In order to configure PURGE add this lines into your VCL_RECV:
vcl 4.0;
import std;
sub vcl_recv {
# Allow banning
if (req.method == "PURGE") {
# Same ACL check as above:
if (!client.ip ~ purge) {
return(synth(405, "This IP is not allowed to send PURGE requests."));
}
ban("req.http.host == " + req.http.host + " && req.url == " + req.url);
# If you got this stage (and didn't error out above), purge the cached result
return (synth(200, "Purged"));
}
}
sub vcl_backend_response {
# client browser and server cache
# Force cache: remove expires, Cache-control & Pragma header coming from the backend
if (beresp.http.Cache-Control ~ "(no-cache|private)" || beresp.http.Pragma ~ "no-cache") {
unset beresp.http.Expires;
unset beresp.http.Cache-Control;
unset beresp.http.Pragma;
# Marker for vcl_deliver to reset Age: /
set beresp.http.magicmarker = "1";
# Leveraging browser, cache set the clients TTL on this object /
set beresp.http.Cache-Control = "public, max-age=2592000";
# cache set the clients TTL on this object /
set beresp.ttl = 30d;
# Allow stale content, in case the backend goes down.
# make Varnish keep all objects for 6 hours beyond their TTL
set beresp.grace = 6h;
return (deliver);
}
}
Also add this in the VCL_DELIVER:
sub vcl_deliver {
# Called before a cached object is delivered to the client.
if (resp.http.magicmarker) {
unset resp.http.magicmarker;
# By definition we have a fresh object
set resp.http.Age = "0";
}
if (obj.hits > 0) { # Add debug header to see if it's a HIT/MISS and the number of hits, disable when not needed
set resp.http.X-Cache = "HIT";
} else {
set resp.http.X-Cache = "MISS";
}
# Please note that obj.hits behaviour changed in 4.0, now it counts per objecthead, not per object
# and obj.hits may not be reset in some cases where bans are in use. See bug 1492 for details.
# So take hits with a grain of salt
set resp.http.X-Cache-Hits = obj.hits;
# Set Varnish server name
set resp.http.X-Served-By = server.hostname;
# Remove some headers: PHP version
unset resp.http.X-Powered-By;
# Remove some headers: Apache version & OS
unset resp.http.Server;
unset resp.http.X-Varnish;
unset resp.http.Via;
unset resp.http.Link;
unset resp.http.X-Generator;
return (deliver);
}
vcl 4.0;
import std;
sub vcl_recv {
# Retrieve WordPress logged in username, store it in a custom http x-header and clean cookie
if (req.http.Cookie ~ "wordpress_logged_in") {
set req.http.X-UserID = regsuball(req.http.Cookie, "^.*wordpress_logged_in_[^=]+[^;]=([^;]*);*.*$", "\1");
set req.http.X-UserID = regsuball(req.http.X-UserID, "%7C.*", "");
# Remove wordpress_logged_in and wordpress_ cookies
set req.http.Cookie = regsuball(req.http.Cookie, "wordpress_logged_in_[^=]+[^;]+(; )?", "");
}
}
In Varnish 3, in order to customize the error page you should customize the subroutine VCL_ERROR:
Things changes in Varnish 4, errors that occur in the backend server subroutine VCL_BACKEND_ERROR are processed used the SYNTH command in the VCL and defined by creating a specific synthetic object in the subroutine VCL_SYNTH.
Following a VCL example that generate a 404 managed by a synthetic object by invoking the following URL http://www.myservname.com:port/404 When you access to the URL, Synth (status_code, reason).
vcl 4.0;
import std;
sub vcl_recv {
if (req.url ~ "^/404") {
return (synth(999, "Generate a 404 error explicitly"));
}
}
sub vcl_backend_response {
}
sub vcl_deliver {
}
sub vcl_backend_error {
set beresp.http.Content-Type = "text/html; charset=utf-8";
synthetic( {"errors due to backend fetch"} );
return (deliver);
}
sub vcl_synth {
if (resp.status == 999) {
set resp.status = 404;
set resp.http.Content-Type = "text/plain; charset=utf-8";
synthetic(std.fileread("/tmp/vcl_404_error.html"));
return (deliver);
}
return (deliver);
}
Remember to create the error page in the correct path:
$ cat /tmp//tmp/vcl_404_error.html
errors due to vcl
vcl 4.0;
import std;
sub vcl_recv {
# Normalize trailing slash for directory & manage 301 redirection internally
if (req.http.Host !~ "^www\." ||
(req.url !~ {"(?x)
(?:/$) # last character isn't a slash
| # or
(?:/\?) # query string isn't immediately preceded by a slash
"}
&&
req.url ~ {"(?x)
(?:/[^./]+$) # last path segment doesn't contain a . no query string
| # or
(?:/[^.?]+\?) # last path segment doesn't contain a . with a query string
"}
)
)
{
return (synth(720,"Moved Permanently"));
}
}
Add the following code into VCL_SYNTH:
sub vcl_synth {
if (resp.status == 720) {
# We use this special error status 720 to force redirects with 301 (permanent) redirects
# To use this, call the following from anywhere in vcl_recv: return (synth(720, "http://host/new.html"));
set resp.http.Location = resp.reason;
set resp.status = 301;
set resp.http.Location = "http://";
set resp.http.Host = req.http.Host;
if (resp.http.Host !~ "^www\.") {
set resp.http.Host = "www." + resp.http.Host;
}
set resp.http.Location = resp.http.Location + resp.http.Host;
if (req.url ~ "(?:/[^./]+$)|(?:/[^.?]+\?)") {
# no . in last path segment before optional query string
if (req.url !~ "/$" && req.url !~ "\?") {
# no trailing slash and no query string
set resp.http.Location = resp.http.Location + req.url + "/";
} elseif (req.url ~ "[^/]\?") {
# no trailing slash and with query string, preserve it
set resp.http.Location = resp.http.Location + regsub(req.url, "([^?]+)\?.*", "\1") + "/" + regsub(req.url, "[^?]+(\?.*)", "\1");
} elseif (resp.http.Host != req.http.Host) {
# trailing slash rule met, handle missing www. scenario
set resp.http.Location = resp.http.Location + req.url;
}
} elseif (resp.http.Host != req.http.Host) {
# last path segment contains a . so handle missing www. scenario
set resp.http.Location = resp.http.Location + req.url;
}
return (deliver);
} elseif (resp.status == 721) {
# And we use error status 721 to force redirects with a 302 (temporary) redirect
# To use this, call the following from anywhere in vcl_recv: return (synth(720, "http://host/new.html"));
set resp.http.Location = resp.reason;
set resp.status = 302;
return (deliver);
}
return (deliver);
}
To configure PURGE add this lines into your VCL_RECV:
vcl 4.0;
import std;
sub vcl_recv {
# Allow banning
if (req.method == "BAN") {
# Same ACL check as above:
if (!client.ip ~ purge) {
return(synth(405, "This IP is not allowed to send BAN requests."));
}
ban("req.http.host == " + req.http.host + " && req.url == " + req.url);
# Throw a synthetic page so the request won't go to the backend.
return(synth(200, "Ban added"));
}
}
To test it:
$ curl -v -k -H "host: www.mydomain.com" -X BAN http://varnish_server_ip/
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.AcceptRead More
Privacy & Cookies Policy
Privacy Overview
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
