<div dir="ltr"><div>I need to add the followings to default.vcl for Xenforo. However, solutions in the Xenforo forums for this didn't work. Can you please help?</div><div><br></div><div><div>xf_session_admin<br></div><div>xf_user<br></div><div>xf_session<br></div></div><div><br></div><div>Or how can i block Varnish in a way that it doesn't work in <b><a href="http://domain.com/forum">domain.com/forum</a></b><br></div><div><br></div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">2016-08-03 23:34 GMT+03:00 Ayberk Kimsesiz <span dir="ltr"><<a href="mailto:ayberk.kimsesiz@gmail.com" target="_blank">ayberk.kimsesiz@gmail.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>Hi,</div><div><br></div>Could you please share the appropriate Default.vcl settings for XenForo Forums? No one can register to the forum at the moment. My current Default.vcl settings are as follows. <div><br></div><div>Forum address: <a href="http://domain.com/forum" target="_blank">domain.com/forum</a><br><div><br></div><div><div><i>/* SET THE HOST AND PORT OF WORDPRESS</i></div><div><i> * ******************************<wbr>***************************/</i></div><div><i>vcl 4.0;</i></div><div><i>import std;</i></div><div><i><br></i></div><div><i>backend default {</i></div><div><i> .host = "*******";</i></div><div><i> .port = "8080";</i></div><div><i> .connect_timeout = 600s;</i></div><div><i> .first_byte_timeout = 600s;</i></div><div><i> .between_bytes_timeout = 600s;</i></div><div><i> .max_connections = 800;</i></div><div><i>}</i></div><div><i> </i></div><div><i># SET THE ALLOWED IP OF PURGE REQUESTS</i></div><div><i># ##############################<wbr>############################</i></div><div><i>acl purge {</i></div><div><i> "localhost";</i></div><div><i> "127.0.0.1";</i></div><div><i>}</i></div><div><i><br></i></div><div><i>#THE RECV FUNCTION</i></div><div><i># ##############################<wbr>############################</i></div><div><i>sub vcl_recv {</i></div><div><i><br></i></div><div><i># set realIP by trimming CloudFlare IP which will be used for various checks</i></div><div><i>set req.http.X-Actual-IP = regsub(req.http.X-Forwarded-<wbr>For, "[, ].*$", ""); </i></div><div><i><br></i></div><div><i> # FORWARD THE IP OF THE REQUEST</i></div><div><i> if (req.restarts == 0) {</i></div><div><i> if (req.http.x-forwarded-for) {</i></div><div><i> set req.http.X-Forwarded-For =</i></div><div><i> req.http.X-Forwarded-For + ", " + client.ip;</i></div><div><i> } else {</i></div><div><i> set req.http.X-Forwarded-For = client.ip;</i></div><div><i> }</i></div><div><i> }</i></div><div><i><br></i></div><div><i> # Purge request check sections for hash_always_miss, purge and ban</i></div><div><i> # BLOCK IF NOT IP is not in purge acl</i></div><div><i> # ##############################<wbr>############################</i></div><div><i><br></i></div><div><i> # Enable smart refreshing using hash_always_miss</i></div><div><i>if (req.http.Cache-Control ~ "no-cache") {</i></div><div><i> if (client.ip ~ purge || !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~ purge) {</i></div><div><i> set req.hash_always_miss = true;</i></div><div><i> }</i></div><div><i>}</i></div><div><i><br></i></div><div><i>if (req.method == "PURGE") {</i></div><div><i> if (!client.ip ~ purge || !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~ purge) {</i></div><div><i> return(synth(405,"Not allowed."));</i></div><div><i> }</i></div><div><i> return (purge);</i></div><div><i><br></i></div><div><i> }</i></div><div><i>if (req.method == "BAN") {</i></div><div><i> # Same ACL check as above:</i></div><div><i> if (!client.ip ~ purge || !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~ purge) {</i></div><div><i> return(synth(403, "Not allowed."));</i></div><div><i> }</i></div><div><i> ban("req.http.host == " + req.http.host +</i></div><div><i> " && req.url == " + req.url);</i></div><div><i><br></i></div><div><i> # Throw a synthetic page so the</i></div><div><i> # request won't go to the backend.</i></div><div><i> return(synth(200, "Ban added"));</i></div><div><i>}</i></div><div><i><br></i></div><div><i><br></i></div><div><i># Unset cloudflare cookies</i></div><div><i># Remove has_js and CloudFlare/Google Analytics __* cookies.</i></div><div><i> set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(_[_a-z]+|has_js)=[^;<wbr>]*", "");</i></div><div><i> # Remove a ";" prefix, if present.</i></div><div><i> set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", "");</i></div><div><i><br></i></div><div><i> # For Testing: If you want to test with Varnish passing (not caching) uncomment</i></div><div><i> # return( pass );</i></div><div><i><br></i></div><div><i> # FORWARD THE IP OF THE REQUEST</i></div><div><i> if (req.restarts == 0) {</i></div><div><i> if (req.http.x-forwarded-for) {</i></div><div><i> set req.http.X-Forwarded-For =</i></div><div><i> req.http.X-Forwarded-For + ", " + client.ip;</i></div><div><i> } else {</i></div><div><i> set req.http.X-Forwarded-For = client.ip;</i></div><div><i> }</i></div><div><i> }</i></div><div><i><br></i></div><div><i># DO NOT CACHE RSS FEED</i></div><div><i> if (req.url ~ "/feed(/)?") {</i></div><div><i> return ( pass ); </i></div><div><i>}</i></div><div><i><br></i></div><div><i>## Do not cache search results, comment these 3 lines if you do want to cache them</i></div><div><i><br></i></div><div><i>if (req.url ~ "/\?s\=") {</i></div><div><i> return ( pass ); </i></div><div><i>}</i></div><div><i><br></i></div><div><i># CLEAN UP THE ENCODING HEADER.</i></div><div><i> # SET TO GZIP, DEFLATE, OR REMOVE ENTIRELY. WITH VARY ACCEPT-ENCODING</i></div><div><i> # VARNISH WILL CREATE SEPARATE CACHES FOR EACH</i></div><div><i> # DO NOT ACCEPT-ENCODING IMAGES, ZIPPED FILES, AUDIO, ETC.</i></div><div><i> # ##############################<wbr>############################</i></div><div><i> if (req.http.Accept-Encoding) {</i></div><div><i> if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|<wbr>tbz|mp3|ogg)$") {</i></div><div><i> # No point in compressing these</i></div><div><i> unset req.http.Accept-Encoding;</i></div><div><i> } elsif (req.http.Accept-Encoding ~ "gzip") {</i></div><div><i> set req.http.Accept-Encoding = "gzip";</i></div><div><i> } elsif (req.http.Accept-Encoding ~ "deflate") {</i></div><div><i> set req.http.Accept-Encoding = "deflate";</i></div><div><i> } else {</i></div><div><i> # unknown algorithm</i></div><div><i> unset req.http.Accept-Encoding;</i></div><div><i> }</i></div><div><i> }</i></div><div><i><br></i></div><div><i> # PIPE ALL NON-STANDARD REQUESTS</i></div><div><i> # ##############################<wbr>############################</i></div><div><i> if (req.method != "GET" &&</i></div><div><i> req.method != "HEAD" &&</i></div><div><i> req.method != "PUT" && </i></div><div><i> req.method != "POST" &&</i></div><div><i> req.method != "TRACE" &&</i></div><div><i> req.method != "OPTIONS" &&</i></div><div><i> req.method != "DELETE") {</i></div><div><i> return (pipe);</i></div><div><i> }</i></div><div><i> </i></div><div><i> # ONLY CACHE GET AND HEAD REQUESTS</i></div><div><i> # ##############################<wbr>############################</i></div><div><i> if (req.method != "GET" && req.method != "HEAD") {</i></div><div><i> return (pass);</i></div><div><i> }</i></div><div><i> </i></div><div><i> # OPTIONAL: DO NOT CACHE LOGGED IN USERS (THIS OCCURS IN FETCH TOO, EITHER</i></div><div><i> # COMMENT OR UNCOMMENT BOTH</i></div><div><i> # ##############################<wbr>############################</i></div><div><i> if ( req.http.cookie ~ "wordpress_logged_in" ) {</i></div><div><i> return( pass );</i></div><div><i> }</i></div><div><i> </i></div><div><i> # IF THE REQUEST IS NOT FOR A PREVIEW, WP-ADMIN OR WP-LOGIN</i></div><div><i> # THEN UNSET THE COOKIES</i></div><div><i> # ##############################<wbr>############################</i></div><div><i> if (!(req.url ~ "wp-(login|admin)") </i></div><div><i> && !(req.url ~ "&preview=true" ) </i></div><div><i> ){</i></div><div><i> unset req.http.cookie;</i></div><div><i> }</i></div><div><i><br></i></div><div><i> # IF BASIC AUTH IS ON THEN DO NOT CACHE</i></div><div><i> # ##############################<wbr>############################</i></div><div><i> if (req.http.Authorization || req.http.Cookie) {</i></div><div><i> return (pass);</i></div><div><i> }</i></div><div><i> </i></div><div><i> # IF YOU GET HERE THEN THIS REQUEST SHOULD BE CACHED</i></div><div><i> # ##############################<wbr>############################</i></div><div><i> return (hash);</i></div><div><i> # This is for phpmyadmin</i></div><div><i>if (req.http.Host == "<a href="http://ki1.org" target="_blank">ki1.org</a>") {</i></div><div><i>return (pass);</i></div><div><i>}</i></div><div><i><br></i></div><div><i>if (req.http.Host == "<a href="http://mysql.ki1.org" target="_blank">mysql.ki1.org</a>") {</i></div><div><i>return (pass);</i></div><div><i>}</i></div><div><i><br></i></div><div><i>}</i></div><div><i><br></i></div><div><i># HIT FUNCTION</i></div><div><i># ##############################<wbr>############################</i></div><div><i>sub vcl_hit {</i></div><div><i> # IF THIS IS A PURGE REQUEST THEN DO THE PURGE</i></div><div><i> # ##############################<wbr>############################</i></div><div><i> if (req.method == "PURGE") {</i></div><div><i> #</i></div><div><i> # This is now handled in vcl_recv.</i></div><div><i> #</i></div><div><i> # purge;</i></div><div><i> return (synth(200, "Purged."));</i></div><div><i> }</i></div><div><i> return (deliver);</i></div><div><i>}</i></div><div><i><br></i></div><div><i># MISS FUNCTION</i></div><div><i># ##############################<wbr>############################</i></div><div><i>sub vcl_miss {</i></div><div><i> if (req.method == "PURGE") {</i></div><div><i> #</i></div><div><i> # This is now handled in vcl_recv.</i></div><div><i> #</i></div><div><i> # purge;</i></div><div><i> return (synth(200, "Purged."));</i></div><div><i> }</i></div><div><i> return (fetch);</i></div><div><i>}</i></div><div><i><br></i></div><div><i># FETCH FUNCTION</i></div><div><i># ##############################<wbr>############################</i></div><div><i>sub vcl_backend_response {</i></div><div><i> # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC </i></div><div><i> # TENDANCY TO SET VARY USER-AGENT. YOU MAY OR MAY NOT WANT</i></div><div><i> # TO DO THIS</i></div><div><i> # ##############################<wbr>############################</i></div><div><i> set beresp.http.Vary = "Accept-Encoding";</i></div><div><i><br></i></div><div><i> # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF </i></div><div><i> # TIME THIS PAGE WILL STAY CACHED (TTL)</i></div><div><i> # ##############################<wbr>############################</i></div><div><i> if (!(bereq.url ~ "wp-(login|admin)") && !bereq.http.cookie ~ "wordpress_logged_in" ) {</i></div><div><i> unset beresp.http.set-cookie;</i></div><div><i> set beresp.ttl = 52w;</i></div><div><i># set beresp.grace =1w;</i></div><div><i> }</i></div><div><i><br></i></div><div><i> if (beresp.ttl <= 0s ||</i></div><div><i> beresp.http.Set-Cookie ||</i></div><div><i> beresp.http.Vary == "*") {</i></div><div><i> set beresp.ttl = 120 s;</i></div><div><i> # set beresp.ttl = 120s;</i></div><div><i> set beresp.uncacheable = true;</i></div><div><i> return (deliver);</i></div><div><i> }</i></div><div><i><br></i></div><div><i> return (deliver);</i></div><div><i>}</i></div><div><i><br></i></div><div><i># DELIVER FUNCTION</i></div><div><i># ##############################<wbr>############################</i></div><div><i>sub vcl_deliver {</i></div><div><i> # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT' TEXT </i></div><div><i> # IN THE HEADER (GREAT FOR DEBUGGING)</i></div><div><i> # ##############################<wbr>############################</i></div><div><i> if (obj.hits > 0) {</i></div><div><i> set resp.http.X-Cache = "HIT";</i></div><div><i> # IF THIS IS A MISS RETURN THAT IN THE HEADER</i></div><div><i> # ##############################<wbr>############################</i></div><div><i> } else {</i></div><div><i> set resp.http.X-Cache = "MISS";</i></div><div><i> }</i></div><div><i>}</i></div><div><br></div><div><br></div><div>Thanks,</div></div></div></div>
</blockquote></div><br></div>