XenForo default.vcl settings

Lane, Richard rlane at ahbelo.com
Fri Aug 5 14:36:58 CEST 2016


Can you send more of the log that shows a full /request response of a MISS?

This line right here is going to cause most request to be a MISS because it
is only checking the existence of Cookie and not a specific cookie.

  # IF BASIC AUTH IS ON THEN DO NOT CACHE
  # ##########################################################
  if (req.http.Authorization || req.http.Cookie) {
    return (pass);
  }

On Fri, Aug 5, 2016 at 2:44 AM, Ayberk Kimsesiz <ayberk.kimsesiz at gmail.com>
wrote:

> Hi again,
>
> I deleted all the Wordpress records and only added the following to
> xenForo. People can now login to forum but Varnish shows MISS once again.
> What kind of setting should i use?
>
> /* SET THE HOST AND PORT OF WORDPRESS
>  * *********************************************************/
> vcl 4.0;
> import std;
>
> backend default {
>   .host = "*****''
>   .port = "8080";
>   .connect_timeout = 600s;
>   .first_byte_timeout = 600s;
>   .between_bytes_timeout = 600s;
>   .max_connections = 800;
> }
>
> # SET THE ALLOWED IP OF PURGE REQUESTS
> # ##########################################################
> acl purge {
>   "localhost";
>   "127.0.0.1";
> }
>
> #THE RECV FUNCTION
> # ##########################################################
> sub vcl_recv {
>
> # set realIP by trimming CloudFlare IP which will be used for various
> checks
> set req.http.X-Actual-IP = regsub(req.http.X-Forwarded-For, "[, ].*$",
> "");
>
>         # FORWARD THE IP OF THE REQUEST
>   if (req.restarts == 0) {
>     if (req.http.x-forwarded-for) {
>       set req.http.X-Forwarded-For =
>       req.http.X-Forwarded-For + ", " + client.ip;
>     } else {
>       set req.http.X-Forwarded-For = client.ip;
>     }
>   }
>
>  # Purge request check sections for hash_always_miss, purge and ban
>  # BLOCK IF NOT IP is not in purge acl
>  # ##########################################################
>
>   # Enable smart refreshing using hash_always_miss
> if (req.http.Cache-Control ~ "no-cache") {
>     if (client.ip ~ purge || !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~
> purge) {
>          set req.hash_always_miss = true;
>     }
> }
>
> if (req.method == "PURGE") {
>     if (!client.ip ~ purge || !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~
> purge) {
>         return(synth(405,"Not allowed."));
>         }
>     return (purge);
>
>   }
> if (req.method == "BAN") {
>         # Same ACL check as above:
>         if (!client.ip ~ purge || !std.ip(req.http.X-Actual-IP, "1.2.3.4")
> ~ purge) {
>                         return(synth(403, "Not allowed."));
>         }
>         ban("req.http.host == " + req.http.host +
>                   " && req.url == " + req.url);
>
>         # Throw a synthetic page so the
>         # request won't go to the backend.
>         return(synth(200, "Ban added"));
> }
>
> # Unset cloudflare cookies
> # Remove has_js and CloudFlare/Google Analytics __* cookies.
>       set req.http.Cookie = regsuball(req.http.Cookie,
> "(^|;\s*)(_[_a-z]+|has_js)=[^;]*", "");
>       # Remove a ";" prefix, if present.
>      set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", "");
>
>   # For Testing: If you want to test with Varnish passing (not caching)
> uncomment
>   # return( pass );
>
>   # FORWARD THE IP OF THE REQUEST
>   if (req.restarts == 0) {
>     if (req.http.x-forwarded-for) {
>       set req.http.X-Forwarded-For =
>       req.http.X-Forwarded-For + ", " + client.ip;
>     } else {
>       set req.http.X-Forwarded-For = client.ip;
>     }
>   }
>
> # DO NOT CACHE RSS FEED
>  if (req.url ~ "/feed(/)?") {
>     return ( pass );
> }
>
> ## Do not cache search results, comment these 3 lines if you do want to
> cache them
>
> if (req.url ~ "/\?s\=") {
>     return ( pass );
> }
>
> # CLEAN UP THE ENCODING HEADER.
>   # SET TO GZIP, DEFLATE, OR REMOVE ENTIRELY.  WITH VARY ACCEPT-ENCODING
>   # VARNISH WILL CREATE SEPARATE CACHES FOR EACH
>   # DO NOT ACCEPT-ENCODING IMAGES, ZIPPED FILES, AUDIO, ETC.
>   # ##########################################################
>   if (req.http.Accept-Encoding) {
>     if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {
>       # No point in compressing these
>       unset req.http.Accept-Encoding;
>     } elsif (req.http.Accept-Encoding ~ "gzip") {
>       set req.http.Accept-Encoding = "gzip";
>     } elsif (req.http.Accept-Encoding ~ "deflate") {
>       set req.http.Accept-Encoding = "deflate";
>     } else {
>       # unknown algorithm
>       unset req.http.Accept-Encoding;
>     }
>   }
>
>   # PIPE ALL NON-STANDARD REQUESTS
>   # ##########################################################
>   if (req.method != "GET" &&
>     req.method != "HEAD" &&
>     req.method != "PUT" &&
>     req.method != "POST" &&
>     req.method != "TRACE" &&
>     req.method != "OPTIONS" &&
>     req.method != "DELETE") {
>       return (pipe);
>   }
>
>   # ONLY CACHE GET AND HEAD REQUESTS
>   # ##########################################################
>   if (req.method != "GET" && req.method != "HEAD") {
>     return (pass);
>   }
>
>   # OPTIONAL: DO NOT CACHE LOGGED IN USERS (THIS OCCURS IN FETCH TOO,
> EITHER
>   # COMMENT OR UNCOMMENT BOTH
>   # ##########################################################
>
>
>   # IF THE REQUEST IS NOT FOR A PREVIEW, WP-ADMIN OR WP-LOGIN
>   # THEN UNSET THE COOKIES
>   # ##########################################################
>
>
>   # IF BASIC AUTH IS ON THEN DO NOT CACHE
>   # ##########################################################
>   if (req.http.Authorization || req.http.Cookie) {
>     return (pass);
>   }
>
>   # IF YOU GET HERE THEN THIS REQUEST SHOULD BE CACHED
>   # ##########################################################
>   return (hash);
>   # This is for phpmyadmin
> if (req.http.Host == "ki1.org") {
> return (pass);
> }
>
> if (req.http.Host == "mysql.ki1.org") {
> return (pass);
> }
>
> }
>
> # HIT FUNCTION
> # ##########################################################
> sub vcl_hit {
>   # IF THIS IS A PURGE REQUEST THEN DO THE PURGE
>   # ##########################################################
>   if (req.method == "PURGE") {
>     #
>     # This is now handled in vcl_recv.
>     #
>     # purge;
>     return (synth(200, "Purged."));
>   }
>   return (deliver);
> }
>
> # MISS FUNCTION
> # ##########################################################
> sub vcl_miss {
>   if (req.method == "PURGE") {
>     #
>     # This is now handled in vcl_recv.
>     #
>     # purge;
>     return (synth(200, "Purged."));
>   }
>   return (fetch);
> }
>
> # FETCH FUNCTION
> # ##########################################################
> sub vcl_backend_response {
>   if (beresp.http.Set-Cookie ~ "xf_(session|user)") {
>     set beresp.uncacheable = true;
>     set beresp.ttl = 1w;
>     return (deliver);
>   }
>
>   # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC
>   # TENDANCY TO SET VARY USER-AGENT.  YOU MAY OR MAY NOT WANT
>   # TO DO THIS
>   # ##########################################################
>   set beresp.http.Vary = "Accept-Encoding";
>
>   # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF
>   # TIME THIS PAGE WILL STAY CACHED (TTL)
>   # ##########################################################
>
>
>   if (beresp.ttl <= 0s ||
>     beresp.http.Set-Cookie ||
>     beresp.http.Vary == "*") {
>       set beresp.ttl = 120 s;
>       # set beresp.ttl = 120s;
>       set beresp.uncacheable = true;
>       return (deliver);
>   }
>
>   return (deliver);
> }
>
> # DELIVER FUNCTION
> # ##########################################################
> sub vcl_deliver {
>   # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT' TEXT
>   # IN THE HEADER (GREAT FOR DEBUGGING)
>   # ##########################################################
>   if (obj.hits > 0) {
>     set resp.http.X-Cache = "HIT";
>   # IF THIS IS A MISS RETURN THAT IN THE HEADER
>   # ##########################################################
>   } else {
>     set resp.http.X-Cache = "MISS";
>   }
> }
>
>
> *Wordpress: *
>
> Accept-Ranges bytes
> Age 0
> Cache-Control max-age=3600, public
> Connection keep-alive
> Content-Encoding gzip
> Content-Type text/html
> Date Fri, 05 Aug 2016 07:34:11 GMT
> Etag 9090a91bf774ce89d892f8dd7fedd527
> Expires Fri, 05 Aug 2016 08:34:11 GMT
> Last-Modified Thu, 01 Jan 1970 00:00:00 GMT
> Pragma public
> Server Apache/2
> Transfer-Encoding chunked
> Vary Accept-Encoding
> Via 1.1 varnish-v4
> X-Cache MISS
> X-Powered-By W3 Total Cache/0.9.4.1
> X-Varnish 3048080
>
> *xenForo*
>
> Accept-Ranges bytes
> Age 0
> Cache-control private, max-age=0
> Connection keep-alive
> Content-Encoding gzip
> Content-Length 11721
> Content-Type text/html; charset=UTF-8
> Date Fri, 05 Aug 2016 07:35:03 GMT
> Expires Thu, 19 Nov 1981 08:52:00 GMT
> Last-Modified Fri, 05 Aug 2016 07:35:03 GMT
> Server Apache/2
> Vary Accept-Encoding
> Via 1.1 varnish-v4
> X-Cache MISS
> X-Frame-Options SAMEORIGIN
> X-Powered-By PHP/5.5.34
> X-Varnish 3277302
>
>
>
>
>
>
>
> 2016-08-04 23:54 GMT+03:00 Ayberk Kimsesiz <ayberk.kimsesiz at gmail.com>:
>
>> I added the code but it FAILED. In fact, i want to make people to be able
>> to login and register to /forum.
>> When i use these codes that works but MISS appears at the same time.
>>
>> # FETCH FUNCTION
>> # ##########################################################
>> sub vcl_backend_response {
>>
>>   # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC
>>   # TENDANCY TO SET VARY USER-AGENT.  YOU MAY OR MAY NOT WANT
>>   # TO DO THIS
>>   # ##########################################################
>>   set beresp.http.Vary = "Accept-Encoding";
>>
>>   # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF
>>   # TIME THIS PAGE WILL STAY CACHED (TTL)
>>   # ##########################################################
>> *if (beresp.http.Set-Cookie ~ "xf_(session|user)") *
>> *{ set beresp.uncacheable = true;*
>> *    set beresp.ttl = 1w;*
>> *    return (deliver);*
>> *  }*
>>
>>   if (beresp.ttl <= 0s ||
>>     beresp.http.Set-Cookie ||
>>     beresp.http.Vary == "*") {
>>       set beresp.ttl = 120 s;
>>       # set beresp.ttl = 120s;
>>       set beresp.uncacheable = true;
>>       return (deliver);
>>   }
>>
>>   return (deliver);
>> }
>>
>> # DELIVER FUNCTION
>> # ##########################################################
>> sub vcl_deliver {
>>   # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT' TEXT
>>   # IN THE HEADER (GREAT FOR DEBUGGING)
>>   # ##########################################################
>>   if (obj.hits > 0) {
>>     set resp.http.X-Cache = "HIT";
>>   # IF THIS IS A MISS RETURN THAT IN THE HEADER
>>   # ##########################################################
>>   } else {
>>     set resp.http.X-Cache = "MISS";
>>   }
>> }
>>
>> 2016-08-04 22:50 GMT+03:00 Lane, Richard <rlane at ahbelo.com>:
>>
>>> This was what I was talking about when I said you may need additional
>>> logic to handle both.
>>>
>>> You will need to add the cookie check along with the path for forum to
>>> that pass block. So something like...
>>>
>>>   if( req.http.Cookie ~ "xf_(session|user)" && req.url ~ '^/forum.*') {
>>>     return (pass);
>>>   }
>>>
>>> On Thu, Aug 4, 2016 at 2:44 PM, Ayberk Kimsesiz <
>>> ayberk.kimsesiz at gmail.com> wrote:
>>>
>>>> Yes, i want /forum to be MISS, there is no problem. However, Wordpress
>>>> (homepage) shows MISS too.
>>>>
>>>> 2016-08-04 22:34 GMT+03:00 Lane, Richard <rlane at ahbelo.com>:
>>>>
>>>>> If you PASS then your request will not be cached. Varnish marks these
>>>>> non-cached items as a MISS since they go to the backend each time and
>>>>> therefore a miss and not a hit on cache.
>>>>>
>>>>> What were you expecting? Is this still requests with the forum cookies?
>>>>>
>>>>> If you want to cache request from logged in users you will need to add
>>>>> the specific user cookies to the hash so each user served their cached copy.
>>>>>
>>>>> On Thu, Aug 4, 2016 at 2:16 PM, Ayberk Kimsesiz <
>>>>> ayberk.kimsesiz at gmail.com> wrote:
>>>>>
>>>>>> If i use the given settings MISS appears in the Header.
>>>>>>
>>>>>> Accept-Ranges bytes
>>>>>> Age 0
>>>>>> Cache-control private, max-age=0
>>>>>> Content-Encoding gzip
>>>>>> Content-Length 10075
>>>>>> Content-Type text/html; charset=UTF-8
>>>>>> Date Thu, 04 Aug 2016 18:30:52 GMT
>>>>>> Expires Thu, 19 Nov 1981 08:52:00 GMT
>>>>>> Last-Modified Thu, 04 Aug 2016 18:30:52 GMT
>>>>>> Server Apache/2
>>>>>> Vary Accept-Encoding
>>>>>> Via 1.1 varnish-v4
>>>>>> X-Cache MISS
>>>>>>
>>>>>> What do you suggest me to do?
>>>>>>
>>>>>>
>>>>>>
>>>>>> 2016-08-04 19:07 GMT+03:00 Ayberk Kimsesiz <ayberk.kimsesiz at gmail.com
>>>>>> >:
>>>>>>
>>>>>>> Finally!
>>>>>>> Login function is now working with the following settings but
>>>>>>>  X-Cache shows MISS instead of HIT.
>>>>>>>
>>>>>>> #THE RECV FUNCTION
>>>>>>> # ##########################################################
>>>>>>> sub vcl_recv {
>>>>>>>   if( req.http.Cookie ~ "xf_(session|user)") {
>>>>>>>     return (pass);
>>>>>>>   }
>>>>>>>
>>>>>>> # FETCH FUNCTION
>>>>>>> # ##########################################################
>>>>>>> sub vcl_backend_response {
>>>>>>>
>>>>>>>   # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC
>>>>>>>   # TENDANCY TO SET VARY USER-AGENT.  YOU MAY OR MAY NOT WANT
>>>>>>>   # TO DO THIS
>>>>>>>   # ##########################################################
>>>>>>>   set beresp.http.Vary = "Accept-Encoding";
>>>>>>>
>>>>>>>   # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF
>>>>>>>   # TIME THIS PAGE WILL STAY CACHED (TTL)
>>>>>>>   # ##########################################################
>>>>>>> if (beresp.http.Set-Cookie ~ "xf_(session|user)")
>>>>>>> { set beresp.uncacheable = true;
>>>>>>>     set beresp.ttl = 1w;
>>>>>>>     return (deliver);
>>>>>>>   }
>>>>>>>
>>>>>>>   if (beresp.ttl <= 0s ||
>>>>>>>     beresp.http.Set-Cookie ||
>>>>>>>     beresp.http.Vary == "*") {
>>>>>>>       set beresp.ttl = 120 s;
>>>>>>>       # set beresp.ttl = 120s;
>>>>>>>       set beresp.uncacheable = true;
>>>>>>>       return (deliver);
>>>>>>>   }
>>>>>>>
>>>>>>>   return (deliver);
>>>>>>> }
>>>>>>>
>>>>>>> # DELIVER FUNCTION
>>>>>>> # ##########################################################
>>>>>>> sub vcl_deliver {
>>>>>>>   # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT' TEXT
>>>>>>>   # IN THE HEADER (GREAT FOR DEBUGGING)
>>>>>>>   # ##########################################################
>>>>>>>   if (obj.hits > 0) {
>>>>>>>     set resp.http.X-Cache = "HIT";
>>>>>>>   # IF THIS IS A MISS RETURN THAT IN THE HEADER
>>>>>>>   # ##########################################################
>>>>>>>   } else {
>>>>>>>     set resp.http.X-Cache = "MISS";
>>>>>>>   }
>>>>>>> }
>>>>>>>
>>>>>>> 2016-08-04 18:47 GMT+03:00 Ayberk Kimsesiz <
>>>>>>> ayberk.kimsesiz at gmail.com>:
>>>>>>>
>>>>>>>> Finally!
>>>>>>>> Login function is now working with the following settings but
>>>>>>>>  X-Cache shows MISS instead of HIT.
>>>>>>>>
>>>>>>>>
>>>>>>>> *#THE RECV FUNCTION*
>>>>>>>> *# ##########################################################*
>>>>>>>> *sub vcl_recv { *
>>>>>>>> *  if( req.http.Cookie ~ "xf_(session|user)") {*
>>>>>>>> *    return (pass);*
>>>>>>>> *  }*
>>>>>>>>
>>>>>>>>
>>>>>>>> *# FETCH FUNCTION*
>>>>>>>> *# ##########################################################*
>>>>>>>> *sub vcl_backend_response {   *
>>>>>>>>
>>>>>>>> *  # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC *
>>>>>>>> *  # TENDANCY TO SET VARY USER-AGENT.  YOU MAY OR MAY NOT WANT*
>>>>>>>> *  # TO DO THIS*
>>>>>>>> *  # ##########################################################*
>>>>>>>> *  set beresp.http.Vary = "Accept-Encoding";*
>>>>>>>>
>>>>>>>> *  # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF *
>>>>>>>> *  # TIME THIS PAGE WILL STAY CACHED (TTL)*
>>>>>>>> *  # ##########################################################*
>>>>>>>> *if (beresp.http.Set-Cookie ~ "xf_(session|user)") *
>>>>>>>> *{ set beresp.uncacheable = true;*
>>>>>>>> *    set beresp.ttl = 1w;*
>>>>>>>> *    return (deliver);*
>>>>>>>> *  }*
>>>>>>>>
>>>>>>>> *  if (beresp.ttl <= 0s ||*
>>>>>>>> *    beresp.http.Set-Cookie ||*
>>>>>>>> *    beresp.http.Vary == "*") {*
>>>>>>>> *      set beresp.ttl = 120 s;*
>>>>>>>> *      # set beresp.ttl = 120s;*
>>>>>>>> *      set beresp.uncacheable = true;*
>>>>>>>> *      return (deliver);*
>>>>>>>> *  }*
>>>>>>>>
>>>>>>>> *  return (deliver);*
>>>>>>>> *}*
>>>>>>>>
>>>>>>>> *# DELIVER FUNCTION*
>>>>>>>> *# ##########################################################*
>>>>>>>> *sub vcl_deliver {*
>>>>>>>> *  # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT' TEXT *
>>>>>>>> *  # IN THE HEADER (GREAT FOR DEBUGGING)*
>>>>>>>> *  # ##########################################################*
>>>>>>>> *  if (obj.hits > 0) {*
>>>>>>>> *    set resp.http.X-Cache = "HIT";*
>>>>>>>> *  # IF THIS IS A MISS RETURN THAT IN THE HEADER*
>>>>>>>> *  # ##########################################################*
>>>>>>>> *  } else {*
>>>>>>>> *    set resp.http.X-Cache = "MISS";*
>>>>>>>> *  }*
>>>>>>>> *}*
>>>>>>>>
>>>>>>>> 2016-08-04 18:02 GMT+03:00 Lane, Richard <rlane at ahbelo.com>:
>>>>>>>>
>>>>>>>>> I agree that the order of execution may be getting you here. If
>>>>>>>>> you need the WordPress rules then you may need to put additional logic to
>>>>>>>>> ensure non-wordpress applications are not negatively affected.
>>>>>>>>>
>>>>>>>>> What happens if you change the order of these two blocks? Put your
>>>>>>>>> Set-Cookie check block before the wp-login check.
>>>>>>>>>
>>>>>>>>> >   # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF
>>>>>>>>> >   # TIME THIS PAGE WILL STAY CACHED (TTL)
>>>>>>>>> >   # ##########################################################
>>>>>>>>> >   if (!(bereq.url ~ "wp-(login|admin)") && !bereq.http.cookie ~
>>>>>>>>> "wordpress_logged_in" ) {
>>>>>>>>> >     unset beresp.http.set-cookie;
>>>>>>>>> >     set beresp.ttl = 52w;
>>>>>>>>> > #    set beresp.grace =1w;
>>>>>>>>> >   }
>>>>>>>>> >
>>>>>>>>> >     if (beresp.http.Set-Cookie ~ "xf_(session|user)") {
>>>>>>>>> > set beresp.uncacheable = true;
>>>>>>>>> >     set beresp.ttl = 1w;
>>>>>>>>> >     return (deliver);
>>>>>>>>> >   }
>>>>>>>>>
>>>>>>>>> On Thu, Aug 4, 2016 at 9:50 AM, Andrei <lagged at gmail.com> wrote:
>>>>>>>>>
>>>>>>>>>> The log output suggests the xf_ cookie check in vcl_recv is not
>>>>>>>>>> the first thing to run as you pasted earlier. Also, looking a bit closer,
>>>>>>>>>> your issue the fact that you unset the cookie in vcl_backend_response if
>>>>>>>>>> it's not wordpress related. Again, you should really audit your entire VCL,
>>>>>>>>>> and remove unneeded stuff, like all the WordPress related rules if you're
>>>>>>>>>> not using it.
>>>>>>>>>>
>>>>>>>>>> On Thu, Aug 4, 2016 at 9:43 AM, Ayberk Kimsesiz <
>>>>>>>>>> ayberk.kimsesiz at gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>>> Log message:
>>>>>>>>>>>
>>>>>>>>>>> [root at ns1 ~]# varnishlog | grep -A15 -B15 "PPPAASS"
>>>>>>>>>>> -   ReqHeader      If-None-Match: "1787d-5392dab8f2b4e-gzip"
>>>>>>>>>>> -   ReqHeader      If-Modified-Since: Wed, 03 Aug 2016 16:53:18
>>>>>>>>>>> GMT
>>>>>>>>>>> -   ReqHeader      X-Forwarded-For: 95.5.187.232
>>>>>>>>>>> -   VCL_call       RECV
>>>>>>>>>>> -   ReqHeader      X-Actual-IP: 95.5.187.232
>>>>>>>>>>> -   ReqUnset       X-Forwarded-For: 95.5.187.232
>>>>>>>>>>> -   ReqHeader      X-Forwarded-For: 95.5.187.232, 95.5.187.232
>>>>>>>>>>> -   ReqUnset       Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>>>> pps_show_100=Th
>>>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>>>>                                                pps_times_showed_100=1;
>>>>>>>>>>> __gads=ID=83a3a88cd0381f62:T=1470300206:S=ALNI_MawbfRUla
>>>>>>>>>>>                                         wFoW2XT0IpqCIsH5v7bQ; xf_session=
>>>>>>>>>>> -   ReqHeader      Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>>>> pps_show_100=Th
>>>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>>>>                                                pps_times_showed_100=1;
>>>>>>>>>>> xf_session=87bea6639553d44d72f0d612924b52ac; wordpress_t
>>>>>>>>>>>                                         est_cookie=WP+Cookie+check
>>>>>>>>>>> -   ReqUnset       Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>>>> pps_show_100=Th
>>>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>>>>                                                pps_times_showed_100=1;
>>>>>>>>>>> xf_session=87bea6639553d44d72f0d612924b52ac; wordpress_t
>>>>>>>>>>>                                         est_cookie=WP+Cookie+check
>>>>>>>>>>> -   ReqHeader      Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>>>> pps_show_100=Th
>>>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>>>>                                                pps_times_showed_100=1;
>>>>>>>>>>> xf_session=87bea6639553d44d72f0d612924b52ac; wordpress_t
>>>>>>>>>>>                                         est_cookie=WP+Cookie+check
>>>>>>>>>>> -   ReqUnset       X-Forwarded-For: 95.5.187.232, 95.5.187.232
>>>>>>>>>>> -   ReqHeader      X-Forwarded-For: 95.5.187.232, 95.5.187.232,
>>>>>>>>>>> 95.5.187.232
>>>>>>>>>>> -   ReqUnset       Accept-Encoding: gzip, deflate, sdch
>>>>>>>>>>> -   ReqHeader      Accept-Encoding: gzip
>>>>>>>>>>> -   VCL_Log        PPPAASS
>>>>>>>>>>> -   VCL_return     pass
>>>>>>>>>>> -   VCL_call       HASH
>>>>>>>>>>> -   VCL_return     lookup
>>>>>>>>>>> -   VCL_call       PASS
>>>>>>>>>>> -   VCL_return     fetch
>>>>>>>>>>> -   Link           bereq 524435 pass
>>>>>>>>>>> -   Timestamp      Fetch: 1470321283.617655 0.005758 0.005758
>>>>>>>>>>> -   RespProtocol   HTTP/1.1
>>>>>>>>>>> -   RespStatus     200
>>>>>>>>>>> -   RespReason     OK
>>>>>>>>>>> -   RespHeader     Date: Thu, 04 Aug 2016 14:34:43 GMT
>>>>>>>>>>> -   RespHeader     Server: Apache/2
>>>>>>>>>>> -   RespHeader     Last-Modified: Wed, 03 Aug 2016 16:53:18 GMT
>>>>>>>>>>> -   RespHeader     ETag: "1787d-5392dab8f2b4e-gzip"
>>>>>>>>>>> -   RespHeader     Accept-Ranges: bytes
>>>>>>>>>>> --
>>>>>>>>>>> -   ReqHeader      If-Modified-Since: Thu, 04 Aug 2016 09:32:51
>>>>>>>>>>> GMT
>>>>>>>>>>> -   ReqHeader      X-Forwarded-For: 95.5.187.232
>>>>>>>>>>> -   VCL_call       RECV
>>>>>>>>>>> -   ReqHeader      X-Actual-IP: 95.5.187.232
>>>>>>>>>>> -   ReqUnset       X-Forwarded-For: 95.5.187.232
>>>>>>>>>>> -   ReqHeader      X-Forwarded-For: 95.5.187.232, 95.5.187.232
>>>>>>>>>>> -   ReqUnset       Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>>>> pps_show_100=Th
>>>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>>>>                                                pps_times_showed_100=1;
>>>>>>>>>>> __gads=ID=83a3a88cd0381f62:T=1470300206:S=ALNI_MawbfRUla
>>>>>>>>>>>                                         wFoW2XT0IpqCIsH5v7bQ; xf_session=
>>>>>>>>>>> -   ReqHeader      Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>>>> pps_show_100=Th
>>>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>>>>                                                pps_times_showed_100=1;
>>>>>>>>>>> xf_session=87bea6639553d44d72f0d612924b52ac; wordpress_t
>>>>>>>>>>>                                         est_cookie=WP+Cookie+check
>>>>>>>>>>> -   ReqUnset       Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>>>> pps_show_100=Th
>>>>>>>>>>> u%20Aug%2004%202016%2010%3A05%3A38%20GMT+0300%20%28Turkey%20Daylight%20Time%29;
>>>>>>>>>>>                                                pps_times_showed_100=1;
>>>>>>>>>>> xf_session=87bea6639553d44d72f0d612924b52ac; wordpress_t
>>>>>>>>>>>                                         est_cookie=WP+Cookie+check
>>>>>>>>>>> -   ReqHeader      Cookie: PHPSESSID=mvdt2ok0h7qpje8aej6s7hdd73;
>>>>>>>>>>> pps_show_100=Th
>>>>>>>>>>>
>>>>>>>>>>> 2016-08-04 17:24 GMT+03:00 Lane, Richard <rlane at ahbelo.com>:
>>>>>>>>>>>
>>>>>>>>>>>> I assume you reloaded/restarted Varnish after these changes
>>>>>>>>>>>> were made. If so, can you verify that you do have the cookies set on the
>>>>>>>>>>>> request?
>>>>>>>>>>>>
>>>>>>>>>>>> maybe add this log message right before returning
>>>>>>>>>>>>
>>>>>>>>>>>> if(req.http.Cookie ~ "xf_(session|user)") {
>>>>>>>>>>>>     std.log( "PPPAASS Cookie set for forum");
>>>>>>>>>>>>     return (pass);
>>>>>>>>>>>>
>>>>>>>>>>>>   }
>>>>>>>>>>>>
>>>>>>>>>>>> Then you can use varnishlog command (below) to verify cookie is
>>>>>>>>>>>> found
>>>>>>>>>>>>
>>>>>>>>>>>> varnishlog | grep -A15 -B15 "PPPAASS"
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Cheers,
>>>>>>>>>>>> Richard
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> On Thu, Aug 4, 2016 at 9:06 AM, Ayberk Kimsesiz <
>>>>>>>>>>>> ayberk.kimsesiz at gmail.com> wrote:
>>>>>>>>>>>> >
>>>>>>>>>>>> > First of all, thank you. However the problem continues. Can
>>>>>>>>>>>> you examine the codes?
>>>>>>>>>>>> >
>>>>>>>>>>>> >
>>>>>>>>>>>> > /* SET THE HOST AND PORT OF WORDPRESS
>>>>>>>>>>>> >  * *********************************************************/
>>>>>>>>>>>> > vcl 4.0;
>>>>>>>>>>>> > import std;
>>>>>>>>>>>> >
>>>>>>>>>>>> > backend default {
>>>>>>>>>>>> >   .host = "*******";
>>>>>>>>>>>> >   .port = "8080";
>>>>>>>>>>>> >   .connect_timeout = 600s;
>>>>>>>>>>>> >   .first_byte_timeout = 600s;
>>>>>>>>>>>> >   .between_bytes_timeout = 600s;
>>>>>>>>>>>> >   .max_connections = 800;
>>>>>>>>>>>> > }
>>>>>>>>>>>> >
>>>>>>>>>>>> > # SET THE ALLOWED IP OF PURGE REQUESTS
>>>>>>>>>>>> > # ##########################################################
>>>>>>>>>>>> > acl purge {
>>>>>>>>>>>> >   "localhost";
>>>>>>>>>>>> >   "127.0.0.1";
>>>>>>>>>>>> > }
>>>>>>>>>>>> >
>>>>>>>>>>>> > #THE RECV FUNCTION
>>>>>>>>>>>> > # ##########################################################
>>>>>>>>>>>> > sub vcl_recv {
>>>>>>>>>>>> >
>>>>>>>>>>>> > if(req.http.Cookie ~ "xf_(session|user)") {
>>>>>>>>>>>> >     return (pass);
>>>>>>>>>>>> >   }
>>>>>>>>>>>> >
>>>>>>>>>>>> > # set realIP by trimming CloudFlare IP which will be used for
>>>>>>>>>>>> various checks
>>>>>>>>>>>> > set req.http.X-Actual-IP = regsub(req.http.X-Forwarded-For,
>>>>>>>>>>>> "[, ].*$", "");
>>>>>>>>>>>> >
>>>>>>>>>>>> >         # FORWARD THE IP OF THE REQUEST
>>>>>>>>>>>> >   if (req.restarts == 0) {
>>>>>>>>>>>> >     if (req.http.x-forwarded-for) {
>>>>>>>>>>>> >       set req.http.X-Forwarded-For =
>>>>>>>>>>>> >       req.http.X-Forwarded-For + ", " + client.ip;
>>>>>>>>>>>> >     } else {
>>>>>>>>>>>> >       set req.http.X-Forwarded-For = client.ip;
>>>>>>>>>>>> >     }
>>>>>>>>>>>> >   }
>>>>>>>>>>>> >
>>>>>>>>>>>> >  # Purge request check sections for hash_always_miss, purge
>>>>>>>>>>>> and ban
>>>>>>>>>>>> >  # BLOCK IF NOT IP is not in purge acl
>>>>>>>>>>>> >  # ##########################################################
>>>>>>>>>>>> >
>>>>>>>>>>>> >   # Enable smart refreshing using hash_always_miss
>>>>>>>>>>>> > if (req.http.Cache-Control ~ "no-cache") {
>>>>>>>>>>>> >     if (client.ip ~ purge || !std.ip(req.http.X-Actual-IP,
>>>>>>>>>>>> "1.2.3.4") ~ purge) {
>>>>>>>>>>>> >          set req.hash_always_miss = true;
>>>>>>>>>>>> >     }
>>>>>>>>>>>> > }
>>>>>>>>>>>> >
>>>>>>>>>>>> > if (req.method == "PURGE") {
>>>>>>>>>>>> >     if (!client.ip ~ purge || !std.ip(req.http.X-Actual-IP,
>>>>>>>>>>>> "1.2.3.4") ~ purge) {
>>>>>>>>>>>> >         return(synth(405,"Not allowed."));
>>>>>>>>>>>> >         }
>>>>>>>>>>>> >     return (purge);
>>>>>>>>>>>> >
>>>>>>>>>>>> >   }
>>>>>>>>>>>> > if (req.method == "BAN") {
>>>>>>>>>>>> >         # Same ACL check as above:
>>>>>>>>>>>> >         if (!client.ip ~ purge ||
>>>>>>>>>>>> !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~ purge) {
>>>>>>>>>>>> >                         return(synth(403, "Not allowed."));
>>>>>>>>>>>> >         }
>>>>>>>>>>>> >         ban("req.http.host == " + req.http.host +
>>>>>>>>>>>> >                   " && req.url == " + req.url);
>>>>>>>>>>>> >
>>>>>>>>>>>> >         # Throw a synthetic page so the
>>>>>>>>>>>> >         # request won't go to the backend.
>>>>>>>>>>>> >         return(synth(200, "Ban added"));
>>>>>>>>>>>> > }
>>>>>>>>>>>> >
>>>>>>>>>>>> >
>>>>>>>>>>>> > # Unset cloudflare cookies
>>>>>>>>>>>> > # Remove has_js and CloudFlare/Google Analytics __* cookies.
>>>>>>>>>>>> >       set req.http.Cookie = regsuball(req.http.Cookie,
>>>>>>>>>>>> "(^|;\s*)(_[_a-z]+|has_js)=[^;]*", "");
>>>>>>>>>>>> >       # Remove a ";" prefix, if present.
>>>>>>>>>>>> >      set req.http.Cookie = regsub(req.http.Cookie, "^;\s*",
>>>>>>>>>>>> "");
>>>>>>>>>>>> >
>>>>>>>>>>>> >   # For Testing: If you want to test with Varnish passing
>>>>>>>>>>>> (not caching) uncomment
>>>>>>>>>>>> >   # return( pass );
>>>>>>>>>>>> >
>>>>>>>>>>>> >   # FORWARD THE IP OF THE REQUEST
>>>>>>>>>>>> >   if (req.restarts == 0) {
>>>>>>>>>>>> >     if (req.http.x-forwarded-for) {
>>>>>>>>>>>> >       set req.http.X-Forwarded-For =
>>>>>>>>>>>> >       req.http.X-Forwarded-For + ", " + client.ip;
>>>>>>>>>>>> >     } else {
>>>>>>>>>>>> >       set req.http.X-Forwarded-For = client.ip;
>>>>>>>>>>>> >     }
>>>>>>>>>>>> >   }
>>>>>>>>>>>> >
>>>>>>>>>>>> > # DO NOT CACHE RSS FEED
>>>>>>>>>>>> >  if (req.url ~ "/feed(/)?") {
>>>>>>>>>>>> >     return ( pass );
>>>>>>>>>>>> > }
>>>>>>>>>>>> >
>>>>>>>>>>>> > ## Do not cache search results, comment these 3 lines if you
>>>>>>>>>>>> do want to cache them
>>>>>>>>>>>> >
>>>>>>>>>>>> > if (req.url ~ "/\?s\=") {
>>>>>>>>>>>> >     return ( pass );
>>>>>>>>>>>> > }
>>>>>>>>>>>> >
>>>>>>>>>>>> > # CLEAN UP THE ENCODING HEADER.
>>>>>>>>>>>> >   # SET TO GZIP, DEFLATE, OR REMOVE ENTIRELY.  WITH VARY
>>>>>>>>>>>> ACCEPT-ENCODING
>>>>>>>>>>>> >   # VARNISH WILL CREATE SEPARATE CACHES FOR EACH
>>>>>>>>>>>> >   # DO NOT ACCEPT-ENCODING IMAGES, ZIPPED FILES, AUDIO, ETC.
>>>>>>>>>>>> >   # ##############################
>>>>>>>>>>>> ############################
>>>>>>>>>>>> >   if (req.http.Accept-Encoding) {
>>>>>>>>>>>> >     if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$")
>>>>>>>>>>>> {
>>>>>>>>>>>> >       # No point in compressing these
>>>>>>>>>>>> >       unset req.http.Accept-Encoding;
>>>>>>>>>>>> >     } elsif (req.http.Accept-Encoding ~ "gzip") {
>>>>>>>>>>>> >       set req.http.Accept-Encoding = "gzip";
>>>>>>>>>>>> >     } elsif (req.http.Accept-Encoding ~ "deflate") {
>>>>>>>>>>>> >       set req.http.Accept-Encoding = "deflate";
>>>>>>>>>>>> >     } else {
>>>>>>>>>>>> >       # unknown algorithm
>>>>>>>>>>>> >       unset req.http.Accept-Encoding;
>>>>>>>>>>>> >     }
>>>>>>>>>>>> >   }
>>>>>>>>>>>> >
>>>>>>>>>>>> >   # PIPE ALL NON-STANDARD REQUESTS
>>>>>>>>>>>> >   # ##############################
>>>>>>>>>>>> ############################
>>>>>>>>>>>> >   if (req.method != "GET" &&
>>>>>>>>>>>> >     req.method != "HEAD" &&
>>>>>>>>>>>> >     req.method != "PUT" &&
>>>>>>>>>>>> >     req.method != "POST" &&
>>>>>>>>>>>> >     req.method != "TRACE" &&
>>>>>>>>>>>> >     req.method != "OPTIONS" &&
>>>>>>>>>>>> >     req.method != "DELETE") {
>>>>>>>>>>>> >       return (pipe);
>>>>>>>>>>>> >   }
>>>>>>>>>>>> >
>>>>>>>>>>>> >   # ONLY CACHE GET AND HEAD REQUESTS
>>>>>>>>>>>> >   # ##############################
>>>>>>>>>>>> ############################
>>>>>>>>>>>> >   if (req.method != "GET" && req.method != "HEAD") {
>>>>>>>>>>>> >     return (pass);
>>>>>>>>>>>> >   }
>>>>>>>>>>>> >
>>>>>>>>>>>> >   # OPTIONAL: DO NOT CACHE LOGGED IN USERS (THIS OCCURS IN
>>>>>>>>>>>> FETCH TOO, EITHER
>>>>>>>>>>>> >   # COMMENT OR UNCOMMENT BOTH
>>>>>>>>>>>> >   # ##############################
>>>>>>>>>>>> ############################
>>>>>>>>>>>> >   if ( req.http.cookie ~ "wordpress_logged_in" ) {
>>>>>>>>>>>> >     return( pass );
>>>>>>>>>>>> >   }
>>>>>>>>>>>> >
>>>>>>>>>>>> >   # IF THE REQUEST IS NOT FOR A PREVIEW, WP-ADMIN OR WP-LOGIN
>>>>>>>>>>>> >   # THEN UNSET THE COOKIES
>>>>>>>>>>>> >   # ##############################
>>>>>>>>>>>> ############################
>>>>>>>>>>>> >   if (!(req.url ~ "wp-(login|admin)")
>>>>>>>>>>>> >     && !(req.url ~ "&preview=true" )
>>>>>>>>>>>> >   ){
>>>>>>>>>>>> >     unset req.http.cookie;
>>>>>>>>>>>> >   }
>>>>>>>>>>>> >
>>>>>>>>>>>> >   # IF BASIC AUTH IS ON THEN DO NOT CACHE
>>>>>>>>>>>> >   # ##############################
>>>>>>>>>>>> ############################
>>>>>>>>>>>> >   if (req.http.Authorization || req.http.Cookie) {
>>>>>>>>>>>> >     return (pass);
>>>>>>>>>>>> >   }
>>>>>>>>>>>> >
>>>>>>>>>>>> >   # IF YOU GET HERE THEN THIS REQUEST SHOULD BE CACHED
>>>>>>>>>>>> >   # ##############################
>>>>>>>>>>>> ############################
>>>>>>>>>>>> >   return (hash);
>>>>>>>>>>>> >   # This is for phpmyadmin
>>>>>>>>>>>> > if (req.http.Host == "ki1.org") {
>>>>>>>>>>>> > return (pass);
>>>>>>>>>>>> > }
>>>>>>>>>>>> >
>>>>>>>>>>>> > if (req.http.Host == "mysql.ki1.org") {
>>>>>>>>>>>> > return (pass);
>>>>>>>>>>>> > }
>>>>>>>>>>>> >
>>>>>>>>>>>> > }
>>>>>>>>>>>> >
>>>>>>>>>>>> > # HIT FUNCTION
>>>>>>>>>>>> > # ##########################################################
>>>>>>>>>>>> > sub vcl_hit {
>>>>>>>>>>>> >   # IF THIS IS A PURGE REQUEST THEN DO THE PURGE
>>>>>>>>>>>> >   # ##############################
>>>>>>>>>>>> ############################
>>>>>>>>>>>> >   if (req.method == "PURGE") {
>>>>>>>>>>>> >     #
>>>>>>>>>>>> >     # This is now handled in vcl_recv.
>>>>>>>>>>>> >     #
>>>>>>>>>>>> >     # purge;
>>>>>>>>>>>> >     return (synth(200, "Purged."));
>>>>>>>>>>>> >   }
>>>>>>>>>>>> >   return (deliver);
>>>>>>>>>>>> > }
>>>>>>>>>>>> >
>>>>>>>>>>>> > # MISS FUNCTION
>>>>>>>>>>>> > # ##########################################################
>>>>>>>>>>>> > sub vcl_miss {
>>>>>>>>>>>> >   if (req.method == "PURGE") {
>>>>>>>>>>>> >     #
>>>>>>>>>>>> >     # This is now handled in vcl_recv.
>>>>>>>>>>>> >     #
>>>>>>>>>>>> >     # purge;
>>>>>>>>>>>> >     return (synth(200, "Purged."));
>>>>>>>>>>>> >   }
>>>>>>>>>>>> >   return (fetch);
>>>>>>>>>>>> > }
>>>>>>>>>>>> >
>>>>>>>>>>>> > # FETCH FUNCTION
>>>>>>>>>>>> > # ##########################################################
>>>>>>>>>>>> > sub vcl_backend_response {
>>>>>>>>>>>> >   # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC
>>>>>>>>>>>> >   # TENDANCY TO SET VARY USER-AGENT.  YOU MAY OR MAY NOT WANT
>>>>>>>>>>>> >   # TO DO THIS
>>>>>>>>>>>> >   # ##############################
>>>>>>>>>>>> ############################
>>>>>>>>>>>> >   set beresp.http.Vary = "Accept-Encoding";
>>>>>>>>>>>> >
>>>>>>>>>>>> >   # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF
>>>>>>>>>>>> >   # TIME THIS PAGE WILL STAY CACHED (TTL)
>>>>>>>>>>>> >   # ##############################
>>>>>>>>>>>> ############################
>>>>>>>>>>>> >   if (!(bereq.url ~ "wp-(login|admin)") && !bereq.http.cookie
>>>>>>>>>>>> ~ "wordpress_logged_in" ) {
>>>>>>>>>>>> >     unset beresp.http.set-cookie;
>>>>>>>>>>>> >     set beresp.ttl = 52w;
>>>>>>>>>>>> > #    set beresp.grace =1w;
>>>>>>>>>>>> >   }
>>>>>>>>>>>> >
>>>>>>>>>>>> >     if (beresp.http.Set-Cookie ~ "xf_(session|user)") {
>>>>>>>>>>>> > set beresp.uncacheable = true;
>>>>>>>>>>>> >     set beresp.ttl = 1w;
>>>>>>>>>>>> >     return (deliver);
>>>>>>>>>>>> >   }
>>>>>>>>>>>> >
>>>>>>>>>>>> >
>>>>>>>>>>>> >   if (beresp.ttl <= 0s ||
>>>>>>>>>>>> >     beresp.http.Set-Cookie ||
>>>>>>>>>>>> >     beresp.http.Vary == "*") {
>>>>>>>>>>>> >       set beresp.ttl = 120 s;
>>>>>>>>>>>> >       # set beresp.ttl = 120s;
>>>>>>>>>>>> >       set beresp.uncacheable = true;
>>>>>>>>>>>> >       return (deliver);
>>>>>>>>>>>> >   }
>>>>>>>>>>>> >
>>>>>>>>>>>> >   return (deliver);
>>>>>>>>>>>> > }
>>>>>>>>>>>> >
>>>>>>>>>>>> > # DELIVER FUNCTION
>>>>>>>>>>>> > # ##########################################################
>>>>>>>>>>>> > sub vcl_deliver {
>>>>>>>>>>>> >   # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT' TEXT
>>>>>>>>>>>> >   # IN THE HEADER (GREAT FOR DEBUGGING)
>>>>>>>>>>>> >   # ##############################
>>>>>>>>>>>> ############################
>>>>>>>>>>>> >   if (obj.hits > 0) {
>>>>>>>>>>>> >     set resp.http.X-Cache = "HIT";
>>>>>>>>>>>> >   # IF THIS IS A MISS RETURN THAT IN THE HEADER
>>>>>>>>>>>> >   # ##############################
>>>>>>>>>>>> ############################
>>>>>>>>>>>> >   } else {
>>>>>>>>>>>> >     set resp.http.X-Cache = "MISS";
>>>>>>>>>>>> >   }
>>>>>>>>>>>> > }
>>>>>>>>>>>> >
>>>>>>>>>>>> >
>>>>>>>>>>>> >
>>>>>>>>>>>> > 2016-08-04 16:36 GMT+03:00 Andrei <lagged at gmail.com>:
>>>>>>>>>>>> >>
>>>>>>>>>>>> >> correction:
>>>>>>>>>>>> >>
>>>>>>>>>>>> >> sub vcl_recv {
>>>>>>>>>>>> >>   if(req.http.Cookie ~ "xf_(session|user)") {
>>>>>>>>>>>> >>     return (pass);
>>>>>>>>>>>> >>   }
>>>>>>>>>>>> >> }
>>>>>>>>>>>> >>
>>>>>>>>>>>> >> sub vcl_backend_response {
>>>>>>>>>>>> >>   if (beresp.http.Set-Cookie ~ "xf_(session|user)") {
>>>>>>>>>>>> >>     set beresp.uncacheable = true;
>>>>>>>>>>>> >>     set beresp.ttl = 1w;
>>>>>>>>>>>> >>     return (deliver);
>>>>>>>>>>>> >>   }
>>>>>>>>>>>> >> }
>>>>>>>>>>>> >>
>>>>>>>>>>>> >> On Thu, Aug 4, 2016 at 8:34 AM, Andrei <lagged at gmail.com>
>>>>>>>>>>>> wrote:
>>>>>>>>>>>> >>>
>>>>>>>>>>>> >>> Hello,
>>>>>>>>>>>> >>>
>>>>>>>>>>>> >>> Aside from the provided VCL being for WordPress, while
>>>>>>>>>>>> you're running XenForo, the xf_ cookies are being dropped by your config. A
>>>>>>>>>>>> quick fix is:
>>>>>>>>>>>> >>>
>>>>>>>>>>>> >>> sub vcl_recv {
>>>>>>>>>>>> >>>   if( req.http.Cookie ~ "xf_(session|user)") {
>>>>>>>>>>>> >>>     return (pass);
>>>>>>>>>>>> >>>   }
>>>>>>>>>>>> >>> }
>>>>>>>>>>>> >>>
>>>>>>>>>>>> >>> sub vcl_backend_response {
>>>>>>>>>>>> >>>   if (req.http.Cookie ~ "xf_(session|user)") {
>>>>>>>>>>>> >>>     set beresp.uncacheable = true;
>>>>>>>>>>>> >>>     set beresp.ttl = 1w;
>>>>>>>>>>>> >>>     return (deliver);
>>>>>>>>>>>> >>>   }
>>>>>>>>>>>> >>> }
>>>>>>>>>>>> >>>
>>>>>>>>>>>> >>> However, I suggest auditing your VCL, and only including
>>>>>>>>>>>> rules specific to the application(s) which you are running.
>>>>>>>>>>>> >>>
>>>>>>>>>>>> >>>
>>>>>>>>>>>> >>> On Thu, Aug 4, 2016 at 8:09 AM, Ayberk Kimsesiz <
>>>>>>>>>>>> ayberk.kimsesiz at gmail.com> wrote:
>>>>>>>>>>>> >>>>
>>>>>>>>>>>> >>>> Users can't login or register to domain.com/forum with
>>>>>>>>>>>> the current settings. So we need to make a change related to xf_user and
>>>>>>>>>>>> xf_session but how?
>>>>>>>>>>>> >>>>
>>>>>>>>>>>> >>>>
>>>>>>>>>>>> >>>>
>>>>>>>>>>>> >>>> 2016-08-04 15:26 GMT+03:00 Lane, Richard <rlane at ahbelo.com
>>>>>>>>>>>> >:
>>>>>>>>>>>> >>>>>
>>>>>>>>>>>> >>>>> If you want Varnish to ignore request for a path you need
>>>>>>>>>>>> to tell it to pass. In your example you have a rule for the RSS feed. You
>>>>>>>>>>>> can do the same for /forum/ in your vcl_recv block.
>>>>>>>>>>>> >>>>>
>>>>>>>>>>>> >>>>> *# DO NOT CACHE RSS FEED*
>>>>>>>>>>>> >>>>> * if (req.url ~ "/feed(/)?") {*
>>>>>>>>>>>> >>>>> *    return ( pass ); *
>>>>>>>>>>>> >>>>> *}*
>>>>>>>>>>>> >>>>>
>>>>>>>>>>>> >>>>> *# DO NOT CACHE FORUM*
>>>>>>>>>>>> >>>>>  if (req.url ~ "/forum(/)?") {
>>>>>>>>>>>> >>>>>     return ( pass );
>>>>>>>>>>>> >>>>>  }
>>>>>>>>>>>> >>>>>
>>>>>>>>>>>> >>>>> Cheers,
>>>>>>>>>>>> >>>>> Richard
>>>>>>>>>>>> >>>>>
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> Message: 1
>>>>>>>>>>>> >>>>>> Date: Wed, 3 Aug 2016 23:34:40 +0300
>>>>>>>>>>>> >>>>>> From: Ayberk Kimsesiz <ayberk.kimsesiz at gmail.com>
>>>>>>>>>>>> >>>>>> To: varnish-misc <varnish-misc at varnish-cache.org>
>>>>>>>>>>>> >>>>>> Subject: XenForo default.vcl settings
>>>>>>>>>>>> >>>>>> Message-ID:
>>>>>>>>>>>> >>>>>>         <CAPQGzE29n1QOmHarn9L-9ztquGfe
>>>>>>>>>>>> u-AwNJUaDrHm_w-5BXmA_Q at mail.gmail.com>
>>>>>>>>>>>> >>>>>> Content-Type: text/plain; charset="utf-8"
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> Hi,
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> Could you please share the appropriate Default.vcl
>>>>>>>>>>>> settings for XenForo
>>>>>>>>>>>> >>>>>> Forums? No one can register to the forum at the moment.
>>>>>>>>>>>> My current
>>>>>>>>>>>> >>>>>> Default.vcl settings are as follows.
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> Forum address: domain.com/forum
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> */* SET THE HOST AND PORT OF WORDPRESS*
>>>>>>>>>>>> >>>>>> * * ******************************
>>>>>>>>>>>> ***************************/*
>>>>>>>>>>>> >>>>>> *vcl 4.0;*
>>>>>>>>>>>> >>>>>> *import std;*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *backend default {*
>>>>>>>>>>>> >>>>>> *  .host = "*******";*
>>>>>>>>>>>> >>>>>> *  .port = "8080";*
>>>>>>>>>>>> >>>>>> *  .connect_timeout = 600s;*
>>>>>>>>>>>> >>>>>> *  .first_byte_timeout = 600s;*
>>>>>>>>>>>> >>>>>> *  .between_bytes_timeout = 600s;*
>>>>>>>>>>>> >>>>>> *  .max_connections = 800;*
>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *# SET THE ALLOWED IP OF PURGE REQUESTS*
>>>>>>>>>>>> >>>>>> *# ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> *acl purge {*
>>>>>>>>>>>> >>>>>> *  "localhost";*
>>>>>>>>>>>> >>>>>> *  "127.0.0.1";*
>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *#THE RECV FUNCTION*
>>>>>>>>>>>> >>>>>> *# ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> *sub vcl_recv {*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *# set realIP by trimming CloudFlare IP which will be
>>>>>>>>>>>> used for various
>>>>>>>>>>>> >>>>>> checks*
>>>>>>>>>>>> >>>>>> *set req.http.X-Actual-IP =
>>>>>>>>>>>> regsub(req.http.X-Forwarded-For, "[, ].*$",
>>>>>>>>>>>> >>>>>> ""); *
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *        # FORWARD THE IP OF THE REQUEST*
>>>>>>>>>>>> >>>>>> *  if (req.restarts == 0) {*
>>>>>>>>>>>> >>>>>> *    if (req.http.x-forwarded-for) {*
>>>>>>>>>>>> >>>>>> *      set req.http.X-Forwarded-For =*
>>>>>>>>>>>> >>>>>> *      req.http.X-Forwarded-For + ", " + client.ip;*
>>>>>>>>>>>> >>>>>> *    } else {*
>>>>>>>>>>>> >>>>>> *      set req.http.X-Forwarded-For = client.ip;*
>>>>>>>>>>>> >>>>>> *    }*
>>>>>>>>>>>> >>>>>> *  }*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> * # Purge request check sections for hash_always_miss,
>>>>>>>>>>>> purge and ban*
>>>>>>>>>>>> >>>>>> * # BLOCK IF NOT IP is not in purge acl*
>>>>>>>>>>>> >>>>>> * # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *  # Enable smart refreshing using hash_always_miss*
>>>>>>>>>>>> >>>>>> *if (req.http.Cache-Control ~ "no-cache") {*
>>>>>>>>>>>> >>>>>> *    if (client.ip ~ purge ||
>>>>>>>>>>>> !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~
>>>>>>>>>>>> >>>>>> purge) {*
>>>>>>>>>>>> >>>>>> *         set req.hash_always_miss = true;*
>>>>>>>>>>>> >>>>>> *    }*
>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *if (req.method == "PURGE") {*
>>>>>>>>>>>> >>>>>> *    if (!client.ip ~ purge ||
>>>>>>>>>>>> !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~
>>>>>>>>>>>> >>>>>> purge) {*
>>>>>>>>>>>> >>>>>> *        return(synth(405,"Not allowed."));*
>>>>>>>>>>>> >>>>>> *        }*
>>>>>>>>>>>> >>>>>> *    return (purge);*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *  }*
>>>>>>>>>>>> >>>>>> *if (req.method == "BAN") {*
>>>>>>>>>>>> >>>>>> *        # Same ACL check as above:*
>>>>>>>>>>>> >>>>>> *        if (!client.ip ~ purge ||
>>>>>>>>>>>> !std.ip(req.http.X-Actual-IP, "1.2.3.4")
>>>>>>>>>>>> >>>>>> ~ purge) {*
>>>>>>>>>>>> >>>>>> *                        return(synth(403, "Not
>>>>>>>>>>>> allowed."));*
>>>>>>>>>>>> >>>>>> *        }*
>>>>>>>>>>>> >>>>>> *        ban("req.http.host == " + req.http.host +*
>>>>>>>>>>>> >>>>>> *                  " && req.url == " + req.url);*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *        # Throw a synthetic page so the*
>>>>>>>>>>>> >>>>>> *        # request won't go to the backend.*
>>>>>>>>>>>> >>>>>> *        return(synth(200, "Ban added"));*
>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *# Unset cloudflare cookies*
>>>>>>>>>>>> >>>>>> *# Remove has_js and CloudFlare/Google Analytics __*
>>>>>>>>>>>> cookies.*
>>>>>>>>>>>> >>>>>> *      set req.http.Cookie = regsuball(req.http.Cookie,
>>>>>>>>>>>> >>>>>> "(^|;\s*)(_[_a-z]+|has_js)=[^;]*", "");*
>>>>>>>>>>>> >>>>>> *      # Remove a ";" prefix, if present.*
>>>>>>>>>>>> >>>>>> *     set req.http.Cookie = regsub(req.http.Cookie,
>>>>>>>>>>>> "^;\s*", "");*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *  # For Testing: If you want to test with Varnish
>>>>>>>>>>>> passing (not caching)
>>>>>>>>>>>> >>>>>> uncomment*
>>>>>>>>>>>> >>>>>> *  # return( pass );*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *  # FORWARD THE IP OF THE REQUEST*
>>>>>>>>>>>> >>>>>> *  if (req.restarts == 0) {*
>>>>>>>>>>>> >>>>>> *    if (req.http.x-forwarded-for) {*
>>>>>>>>>>>> >>>>>> *      set req.http.X-Forwarded-For =*
>>>>>>>>>>>> >>>>>> *      req.http.X-Forwarded-For + ", " + client.ip;*
>>>>>>>>>>>> >>>>>> *    } else {*
>>>>>>>>>>>> >>>>>> *      set req.http.X-Forwarded-For = client.ip;*
>>>>>>>>>>>> >>>>>> *    }*
>>>>>>>>>>>> >>>>>> *  }*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *# DO NOT CACHE RSS FEED*
>>>>>>>>>>>> >>>>>> * if (req.url ~ "/feed(/)?") {*
>>>>>>>>>>>> >>>>>> *    return ( pass ); *
>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *## Do not cache search results, comment these 3 lines
>>>>>>>>>>>> if you do want to
>>>>>>>>>>>> >>>>>> cache them*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *if (req.url ~ "/\?s\=") {*
>>>>>>>>>>>> >>>>>> *    return ( pass ); *
>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *# CLEAN UP THE ENCODING HEADER.*
>>>>>>>>>>>> >>>>>> *  # SET TO GZIP, DEFLATE, OR REMOVE ENTIRELY.  WITH
>>>>>>>>>>>> VARY ACCEPT-ENCODING*
>>>>>>>>>>>> >>>>>> *  # VARNISH WILL CREATE SEPARATE CACHES FOR EACH*
>>>>>>>>>>>> >>>>>> *  # DO NOT ACCEPT-ENCODING IMAGES, ZIPPED FILES, AUDIO,
>>>>>>>>>>>> ETC.*
>>>>>>>>>>>> >>>>>> *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> *  if (req.http.Accept-Encoding) {*
>>>>>>>>>>>> >>>>>> *    if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$")
>>>>>>>>>>>> {*
>>>>>>>>>>>> >>>>>> *      # No point in compressing these*
>>>>>>>>>>>> >>>>>> *      unset req.http.Accept-Encoding;*
>>>>>>>>>>>> >>>>>> *    } elsif (req.http.Accept-Encoding ~ "gzip") {*
>>>>>>>>>>>> >>>>>> *      set req.http.Accept-Encoding = "gzip";*
>>>>>>>>>>>> >>>>>> *    } elsif (req.http.Accept-Encoding ~ "deflate") {*
>>>>>>>>>>>> >>>>>> *      set req.http.Accept-Encoding = "deflate";*
>>>>>>>>>>>> >>>>>> *    } else {*
>>>>>>>>>>>> >>>>>> *      # unknown algorithm*
>>>>>>>>>>>> >>>>>> *      unset req.http.Accept-Encoding;*
>>>>>>>>>>>> >>>>>> *    }*
>>>>>>>>>>>> >>>>>> *  }*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *  # PIPE ALL NON-STANDARD REQUESTS*
>>>>>>>>>>>> >>>>>> *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> *  if (req.method != "GET" &&*
>>>>>>>>>>>> >>>>>> *    req.method != "HEAD" &&*
>>>>>>>>>>>> >>>>>> *    req.method != "PUT" && *
>>>>>>>>>>>> >>>>>> *    req.method != "POST" &&*
>>>>>>>>>>>> >>>>>> *    req.method != "TRACE" &&*
>>>>>>>>>>>> >>>>>> *    req.method != "OPTIONS" &&*
>>>>>>>>>>>> >>>>>> *    req.method != "DELETE") {*
>>>>>>>>>>>> >>>>>> *      return (pipe);*
>>>>>>>>>>>> >>>>>> *  }*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *  # ONLY CACHE GET AND HEAD REQUESTS*
>>>>>>>>>>>> >>>>>> *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> *  if (req.method != "GET" && req.method != "HEAD") {*
>>>>>>>>>>>> >>>>>> *    return (pass);*
>>>>>>>>>>>> >>>>>> *  }*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *  # OPTIONAL: DO NOT CACHE LOGGED IN USERS (THIS OCCURS
>>>>>>>>>>>> IN FETCH TOO,
>>>>>>>>>>>> >>>>>> EITHER*
>>>>>>>>>>>> >>>>>> *  # COMMENT OR UNCOMMENT BOTH*
>>>>>>>>>>>> >>>>>> *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> *  if ( req.http.cookie ~ "wordpress_logged_in" ) {*
>>>>>>>>>>>> >>>>>> *    return( pass );*
>>>>>>>>>>>> >>>>>> *  }*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *  # IF THE REQUEST IS NOT FOR A PREVIEW, WP-ADMIN OR
>>>>>>>>>>>> WP-LOGIN*
>>>>>>>>>>>> >>>>>> *  # THEN UNSET THE COOKIES*
>>>>>>>>>>>> >>>>>> *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> *  if (!(req.url ~ "wp-(login|admin)") *
>>>>>>>>>>>> >>>>>> *    && !(req.url ~ "&preview=true" ) *
>>>>>>>>>>>> >>>>>> *  ){*
>>>>>>>>>>>> >>>>>> *    unset req.http.cookie;*
>>>>>>>>>>>> >>>>>> *  }*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *  # IF BASIC AUTH IS ON THEN DO NOT CACHE*
>>>>>>>>>>>> >>>>>> *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> *  if (req.http.Authorization || req.http.Cookie) {*
>>>>>>>>>>>> >>>>>> *    return (pass);*
>>>>>>>>>>>> >>>>>> *  }*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *  # IF YOU GET HERE THEN THIS REQUEST SHOULD BE CACHED*
>>>>>>>>>>>> >>>>>> *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> *  return (hash);*
>>>>>>>>>>>> >>>>>> *  # This is for phpmyadmin*
>>>>>>>>>>>> >>>>>> *if (req.http.Host == "ki1.org <http://ki1.org>") {*
>>>>>>>>>>>> >>>>>> *return (pass);*
>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *if (req.http.Host == "mysql.ki1.org <
>>>>>>>>>>>> http://mysql.ki1.org>") {*
>>>>>>>>>>>> >>>>>> *return (pass);*
>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *# HIT FUNCTION*
>>>>>>>>>>>> >>>>>> *# ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> *sub vcl_hit {*
>>>>>>>>>>>> >>>>>> *  # IF THIS IS A PURGE REQUEST THEN DO THE PURGE*
>>>>>>>>>>>> >>>>>> *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> *  if (req.method == "PURGE") {*
>>>>>>>>>>>> >>>>>> *    #*
>>>>>>>>>>>> >>>>>> *    # This is now handled in vcl_recv.*
>>>>>>>>>>>> >>>>>> *    #*
>>>>>>>>>>>> >>>>>> *    # purge;*
>>>>>>>>>>>> >>>>>> *    return (synth(200, "Purged."));*
>>>>>>>>>>>> >>>>>> *  }*
>>>>>>>>>>>> >>>>>> *  return (deliver);*
>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *# MISS FUNCTION*
>>>>>>>>>>>> >>>>>> *# ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> *sub vcl_miss {*
>>>>>>>>>>>> >>>>>> *  if (req.method == "PURGE") {*
>>>>>>>>>>>> >>>>>> *    #*
>>>>>>>>>>>> >>>>>> *    # This is now handled in vcl_recv.*
>>>>>>>>>>>> >>>>>> *    #*
>>>>>>>>>>>> >>>>>> *    # purge;*
>>>>>>>>>>>> >>>>>> *    return (synth(200, "Purged."));*
>>>>>>>>>>>> >>>>>> *  }*
>>>>>>>>>>>> >>>>>> *  return (fetch);*
>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *# FETCH FUNCTION*
>>>>>>>>>>>> >>>>>> *# ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> *sub vcl_backend_response {*
>>>>>>>>>>>> >>>>>> *  # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES
>>>>>>>>>>>> W3TC *
>>>>>>>>>>>> >>>>>> *  # TENDANCY TO SET VARY USER-AGENT.  YOU MAY OR MAY
>>>>>>>>>>>> NOT WANT*
>>>>>>>>>>>> >>>>>> *  # TO DO THIS*
>>>>>>>>>>>> >>>>>> *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> *  set beresp.http.Vary = "Accept-Encoding";*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *  # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE
>>>>>>>>>>>> AMOUNT OF *
>>>>>>>>>>>> >>>>>> *  # TIME THIS PAGE WILL STAY CACHED (TTL)*
>>>>>>>>>>>> >>>>>> *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> *  if (!(bereq.url ~ "wp-(login|admin)") &&
>>>>>>>>>>>> !bereq.http.cookie ~
>>>>>>>>>>>> >>>>>> "wordpress_logged_in" ) {*
>>>>>>>>>>>> >>>>>> *    unset beresp.http.set-cookie;*
>>>>>>>>>>>> >>>>>> *    set beresp.ttl = 52w;*
>>>>>>>>>>>> >>>>>> *#    set beresp.grace =1w;*
>>>>>>>>>>>> >>>>>> *  }*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *  if (beresp.ttl <= 0s ||*
>>>>>>>>>>>> >>>>>> *    beresp.http.Set-Cookie ||*
>>>>>>>>>>>> >>>>>> *    beresp.http.Vary == "*") {*
>>>>>>>>>>>> >>>>>> *      set beresp.ttl = 120 s;*
>>>>>>>>>>>> >>>>>> *      # set beresp.ttl = 120s;*
>>>>>>>>>>>> >>>>>> *      set beresp.uncacheable = true;*
>>>>>>>>>>>> >>>>>> *      return (deliver);*
>>>>>>>>>>>> >>>>>> *  }*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *  return (deliver);*
>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> *# DELIVER FUNCTION*
>>>>>>>>>>>> >>>>>> *# ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> *sub vcl_deliver {*
>>>>>>>>>>>> >>>>>> *  # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT'
>>>>>>>>>>>> TEXT *
>>>>>>>>>>>> >>>>>> *  # IN THE HEADER (GREAT FOR DEBUGGING)*
>>>>>>>>>>>> >>>>>> *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> *  if (obj.hits > 0) {*
>>>>>>>>>>>> >>>>>> *    set resp.http.X-Cache = "HIT";*
>>>>>>>>>>>> >>>>>> *  # IF THIS IS A MISS RETURN THAT IN THE HEADER*
>>>>>>>>>>>> >>>>>> *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> *  } else {*
>>>>>>>>>>>> >>>>>> *    set resp.http.X-Cache = "MISS";*
>>>>>>>>>>>> >>>>>> *  }*
>>>>>>>>>>>> >>>>>> *}*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> Thanks,
>>>>>>>>>>>> >>>>>> -------------- next part --------------
>>>>>>>>>>>> >>>>>> An HTML attachment was scrubbed...
>>>>>>>>>>>> >>>>>> URL: <https://www.varnish-cache.org
>>>>>>>>>>>> /lists/pipermail/varnish-misc/attachments/20160803/d572e4b2/
>>>>>>>>>>>> attachment-0001.html>
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> ------------------------------
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> Message: 2
>>>>>>>>>>>> >>>>>> Date: Thu, 4 Aug 2016 12:14:36 +0300
>>>>>>>>>>>> >>>>>> From: Ayberk Kimsesiz <ayberk.kimsesiz at gmail.com>
>>>>>>>>>>>> >>>>>> To: varnish-misc <varnish-misc at varnish-cache.org>
>>>>>>>>>>>> >>>>>> Subject: Re: XenForo default.vcl settings
>>>>>>>>>>>> >>>>>> Message-ID:
>>>>>>>>>>>> >>>>>>         <CAPQGzE39XkXy_44z5oUXBO5q5sF5
>>>>>>>>>>>> CvQmNP5k771DPi4O3i1ofA at mail.gmail.com>
>>>>>>>>>>>> >>>>>> Content-Type: text/plain; charset="utf-8"
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> I need to add the followings to default.vcl for Xenforo.
>>>>>>>>>>>> However, solutions
>>>>>>>>>>>> >>>>>> in the Xenforo forums for this didn't work. Can you
>>>>>>>>>>>> please help?
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> xf_session_admin
>>>>>>>>>>>> >>>>>> xf_user
>>>>>>>>>>>> >>>>>> xf_session
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> Or how can i block Varnish in a way that it doesn't work
>>>>>>>>>>>> in *domain.com/forum
>>>>>>>>>>>> >>>>>> <http://domain.com/forum>*
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> 2016-08-03 23:34 GMT+03:00 Ayberk Kimsesiz <
>>>>>>>>>>>> ayberk.kimsesiz at gmail.com>:
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> > Hi,
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > Could you please share the appropriate Default.vcl
>>>>>>>>>>>> settings for XenForo
>>>>>>>>>>>> >>>>>> > Forums? No one can register to the forum at the
>>>>>>>>>>>> moment. My current
>>>>>>>>>>>> >>>>>> > Default.vcl settings are as follows.
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > Forum address: domain.com/forum
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > */* SET THE HOST AND PORT OF WORDPRESS*
>>>>>>>>>>>> >>>>>> > * * ******************************
>>>>>>>>>>>> ***************************/*
>>>>>>>>>>>> >>>>>> > *vcl 4.0;*
>>>>>>>>>>>> >>>>>> > *import std;*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *backend default {*
>>>>>>>>>>>> >>>>>> > *  .host = "*******";*
>>>>>>>>>>>> >>>>>> > *  .port = "8080";*
>>>>>>>>>>>> >>>>>> > *  .connect_timeout = 600s;*
>>>>>>>>>>>> >>>>>> > *  .first_byte_timeout = 600s;*
>>>>>>>>>>>> >>>>>> > *  .between_bytes_timeout = 600s;*
>>>>>>>>>>>> >>>>>> > *  .max_connections = 800;*
>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *# SET THE ALLOWED IP OF PURGE REQUESTS*
>>>>>>>>>>>> >>>>>> > *# ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> > *acl purge {*
>>>>>>>>>>>> >>>>>> > *  "localhost";*
>>>>>>>>>>>> >>>>>> > *  "127.0.0.1";*
>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *#THE RECV FUNCTION*
>>>>>>>>>>>> >>>>>> > *# ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> > *sub vcl_recv {*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *# set realIP by trimming CloudFlare IP which will be
>>>>>>>>>>>> used for various
>>>>>>>>>>>> >>>>>> > checks*
>>>>>>>>>>>> >>>>>> > *set req.http.X-Actual-IP =
>>>>>>>>>>>> regsub(req.http.X-Forwarded-For, "[, ].*$",
>>>>>>>>>>>> >>>>>> > ""); *
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *        # FORWARD THE IP OF THE REQUEST*
>>>>>>>>>>>> >>>>>> > *  if (req.restarts == 0) {*
>>>>>>>>>>>> >>>>>> > *    if (req.http.x-forwarded-for) {*
>>>>>>>>>>>> >>>>>> > *      set req.http.X-Forwarded-For =*
>>>>>>>>>>>> >>>>>> > *      req.http.X-Forwarded-For + ", " + client.ip;*
>>>>>>>>>>>> >>>>>> > *    } else {*
>>>>>>>>>>>> >>>>>> > *      set req.http.X-Forwarded-For = client.ip;*
>>>>>>>>>>>> >>>>>> > *    }*
>>>>>>>>>>>> >>>>>> > *  }*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > * # Purge request check sections for hash_always_miss,
>>>>>>>>>>>> purge and ban*
>>>>>>>>>>>> >>>>>> > * # BLOCK IF NOT IP is not in purge acl*
>>>>>>>>>>>> >>>>>> > * # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *  # Enable smart refreshing using hash_always_miss*
>>>>>>>>>>>> >>>>>> > *if (req.http.Cache-Control ~ "no-cache") {*
>>>>>>>>>>>> >>>>>> > *    if (client.ip ~ purge ||
>>>>>>>>>>>> !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~
>>>>>>>>>>>> >>>>>> > purge) {*
>>>>>>>>>>>> >>>>>> > *         set req.hash_always_miss = true;*
>>>>>>>>>>>> >>>>>> > *    }*
>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *if (req.method == "PURGE") {*
>>>>>>>>>>>> >>>>>> > *    if (!client.ip ~ purge ||
>>>>>>>>>>>> !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~
>>>>>>>>>>>> >>>>>> > purge) {*
>>>>>>>>>>>> >>>>>> > *        return(synth(405,"Not allowed."));*
>>>>>>>>>>>> >>>>>> > *        }*
>>>>>>>>>>>> >>>>>> > *    return (purge);*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *  }*
>>>>>>>>>>>> >>>>>> > *if (req.method == "BAN") {*
>>>>>>>>>>>> >>>>>> > *        # Same ACL check as above:*
>>>>>>>>>>>> >>>>>> > *        if (!client.ip ~ purge ||
>>>>>>>>>>>> !std.ip(req.http.X-Actual-IP,
>>>>>>>>>>>> >>>>>> > "1.2.3.4") ~ purge) {*
>>>>>>>>>>>> >>>>>> > *                        return(synth(403, "Not
>>>>>>>>>>>> allowed."));*
>>>>>>>>>>>> >>>>>> > *        }*
>>>>>>>>>>>> >>>>>> > *        ban("req.http.host == " + req.http.host +*
>>>>>>>>>>>> >>>>>> > *                  " && req.url == " + req.url);*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *        # Throw a synthetic page so the*
>>>>>>>>>>>> >>>>>> > *        # request won't go to the backend.*
>>>>>>>>>>>> >>>>>> > *        return(synth(200, "Ban added"));*
>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *# Unset cloudflare cookies*
>>>>>>>>>>>> >>>>>> > *# Remove has_js and CloudFlare/Google Analytics __*
>>>>>>>>>>>> cookies.*
>>>>>>>>>>>> >>>>>> > *      set req.http.Cookie = regsuball(req.http.Cookie,
>>>>>>>>>>>> >>>>>> > "(^|;\s*)(_[_a-z]+|has_js)=[^;]*", "");*
>>>>>>>>>>>> >>>>>> > *      # Remove a ";" prefix, if present.*
>>>>>>>>>>>> >>>>>> > *     set req.http.Cookie = regsub(req.http.Cookie,
>>>>>>>>>>>> "^;\s*", "");*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *  # For Testing: If you want to test with Varnish
>>>>>>>>>>>> passing (not caching)
>>>>>>>>>>>> >>>>>> > uncomment*
>>>>>>>>>>>> >>>>>> > *  # return( pass );*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *  # FORWARD THE IP OF THE REQUEST*
>>>>>>>>>>>> >>>>>> > *  if (req.restarts == 0) {*
>>>>>>>>>>>> >>>>>> > *    if (req.http.x-forwarded-for) {*
>>>>>>>>>>>> >>>>>> > *      set req.http.X-Forwarded-For =*
>>>>>>>>>>>> >>>>>> > *      req.http.X-Forwarded-For + ", " + client.ip;*
>>>>>>>>>>>> >>>>>> > *    } else {*
>>>>>>>>>>>> >>>>>> > *      set req.http.X-Forwarded-For = client.ip;*
>>>>>>>>>>>> >>>>>> > *    }*
>>>>>>>>>>>> >>>>>> > *  }*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *# DO NOT CACHE RSS FEED*
>>>>>>>>>>>> >>>>>> > * if (req.url ~ "/feed(/)?") {*
>>>>>>>>>>>> >>>>>> > *    return ( pass ); *
>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *## Do not cache search results, comment these 3 lines
>>>>>>>>>>>> if you do want to
>>>>>>>>>>>> >>>>>> > cache them*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *if (req.url ~ "/\?s\=") {*
>>>>>>>>>>>> >>>>>> > *    return ( pass ); *
>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *# CLEAN UP THE ENCODING HEADER.*
>>>>>>>>>>>> >>>>>> > *  # SET TO GZIP, DEFLATE, OR REMOVE ENTIRELY.  WITH
>>>>>>>>>>>> VARY ACCEPT-ENCODING*
>>>>>>>>>>>> >>>>>> > *  # VARNISH WILL CREATE SEPARATE CACHES FOR EACH*
>>>>>>>>>>>> >>>>>> > *  # DO NOT ACCEPT-ENCODING IMAGES, ZIPPED FILES,
>>>>>>>>>>>> AUDIO, ETC.*
>>>>>>>>>>>> >>>>>> > *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> > *  if (req.http.Accept-Encoding) {*
>>>>>>>>>>>> >>>>>> > *    if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$")
>>>>>>>>>>>> {*
>>>>>>>>>>>> >>>>>> > *      # No point in compressing these*
>>>>>>>>>>>> >>>>>> > *      unset req.http.Accept-Encoding;*
>>>>>>>>>>>> >>>>>> > *    } elsif (req.http.Accept-Encoding ~ "gzip") {*
>>>>>>>>>>>> >>>>>> > *      set req.http.Accept-Encoding = "gzip";*
>>>>>>>>>>>> >>>>>> > *    } elsif (req.http.Accept-Encoding ~ "deflate") {*
>>>>>>>>>>>> >>>>>> > *      set req.http.Accept-Encoding = "deflate";*
>>>>>>>>>>>> >>>>>> > *    } else {*
>>>>>>>>>>>> >>>>>> > *      # unknown algorithm*
>>>>>>>>>>>> >>>>>> > *      unset req.http.Accept-Encoding;*
>>>>>>>>>>>> >>>>>> > *    }*
>>>>>>>>>>>> >>>>>> > *  }*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *  # PIPE ALL NON-STANDARD REQUESTS*
>>>>>>>>>>>> >>>>>> > *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> > *  if (req.method != "GET" &&*
>>>>>>>>>>>> >>>>>> > *    req.method != "HEAD" &&*
>>>>>>>>>>>> >>>>>> > *    req.method != "PUT" && *
>>>>>>>>>>>> >>>>>> > *    req.method != "POST" &&*
>>>>>>>>>>>> >>>>>> > *    req.method != "TRACE" &&*
>>>>>>>>>>>> >>>>>> > *    req.method != "OPTIONS" &&*
>>>>>>>>>>>> >>>>>> > *    req.method != "DELETE") {*
>>>>>>>>>>>> >>>>>> > *      return (pipe);*
>>>>>>>>>>>> >>>>>> > *  }*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *  # ONLY CACHE GET AND HEAD REQUESTS*
>>>>>>>>>>>> >>>>>> > *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> > *  if (req.method != "GET" && req.method != "HEAD") {*
>>>>>>>>>>>> >>>>>> > *    return (pass);*
>>>>>>>>>>>> >>>>>> > *  }*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *  # OPTIONAL: DO NOT CACHE LOGGED IN USERS (THIS
>>>>>>>>>>>> OCCURS IN FETCH TOO,
>>>>>>>>>>>> >>>>>> > EITHER*
>>>>>>>>>>>> >>>>>> > *  # COMMENT OR UNCOMMENT BOTH*
>>>>>>>>>>>> >>>>>> > *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> > *  if ( req.http.cookie ~ "wordpress_logged_in" ) {*
>>>>>>>>>>>> >>>>>> > *    return( pass );*
>>>>>>>>>>>> >>>>>> > *  }*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *  # IF THE REQUEST IS NOT FOR A PREVIEW, WP-ADMIN OR
>>>>>>>>>>>> WP-LOGIN*
>>>>>>>>>>>> >>>>>> > *  # THEN UNSET THE COOKIES*
>>>>>>>>>>>> >>>>>> > *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> > *  if (!(req.url ~ "wp-(login|admin)") *
>>>>>>>>>>>> >>>>>> > *    && !(req.url ~ "&preview=true" ) *
>>>>>>>>>>>> >>>>>> > *  ){*
>>>>>>>>>>>> >>>>>> > *    unset req.http.cookie;*
>>>>>>>>>>>> >>>>>> > *  }*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *  # IF BASIC AUTH IS ON THEN DO NOT CACHE*
>>>>>>>>>>>> >>>>>> > *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> > *  if (req.http.Authorization || req.http.Cookie) {*
>>>>>>>>>>>> >>>>>> > *    return (pass);*
>>>>>>>>>>>> >>>>>> > *  }*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *  # IF YOU GET HERE THEN THIS REQUEST SHOULD BE
>>>>>>>>>>>> CACHED*
>>>>>>>>>>>> >>>>>> > *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> > *  return (hash);*
>>>>>>>>>>>> >>>>>> > *  # This is for phpmyadmin*
>>>>>>>>>>>> >>>>>> > *if (req.http.Host == "ki1.org <http://ki1.org>") {*
>>>>>>>>>>>> >>>>>> > *return (pass);*
>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *if (req.http.Host == "mysql.ki1.org <
>>>>>>>>>>>> http://mysql.ki1.org>") {*
>>>>>>>>>>>> >>>>>> > *return (pass);*
>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *# HIT FUNCTION*
>>>>>>>>>>>> >>>>>> > *# ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> > *sub vcl_hit {*
>>>>>>>>>>>> >>>>>> > *  # IF THIS IS A PURGE REQUEST THEN DO THE PURGE*
>>>>>>>>>>>> >>>>>> > *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> > *  if (req.method == "PURGE") {*
>>>>>>>>>>>> >>>>>> > *    #*
>>>>>>>>>>>> >>>>>> > *    # This is now handled in vcl_recv.*
>>>>>>>>>>>> >>>>>> > *    #*
>>>>>>>>>>>> >>>>>> > *    # purge;*
>>>>>>>>>>>> >>>>>> > *    return (synth(200, "Purged."));*
>>>>>>>>>>>> >>>>>> > *  }*
>>>>>>>>>>>> >>>>>> > *  return (deliver);*
>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *# MISS FUNCTION*
>>>>>>>>>>>> >>>>>> > *# ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> > *sub vcl_miss {*
>>>>>>>>>>>> >>>>>> > *  if (req.method == "PURGE") {*
>>>>>>>>>>>> >>>>>> > *    #*
>>>>>>>>>>>> >>>>>> > *    # This is now handled in vcl_recv.*
>>>>>>>>>>>> >>>>>> > *    #*
>>>>>>>>>>>> >>>>>> > *    # purge;*
>>>>>>>>>>>> >>>>>> > *    return (synth(200, "Purged."));*
>>>>>>>>>>>> >>>>>> > *  }*
>>>>>>>>>>>> >>>>>> > *  return (fetch);*
>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *# FETCH FUNCTION*
>>>>>>>>>>>> >>>>>> > *# ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> > *sub vcl_backend_response {*
>>>>>>>>>>>> >>>>>> > *  # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES
>>>>>>>>>>>> W3TC *
>>>>>>>>>>>> >>>>>> > *  # TENDANCY TO SET VARY USER-AGENT.  YOU MAY OR MAY
>>>>>>>>>>>> NOT WANT*
>>>>>>>>>>>> >>>>>> > *  # TO DO THIS*
>>>>>>>>>>>> >>>>>> > *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> > *  set beresp.http.Vary = "Accept-Encoding";*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *  # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE
>>>>>>>>>>>> AMOUNT OF *
>>>>>>>>>>>> >>>>>> > *  # TIME THIS PAGE WILL STAY CACHED (TTL)*
>>>>>>>>>>>> >>>>>> > *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> > *  if (!(bereq.url ~ "wp-(login|admin)") &&
>>>>>>>>>>>> !bereq.http.cookie ~
>>>>>>>>>>>> >>>>>> > "wordpress_logged_in" ) {*
>>>>>>>>>>>> >>>>>> > *    unset beresp.http.set-cookie;*
>>>>>>>>>>>> >>>>>> > *    set beresp.ttl = 52w;*
>>>>>>>>>>>> >>>>>> > *#    set beresp.grace =1w;*
>>>>>>>>>>>> >>>>>> > *  }*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *  if (beresp.ttl <= 0s ||*
>>>>>>>>>>>> >>>>>> > *    beresp.http.Set-Cookie ||*
>>>>>>>>>>>> >>>>>> > *    beresp.http.Vary == "*") {*
>>>>>>>>>>>> >>>>>> > *      set beresp.ttl = 120 s;*
>>>>>>>>>>>> >>>>>> > *      # set beresp.ttl = 120s;*
>>>>>>>>>>>> >>>>>> > *      set beresp.uncacheable = true;*
>>>>>>>>>>>> >>>>>> > *      return (deliver);*
>>>>>>>>>>>> >>>>>> > *  }*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *  return (deliver);*
>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > *# DELIVER FUNCTION*
>>>>>>>>>>>> >>>>>> > *# ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> > *sub vcl_deliver {*
>>>>>>>>>>>> >>>>>> > *  # IF THIS PAGE IS ALREADY CACHED THEN RETURN A
>>>>>>>>>>>> 'HIT' TEXT *
>>>>>>>>>>>> >>>>>> > *  # IN THE HEADER (GREAT FOR DEBUGGING)*
>>>>>>>>>>>> >>>>>> > *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> > *  if (obj.hits > 0) {*
>>>>>>>>>>>> >>>>>> > *    set resp.http.X-Cache = "HIT";*
>>>>>>>>>>>> >>>>>> > *  # IF THIS IS A MISS RETURN THAT IN THE HEADER*
>>>>>>>>>>>> >>>>>> > *  # ##############################
>>>>>>>>>>>> ############################*
>>>>>>>>>>>> >>>>>> > *  } else {*
>>>>>>>>>>>> >>>>>> > *    set resp.http.X-Cache = "MISS";*
>>>>>>>>>>>> >>>>>> > *  }*
>>>>>>>>>>>> >>>>>> > *}*
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> > Thanks,
>>>>>>>>>>>> >>>>>> >
>>>>>>>>>>>> >>>>>> -------------- next part --------------
>>>>>>>>>>>> >>>>>> An HTML attachment was scrubbed...
>>>>>>>>>>>> >>>>>> URL: <https://www.varnish-cache.org
>>>>>>>>>>>> /lists/pipermail/varnish-misc/attachments/20160804/4e3f064a/
>>>>>>>>>>>> attachment.html>
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> ------------------------------
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> _______________________________________________
>>>>>>>>>>>> >>>>>> varnish-misc mailing list
>>>>>>>>>>>> >>>>>> varnish-misc at varnish-cache.org
>>>>>>>>>>>> >>>>>> https://www.varnish-cache.org/
>>>>>>>>>>>> lists/mailman/listinfo/varnish-misc
>>>>>>>>>>>> >>>>>>
>>>>>>>>>>>> >>>>>> End of varnish-misc Digest, Vol 125, Issue 14
>>>>>>>>>>>> >>>>>> *********************************************
>>>>>>>>>>>> >>>>>
>>>>>>>>>>>> >>>>>
>>>>>>>>>>>> >>>>>
>>>>>>>>>>>> >>>>> _______________________________________________
>>>>>>>>>>>> >>>>> varnish-misc mailing list
>>>>>>>>>>>> >>>>> varnish-misc at varnish-cache.org
>>>>>>>>>>>> >>>>> https://www.varnish-cache.org/
>>>>>>>>>>>> lists/mailman/listinfo/varnish-misc
>>>>>>>>>>>> >>>>
>>>>>>>>>>>> >>>>
>>>>>>>>>>>> >>>>
>>>>>>>>>>>> >>>> _______________________________________________
>>>>>>>>>>>> >>>> varnish-misc mailing list
>>>>>>>>>>>> >>>> varnish-misc at varnish-cache.org
>>>>>>>>>>>> >>>> https://www.varnish-cache.org/
>>>>>>>>>>>> lists/mailman/listinfo/varnish-misc
>>>>>>>>>>>> >>>
>>>>>>>>>>>> >>>
>>>>>>>>>>>> >>
>>>>>>>>>>>> >
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20160805/8c0f7d1b/attachment-0001.html>


More information about the varnish-misc mailing list