>>>> > * req.http.X-Forwarded-For + ", " + client.ip;*
>>>>>>>>>> >>>>>> > * } else {*
>>>>>>>>>> >>>>>> > * set req.http.X-Forwarded-For = client.ip;*
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > * # Purge request check sections for hash_always_miss,
>>>>>>>>>> purge and ban*
>>>>>>>>>> >>>>>> > * # BLOCK IF NOT IP is not in purge acl*
>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > * # Enable smart refreshing using hash_always_miss*
>>>>>>>>>> >>>>>> > *if (req.http.Cache-Control ~ "no-cache") {*
>>>>>>>>>> >>>>>> > * if (client.ip ~ purge ||
>>>>>>>>>> !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~
>>>>>>>>>> >>>>>> > purge) {*
>>>>>>>>>> >>>>>> > * set req.hash_always_miss = true;*
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > *if (req.method == "PURGE") {*
>>>>>>>>>> >>>>>> > * if (!client.ip ~ purge ||
>>>>>>>>>> !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~
>>>>>>>>>> >>>>>> > purge) {*
>>>>>>>>>> >>>>>> > * return(synth(405,"Not allowed."));*
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> > * return (purge);*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> > *if (req.method == "BAN") {*
>>>>>>>>>> >>>>>> > * # Same ACL check as above:*
>>>>>>>>>> >>>>>> > * if (!client.ip ~ purge ||
>>>>>>>>>> !std.ip(req.http.X-Actual-IP,
>>>>>>>>>> >>>>>> > "1.2.3.4") ~ purge) {*
>>>>>>>>>> >>>>>> > * return(synth(403, "Not
>>>>>>>>>> allowed."));*
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> > * ban("req.http.host == " + req.http.host +*
>>>>>>>>>> >>>>>> > * " && req.url == " + req.url);*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > * # Throw a synthetic page so the*
>>>>>>>>>> >>>>>> > * # request won't go to the backend.*
>>>>>>>>>> >>>>>> > * return(synth(200, "Ban added"));*
>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > *# Unset cloudflare cookies*
>>>>>>>>>> >>>>>> > *# Remove has_js and CloudFlare/Google Analytics __*
>>>>>>>>>> cookies.*
>>>>>>>>>> >>>>>> > * set req.http.Cookie = regsuball(req.http.Cookie,
>>>>>>>>>> >>>>>> > "(^|;\s*)(_[_a-z]+|has_js)=[^;]*", "");*
>>>>>>>>>> >>>>>> > * # Remove a ";" prefix, if present.*
>>>>>>>>>> >>>>>> > * set req.http.Cookie = regsub(req.http.Cookie,
>>>>>>>>>> "^;\s*", "");*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > * # For Testing: If you want to test with Varnish
>>>>>>>>>> passing (not caching)
>>>>>>>>>> >>>>>> > uncomment*
>>>>>>>>>> >>>>>> > * # return( pass );*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > * # FORWARD THE IP OF THE REQUEST*
>>>>>>>>>> >>>>>> > * if (req.restarts == 0) {*
>>>>>>>>>> >>>>>> > * if (req.http.x-forwarded-for) {*
>>>>>>>>>> >>>>>> > * set req.http.X-Forwarded-For =*
>>>>>>>>>> >>>>>> > * req.http.X-Forwarded-For + ", " + client.ip;*
>>>>>>>>>> >>>>>> > * } else {*
>>>>>>>>>> >>>>>> > * set req.http.X-Forwarded-For = client.ip;*
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > *# DO NOT CACHE RSS FEED*
>>>>>>>>>> >>>>>> > * if (req.url ~ "/feed(/)?") {*
>>>>>>>>>> >>>>>> > * return ( pass ); *
>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > *## Do not cache search results, comment these 3 lines
>>>>>>>>>> if you do want to
>>>>>>>>>> >>>>>> > cache them*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > *if (req.url ~ "/\?s\=") {*
>>>>>>>>>> >>>>>> > * return ( pass ); *
>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > *# CLEAN UP THE ENCODING HEADER.*
>>>>>>>>>> >>>>>> > * # SET TO GZIP, DEFLATE, OR REMOVE ENTIRELY. WITH
>>>>>>>>>> VARY ACCEPT-ENCODING*
>>>>>>>>>> >>>>>> > * # VARNISH WILL CREATE SEPARATE CACHES FOR EACH*
>>>>>>>>>> >>>>>> > * # DO NOT ACCEPT-ENCODING IMAGES, ZIPPED FILES, AUDIO,
>>>>>>>>>> ETC.*
>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> > * if (req.http.Accept-Encoding) {*
>>>>>>>>>> >>>>>> > * if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$")
>>>>>>>>>> {*
>>>>>>>>>> >>>>>> > * # No point in compressing these*
>>>>>>>>>> >>>>>> > * unset req.http.Accept-Encoding;*
>>>>>>>>>> >>>>>> > * } elsif (req.http.Accept-Encoding ~ "gzip") {*
>>>>>>>>>> >>>>>> > * set req.http.Accept-Encoding = "gzip";*
>>>>>>>>>> >>>>>> > * } elsif (req.http.Accept-Encoding ~ "deflate") {*
>>>>>>>>>> >>>>>> > * set req.http.Accept-Encoding = "deflate";*
>>>>>>>>>> >>>>>> > * } else {*
>>>>>>>>>> >>>>>> > * # unknown algorithm*
>>>>>>>>>> >>>>>> > * unset req.http.Accept-Encoding;*
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > * # PIPE ALL NON-STANDARD REQUESTS*
>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> > * if (req.method != "GET" &&*
>>>>>>>>>> >>>>>> > * req.method != "HEAD" &&*
>>>>>>>>>> >>>>>> > * req.method != "PUT" && *
>>>>>>>>>> >>>>>> > * req.method != "POST" &&*
>>>>>>>>>> >>>>>> > * req.method != "TRACE" &&*
>>>>>>>>>> >>>>>> > * req.method != "OPTIONS" &&*
>>>>>>>>>> >>>>>> > * req.method != "DELETE") {*
>>>>>>>>>> >>>>>> > * return (pipe);*
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > * # ONLY CACHE GET AND HEAD REQUESTS*
>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> > * if (req.method != "GET" && req.method != "HEAD") {*
>>>>>>>>>> >>>>>> > * return (pass);*
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > * # OPTIONAL: DO NOT CACHE LOGGED IN USERS (THIS OCCURS
>>>>>>>>>> IN FETCH TOO,
>>>>>>>>>> >>>>>> > EITHER*
>>>>>>>>>> >>>>>> > * # COMMENT OR UNCOMMENT BOTH*
>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> > * if ( req.http.cookie ~ "wordpress_logged_in" ) {*
>>>>>>>>>> >>>>>> > * return( pass );*
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > * # IF THE REQUEST IS NOT FOR A PREVIEW, WP-ADMIN OR
>>>>>>>>>> WP-LOGIN*
>>>>>>>>>> >>>>>> > * # THEN UNSET THE COOKIES*
>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> > * if (!(req.url ~ "wp-(login|admin)") *
>>>>>>>>>> >>>>>> > * && !(req.url ~ "&preview=true" ) *
>>>>>>>>>> >>>>>> > * ){*
>>>>>>>>>> >>>>>> > * unset req.http.cookie;*
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > * # IF BASIC AUTH IS ON THEN DO NOT CACHE*
>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> > * if (req.http.Authorization || req.http.Cookie) {*
>>>>>>>>>> >>>>>> > * return (pass);*
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > * # IF YOU GET HERE THEN THIS REQUEST SHOULD BE CACHED*
>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> > * return (hash);*
>>>>>>>>>> >>>>>> > * # This is for phpmyadmin*
>>>>>>>>>> >>>>>> > *if (req.http.Host == "ki1.org <http://ki1.org>") {*
>>>>>>>>>> >>>>>> > *return (pass);*
>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > *if (req.http.Host == "mysql.ki1.org <
>>>>>>>>>> http://mysql.ki1.org>") {*
>>>>>>>>>> >>>>>> > *return (pass);*
>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > *# HIT FUNCTION*
>>>>>>>>>> >>>>>> > *# ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> > *sub vcl_hit {*
>>>>>>>>>> >>>>>> > * # IF THIS IS A PURGE REQUEST THEN DO THE PURGE*
>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> > * if (req.method == "PURGE") {*
>>>>>>>>>> >>>>>> > * #*
>>>>>>>>>> >>>>>> > * # This is now handled in vcl_recv.*
>>>>>>>>>> >>>>>> > * #*
>>>>>>>>>> >>>>>> > * # purge;*
>>>>>>>>>> >>>>>> > * return (synth(200, "Purged."));*
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> > * return (deliver);*
>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > *# MISS FUNCTION*
>>>>>>>>>> >>>>>> > *# ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> > *sub vcl_miss {*
>>>>>>>>>> >>>>>> > * if (req.method == "PURGE") {*
>>>>>>>>>> >>>>>> > * #*
>>>>>>>>>> >>>>>> > * # This is now handled in vcl_recv.*
>>>>>>>>>> >>>>>> > * #*
>>>>>>>>>> >>>>>> > * # purge;*
>>>>>>>>>> >>>>>> > * return (synth(200, "Purged."));*
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> > * return (fetch);*
>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > *# FETCH FUNCTION*
>>>>>>>>>> >>>>>> > *# ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> > *sub vcl_backend_response {*
>>>>>>>>>> >>>>>> > * # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES
>>>>>>>>>> W3TC *
>>>>>>>>>> >>>>>> > * # TENDANCY TO SET VARY USER-AGENT. YOU MAY OR MAY
>>>>>>>>>> NOT WANT*
>>>>>>>>>> >>>>>> > * # TO DO THIS*
>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> > * set beresp.http.Vary = "Accept-Encoding";*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > * # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE
>>>>>>>>>> AMOUNT OF *
>>>>>>>>>> >>>>>> > * # TIME THIS PAGE WILL STAY CACHED (TTL)*
>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> > * if (!(bereq.url ~ "wp-(login|admin)") &&
>>>>>>>>>> !bereq.http.cookie ~
>>>>>>>>>> >>>>>> > "wordpress_logged_in" ) {*
>>>>>>>>>> >>>>>> > * unset beresp.http.set-cookie;*
>>>>>>>>>> >>>>>> > * set beresp.ttl = 52w;*
>>>>>>>>>> >>>>>> > *# set beresp.grace =1w;*
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > * if (beresp.ttl <= 0s ||*
>>>>>>>>>> >>>>>> > * beresp.http.Set-Cookie ||*
>>>>>>>>>> >>>>>> > * beresp.http.Vary == "*") {*
>>>>>>>>>> >>>>>> > * set beresp.ttl = 120 s;*
>>>>>>>>>> >>>>>> > * # set beresp.ttl = 120s;*
>>>>>>>>>> >>>>>> > * set beresp.uncacheable = true;*
>>>>>>>>>> >>>>>> > * return (deliver);*
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > * return (deliver);*
>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > *# DELIVER FUNCTION*
>>>>>>>>>> >>>>>> > *# ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> > *sub vcl_deliver {*
>>>>>>>>>> >>>>>> > * # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT'
>>>>>>>>>> TEXT *
>>>>>>>>>> >>>>>> > * # IN THE HEADER (GREAT FOR DEBUGGING)*
>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> > * if (obj.hits > 0) {*
>>>>>>>>>> >>>>>> > * set resp.http.X-Cache = "HIT";*
>>>>>>>>>> >>>>>> > * # IF THIS IS A MISS RETURN THAT IN THE HEADER*
>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>> ############################*
>>>>>>>>>> >>>>>> > * } else {*
>>>>>>>>>> >>>>>> > * set resp.http.X-Cache = "MISS";*
>>>>>>>>>> >>>>>> > * }*
>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> > Thanks,
>>>>>>>>>> >>>>>> >
>>>>>>>>>> >>>>>> -------------- next part --------------
>>>>>>>>>> >>>>>> An HTML attachment was scrubbed...
>>>>>>>>>> >>>>>> URL: <https://www.varnish-cache.org
>>>>>>>>>> /lists/pipermail/varnish-misc/attachments/20160804/4e3f064a/
>>>>>>>>>> attachment.html>
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> ------------------------------
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> _______________________________________________
>>>>>>>>>> >>>>>> varnish-misc mailing list
>>>>>>>>>> >>>>>> varnish-misc at varnish-cache.org
>>>>>>>>>> >>>>>> https://www.varnish-cache.org/
>>>>>>>>>> lists/mailman/listinfo/varnish-misc
>>>>>>>>>> >>>>>>
>>>>>>>>>> >>>>>> End of varnish-misc Digest, Vol 125, Issue 14
>>>>>>>>>> >>>>>> *********************************************
>>>>>>>>>> >>>>>
>>>>>>>>>> >>>>>
>>>>>>>>>> >>>>>
>>>>>>>>>> >>>>> _______________________________________________
>>>>>>>>>> >>>>> varnish-misc mailing list
>>>>>>>>>> >>>>> varnish-misc at varnish-cache.org
>>>>>>>>>> >>>>> https://www.varnish-cache.org/
>>>>>>>>>> lists/mailman/listinfo/varnish-misc
>>>>>>>>>> >>>>
>>>>>>>>>> >>>>
>>>>>>>>>> >>>>
>>>>>>>>>> >>>> _______________________________________________
>>>>>>>>>> >>>> varnish-misc mailing list
>>>>>>>>>> >>>> varnish-misc at varnish-cache.org
>>>>>>>>>> >>>> https://www.varnish-cache.org/lists/mailman/listinfo/varnish
>>>>>>>>>> -misc
>>>>>>>>>> >>>
>>>>>>>>>> >>>
>>>>>>>>>> >>
>>>>>>>>>> >
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20160804/f24374a6/attachment-0001.html>
More information about the varnish-misc
mailing list