matthewjackowski · December 27, 2022 02:56 · Jun 7, 2019 · Mar 17, 2016 · Mar 15, 2016 · Mar 15, 2016
diff --git a/wordpress.vcl b/wordpress.vcl
@@ -40,6 +40,7 @@ sub vcl_recv {
 		    if (!client.ip ~ purge) {
 		      return(synth(405,"Not allowed."));
 		    }
+		    ban("req.url ~ /");
 		    return (purge);
 	  	}
 	  	if ( std.port(server.ip) == 6080) {

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -4,7 +4,6 @@
 # Supports admin cookies for wp-admin
 # Caches everything
 # Support for custom error html page
-# Redirects port '80' traffic to https url
 vcl 4.0;
 import directors;
 import std;
@@ -22,13 +21,16 @@ acl purge {
 
 
 sub vcl_recv {
+
+
+
 	# Only a single backend
         set req.backend_hint= default;
-        
+
         # Setting http headers for backend
         set req.http.X-Forwarded-For = client.ip;
     	set req.http.X-Forwarded-Proto = "https";
-    	
+
     	# Unset headers that might cause us to cache duplicate infos
     	unset req.http.Accept-Language;
     	unset req.http.User-Agent;
@@ -40,20 +42,19 @@ sub vcl_recv {
 		    }
 		    return (purge);
 	  	}
-	  	# If port '80' then redirect to https
 	  	if ( std.port(server.ip) == 6080) {
-		
+
 		set req.http.x-redir = "https://" + req.http.host + req.url;
                 return (synth(750, "Moved permanently"));
         }
- 
+
  		# drop cookies and params from static assets
 	  	if (req.url ~ "\.(gif|jpg|jpeg|swf|ttf|css|js|flv|mp3|mp4|pdf|ico|png)(\?.*|)$") {
 	    	unset req.http.cookie;
 	    	set req.url = regsub(req.url, "\?.*$", "");
 	  	}
 
-		# drop tracking params 
+		# drop tracking params
 	  	if (req.url ~ "\?(utm_(campaign|medium|source|term)|adParams|client|cx|eid|fbid|feed|ref(id|src)?|v(er|iew))=") {
 	    	set req.url = regsub(req.url, "\?.*$", "");
 	  	}
@@ -106,7 +107,7 @@ sub vcl_backend_response {
     } else {
         # Varnish determined the object was cacheable
         set beresp.http.X-Cacheable = "YES";
-          if (beresp.ttl > 0s) {
+
         # Remove Expires from backend, it's not long enough
   	unset beresp.http.expires;
 
@@ -118,7 +119,6 @@ sub vcl_backend_response {
 
         # marker for vcl_deliver to reset Age:
         set beresp.http.magicmarker = "1";
-        }
     }
 
 	# unset cookies from backendresponse
@@ -131,8 +131,9 @@ sub vcl_backend_response {
 	# long ttl for assets
   	if (bereq.url ~ "\.(gif|jpg|jpeg|swf|ttf|css|js|flv|mp3|mp4|pdf|ico|png)(\?.*|)$") {
 	    set beresp.ttl = 365d;
-  	}
-
+
+}
+ set beresp.grace = 1w;
 
 }
 
@@ -159,7 +160,6 @@ sub vcl_synth {
     }
 # display custom error page if backend down
     if (resp.status == 503) {
-        set resp.status = 404;
         synthetic(std.fileread("/etc/varnish/error503.html"));
         return(deliver);
      }
@@ -186,13 +186,13 @@ sub vcl_deliver {
    set resp.http.Access-Control-Allow-Origin = "*";
 }
 sub vcl_hit {
-  if (req.method == "PURGE") {    
+  if (req.method == "PURGE") {
     return(synth(200,"OK"));
   }
 }
 
 sub vcl_miss {
-  if (req.method == "PURGE") {    
+  if (req.method == "PURGE") {
     return(synth(404,"Not cached"));
   }
 }
diff --git a/wordpress.vcl b/wordpress.vcl
@@ -4,6 +4,7 @@
 # Supports admin cookies for wp-admin
 # Caches everything
 # Support for custom error html page
+# Redirects port '80' traffic to https url
 vcl 4.0;
 import directors;
 import std;

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -158,6 +158,7 @@ sub vcl_synth {
     }
 # display custom error page if backend down
     if (resp.status == 503) {
+        set resp.status = 404;
         synthetic(std.fileread("/etc/varnish/error503.html"));
         return(deliver);
      }

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -21,16 +21,12 @@ acl purge {
 
 
 sub vcl_recv {
-
-
-
 	# Only a single backend
         set req.backend_hint= default;
 
         # Setting http headers for backend
         set req.http.X-Forwarded-For = client.ip;
     	set req.http.X-Forwarded-Proto = "https";
-    	set req.http.X-Std-Port = std.port(server.ip);
 
     	# Unset headers that might cause us to cache duplicate infos
     	unset req.http.Accept-Language;
@@ -43,6 +39,7 @@ sub vcl_recv {
 		    }
 		    return (purge);
 	  	}
+	  	# If port '80' then redirect to https
 	  	if ( std.port(server.ip) == 6080) {
 
 		set req.http.x-redir = "https://" + req.http.host + req.url;

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -43,7 +43,7 @@ sub vcl_recv {
 		    }
 		    return (purge);
 	  	}
-	  	if ( std.port(server.ip) == 80) {
+	  	if ( std.port(server.ip) == 6080) {
 
 		set req.http.x-redir = "https://" + req.http.host + req.url;
                 return (synth(750, "Moved permanently"));

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -21,11 +21,7 @@ acl purge {
 
 
 sub vcl_recv {
-	if ( std.port(server.ip) == 80) {
-		set req.http.X-Std-Port = std.port(server.ip);
-		set req.http.x-redir = "https://" + req.http.host + req.url;
-                return (synth(750, "Moved permanently"));
-        }
+
 
 
 	# Only a single backend
@@ -34,6 +30,7 @@ sub vcl_recv {
         # Setting http headers for backend
         set req.http.X-Forwarded-For = client.ip;
     	set req.http.X-Forwarded-Proto = "https";
+    	set req.http.X-Std-Port = std.port(server.ip);
 
     	# Unset headers that might cause us to cache duplicate infos
     	unset req.http.Accept-Language;
@@ -46,6 +43,11 @@ sub vcl_recv {
 		    }
 		    return (purge);
 	  	}
+	  	if ( std.port(server.ip) == 80) {
+
+		set req.http.x-redir = "https://" + req.http.host + req.url;
+                return (synth(750, "Moved permanently"));
+        }
 
  		# drop cookies and params from static assets
 	  	if (req.url ~ "\.(gif|jpg|jpeg|swf|ttf|css|js|flv|mp3|mp4|pdf|ico|png)(\?.*|)$") {

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -22,7 +22,7 @@ acl purge {
 
 sub vcl_recv {
 	if ( std.port(server.ip) == 80) {
-		req.http.X-Std-Port = std.port(server.ip);
+		set req.http.X-Std-Port = std.port(server.ip);
 		set req.http.x-redir = "https://" + req.http.host + req.url;
                 return (synth(750, "Moved permanently"));
         }

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -21,7 +21,8 @@ acl purge {
 
 
 sub vcl_recv {
-	if ( (req.http.host ~ "^(?i)brilliantcoding.com") && std.port(server.ip) == 80) {
+	if ( std.port(server.ip) == 80) {
+		req.http.X-Std-Port = std.port(server.ip);
 		set req.http.x-redir = "https://" + req.http.host + req.url;
                 return (synth(750, "Moved permanently"));
         }

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -21,8 +21,9 @@ acl purge {
 
 
 sub vcl_recv {
-	if ( (req.http.host ~ "^(?i)brilliantcoding.com") && req.http.X-Forwarded-Proto !~ "(?i)https") {
-                return (synth(750, ""));
+	if ( (req.http.host ~ "^(?i)brilliantcoding.com") && std.port(server.ip) == 80) {
+		set req.http.x-redir = "https://" + req.http.host + req.url;
+                return (synth(750, "Moved permanently"));
         }
 
 
@@ -152,7 +153,7 @@ sub vcl_synth {
     # redirect for http
     if (resp.status == 750) {
         set resp.status = 301;
-        set resp.http.Location = "https://brilliantcoding.com" + req.url;
+        set resp.http.Location = req.http.x-redir;
         return(deliver);
     }
 # display custom error page if backend down

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -21,7 +21,7 @@ acl purge {
 
 
 sub vcl_recv {
-	if ( (req.http.host ~ "^(?i)brilliantcoding.com" && req.http.X-Forwarded-Proto !~ "(?i)https") {
+	if ( (req.http.host ~ "^(?i)brilliantcoding.com") && req.http.X-Forwarded-Proto !~ "(?i)https") {
                 return (synth(750, ""));
         }
 

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -21,6 +21,10 @@ acl purge {
 
 
 sub vcl_recv {
+	if ( (req.http.host ~ "^(?i)brilliantcoding.com" && req.http.X-Forwarded-Proto !~ "(?i)https") {
+                return (synth(750, ""));
+        }
+
 
 	# Only a single backend
         set req.backend_hint= default;
@@ -145,6 +149,12 @@ sub vcl_backend_error {
  }
 
 sub vcl_synth {
+    # redirect for http
+    if (resp.status == 750) {
+        set resp.status = 301;
+        set resp.http.Location = "https://brilliantcoding.com" + req.url;
+        return(deliver);
+    }
 # display custom error page if backend down
     if (resp.status == 503) {
         synthetic(std.fileread("/etc/varnish/error503.html"));

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -100,6 +100,19 @@ sub vcl_backend_response {
     } else {
         # Varnish determined the object was cacheable
         set beresp.http.X-Cacheable = "YES";
+          if (beresp.ttl > 0s) {
+        # Remove Expires from backend, it's not long enough
+  	unset beresp.http.expires;
+
+        # Set the clients TTL on this object
+        set beresp.http.cache-control = "max-age=900";
+
+        # Set how long Varnish will keep it
+        set beresp.ttl = 1w;
+
+        # marker for vcl_deliver to reset Age:
+        set beresp.http.magicmarker = "1";
+        }
     }
 
 	# unset cookies from backendresponse
@@ -139,22 +152,6 @@ sub vcl_synth {
      }
 }
 
-sub vcl_fetch {
-
-  if (beresp.ttl > 0s) {
-        # Remove Expires from backend, it's not long enough
-  	unset beresp.http.expires;
-
-        # Set the clients TTL on this object
-        set beresp.http.cache-control = "max-age=900";
-
-        # Set how long Varnish will keep it
-        set beresp.ttl = 1w;
-
-        # marker for vcl_deliver to reset Age:
-        set beresp.http.magicmarker = "1";
-        }
-}
 
 sub vcl_deliver {
     # oh noes backend is down

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -1,23 +1,17 @@
-#
-# This is an example VCL file for Varnish.
-#
-# It does not do anything by default, delegating control to the
-# builtin VCL. The builtin VCL is called when there is no explicit
-# return statement.
-#
-# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
-# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples.
-
-# Marker to tell the VCL compiler that this VCL has been adapted to the
-# new 4.0 format.
+# A heavily customized VCL to support WordPress
+# Some items of note:
+# Supports https
+# Supports admin cookies for wp-admin
+# Caches everything
+# Support for custom error html page
 vcl 4.0;
 import directors;
 import std;
 
-# Default backend definition. Set this to point to your content server.
+# Assumed 'wordpress' host, this can be docker servicename
 backend default {
-    .host = "localhost";
-    .port = "8080";
+    .host = "wordpress";
+    .port = "80";
 }
 
 acl purge {
@@ -28,32 +22,42 @@ acl purge {
 
 sub vcl_recv {
 
-        set req.http.X-Forwarded-For = client.ip;
+	# Only a single backend
         set req.backend_hint= default;
+
+        # Setting http headers for backend
+        set req.http.X-Forwarded-For = client.ip;
     	set req.http.X-Forwarded-Proto = "https";
+
+    	# Unset headers that might cause us to cache duplicate infos
     	unset req.http.Accept-Language;
     	unset req.http.User-Agent;
 
+	# The purge...no idea if this works
 		if (req.method == "PURGE") {
 		    if (!client.ip ~ purge) {
 		      return(synth(405,"Not allowed."));
 		    }
 		    return (purge);
 	  	}
 
+ 		# drop cookies and params from static assets
 	  	if (req.url ~ "\.(gif|jpg|jpeg|swf|ttf|css|js|flv|mp3|mp4|pdf|ico|png)(\?.*|)$") {
 	    	unset req.http.cookie;
 	    	set req.url = regsub(req.url, "\?.*$", "");
 	  	}
 
+		# drop tracking params 
 	  	if (req.url ~ "\?(utm_(campaign|medium|source|term)|adParams|client|cx|eid|fbid|feed|ref(id|src)?|v(er|iew))=") {
 	    	set req.url = regsub(req.url, "\?.*$", "");
 	  	}
 
+		# pass wp-admin urls
    		if (req.url ~ "(wp-login|wp-admin)" || req.url ~ "preview=true" || req.url ~ "xmlrpc.php") {
     		return (pass);
   		}
 
+		# pass wp-admin cookies
 	  	if (req.http.cookie) {
 		    if (req.http.cookie ~ "(wordpress_|wp-settings-)") {
 	      		return(pass);
@@ -64,13 +68,15 @@ sub vcl_recv {
  }
 
 
-# Drop any cookies Wordpress tries to send back to the client.
+
 sub vcl_backend_response {
+    # retry a few times if backend is down
     if (beresp.status == 503 && bereq.retries < 3 ) {
        return(retry);
  }
 
     if (bereq.http.Cookie ~ "(UserID|_session)") {
+	# if we get a session cookie...caching is a no-go
         set beresp.http.X-Cacheable = "NO:Got Session";
         set beresp.uncacheable = true;
         return (deliver);
@@ -96,12 +102,14 @@ sub vcl_backend_response {
         set beresp.http.X-Cacheable = "YES";
     }
 
+	# unset cookies from backendresponse
 	if (!(bereq.url ~ "(wp-login|wp-admin)"))  {
 		set beresp.http.X-UnsetCookies = "TRUE";
     		unset beresp.http.set-cookie;
     		set beresp.ttl = 1h;
 	}
 
+	# long ttl for assets
   	if (bereq.url ~ "\.(gif|jpg|jpeg|swf|ttf|css|js|flv|mp3|mp4|pdf|ico|png)(\?.*|)$") {
 	    set beresp.ttl = 365d;
   	}
@@ -116,23 +124,50 @@ sub vcl_hash {
 }
 
 sub vcl_backend_error {
+      # display custom error page if backend down
       if (beresp.status == 503 && bereq.retries == 3) {
           synthetic(std.fileread("/etc/varnish/error503.html"));
           return(deliver);
        }
  }
 
 sub vcl_synth {
+# display custom error page if backend down
     if (resp.status == 503) {
         synthetic(std.fileread("/etc/varnish/error503.html"));
         return(deliver);
      }
 }
 
+sub vcl_fetch {
+
+  if (beresp.ttl > 0s) {
+        # Remove Expires from backend, it's not long enough
+  	unset beresp.http.expires;
+
+        # Set the clients TTL on this object
+        set beresp.http.cache-control = "max-age=900";
+
+        # Set how long Varnish will keep it
+        set beresp.ttl = 1w;
+
+        # marker for vcl_deliver to reset Age:
+        set beresp.http.magicmarker = "1";
+        }
+}
+
 sub vcl_deliver {
+    # oh noes backend is down
     if (resp.status == 503) {
         return(restart);
     }
+    if (resp.http.magicmarker) {
+       # Remove the magic marker
+        unset resp.http.magicmarker;
+
+       # By definition we have a fresh object
+       set resp.http.age = "0";
+     }
    if (obj.hits > 0) {
      set resp.http.X-Cache = "HIT";
    } else {

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -16,8 +16,8 @@ import std;
 
 # Default backend definition. Set this to point to your content server.
 backend default {
-    .host = "192.168.99.100";
-    .port = "32777";
+    .host = "localhost";
+    .port = "8080";
 }
 
 acl purge {

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -1,6 +1,18 @@
-
+#
+# This is an example VCL file for Varnish.
+#
+# It does not do anything by default, delegating control to the
+# builtin VCL. The builtin VCL is called when there is no explicit
+# return statement.
+#
+# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
+# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples.
+
+# Marker to tell the VCL compiler that this VCL has been adapted to the
+# new 4.0 format.
 vcl 4.0;
 import directors;
+import std;
 
 # Default backend definition. Set this to point to your content server.
 backend default {
@@ -19,26 +31,26 @@ sub vcl_recv {
         set req.http.X-Forwarded-For = client.ip;
         set req.backend_hint= default;
     	set req.http.X-Forwarded-Proto = "https";
+    	unset req.http.Accept-Language;
+    	unset req.http.User-Agent;
 
 		if (req.method == "PURGE") {
 		    if (!client.ip ~ purge) {
 		      return(synth(405,"Not allowed."));
 		    }
 		    return (purge);
 	  	}
-
+ 
 	  	if (req.url ~ "\.(gif|jpg|jpeg|swf|ttf|css|js|flv|mp3|mp4|pdf|ico|png)(\?.*|)$") {
 	    	unset req.http.cookie;
 	    	set req.url = regsub(req.url, "\?.*$", "");
-	    	set req.http.X-Orig-URL = req.url;
 	  	}
 
 	  	if (req.url ~ "\?(utm_(campaign|medium|source|term)|adParams|client|cx|eid|fbid|feed|ref(id|src)?|v(er|iew))=") {
 	    	set req.url = regsub(req.url, "\?.*$", "");
-	    	set req.http.X-Orig-URL = req.url;
 	  	}
 
-   		if (req.url ~ "wp-(login|admin)" || req.url ~ "preview=true" || req.url ~ "xmlrpc.php") {
+   		if (req.url ~ "(wp-login|wp-admin)" || req.url ~ "preview=true" || req.url ~ "xmlrpc.php") {
     		return (pass);
   		}
 
@@ -54,6 +66,10 @@ sub vcl_recv {
 
 # Drop any cookies Wordpress tries to send back to the client.
 sub vcl_backend_response {
+    if (beresp.status == 503 && bereq.retries < 3 ) {
+       return(retry);
+ }
+
     if (bereq.http.Cookie ~ "(UserID|_session)") {
         set beresp.http.X-Cacheable = "NO:Got Session";
         set beresp.uncacheable = true;
@@ -80,14 +96,16 @@ sub vcl_backend_response {
         set beresp.http.X-Cacheable = "YES";
     }
 
-	if ( (!(bereq.url ~ "(wp-(login|admin)|login)")) || (bereq.method == "GET") ) {
-    	unset beresp.http.set-cookie;
-    	set beresp.ttl = 1h;
+	if (!(bereq.url ~ "(wp-login|wp-admin)"))  {
+		set beresp.http.X-UnsetCookies = "TRUE";
+    		unset beresp.http.set-cookie;
+    		set beresp.ttl = 1h;
 	}
 
   	if (bereq.url ~ "\.(gif|jpg|jpeg|swf|ttf|css|js|flv|mp3|mp4|pdf|ico|png)(\?.*|)$") {
 	    set beresp.ttl = 365d;
   	}
+
 
 }
 
@@ -97,8 +115,24 @@ sub vcl_hash {
 }
 }
 
-sub vcl_deliver {
+sub vcl_backend_error {
+      if (beresp.status == 503 && bereq.retries == 3) {
+          synthetic(std.fileread("/etc/varnish/error503.html"));
+          return(deliver);
+       }
+ }
+
+sub vcl_synth {
+    if (resp.status == 503) {
+        synthetic(std.fileread("/etc/varnish/error503.html"));
+        return(deliver);
+     }
+}
 
+sub vcl_deliver {
+    if (resp.status == 503) {
+        return(restart);
+    }
    if (obj.hits > 0) {
      set resp.http.X-Cache = "HIT";
    } else {
@@ -107,13 +141,13 @@ sub vcl_deliver {
    set resp.http.Access-Control-Allow-Origin = "*";
 }
 sub vcl_hit {
-  if (req.method == "PURGE") {
+  if (req.method == "PURGE") {    
     return(synth(200,"OK"));
   }
 }
 
 sub vcl_miss {
-  if (req.method == "PURGE") {
+  if (req.method == "PURGE") {    
     return(synth(404,"Not cached"));
   }
 }
diff --git a/wordpress.vcl b/wordpress.vcl
@@ -1,18 +1,6 @@
-#
-# This is an example VCL file for Varnish.
-#
-# It does not do anything by default, delegating control to the
-# builtin VCL. The builtin VCL is called when there is no explicit
-# return statement.
-#
-# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
-# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples.
-
-# Marker to tell the VCL compiler that this VCL has been adapted to the
-# new 4.0 format.
+
 vcl 4.0;
 import directors;
-import std;
 
 # Default backend definition. Set this to point to your content server.
 backend default {
@@ -31,26 +19,26 @@ sub vcl_recv {
         set req.http.X-Forwarded-For = client.ip;
         set req.backend_hint= default;
     	set req.http.X-Forwarded-Proto = "https";
-    	unset req.http.Accept-Language;
-    	unset req.http.User-Agent;
 
 		if (req.method == "PURGE") {
 		    if (!client.ip ~ purge) {
 		      return(synth(405,"Not allowed."));
 		    }
 		    return (purge);
 	  	}
- 
+
 	  	if (req.url ~ "\.(gif|jpg|jpeg|swf|ttf|css|js|flv|mp3|mp4|pdf|ico|png)(\?.*|)$") {
 	    	unset req.http.cookie;
 	    	set req.url = regsub(req.url, "\?.*$", "");
+	    	set req.http.X-Orig-URL = req.url;
 	  	}
 
 	  	if (req.url ~ "\?(utm_(campaign|medium|source|term)|adParams|client|cx|eid|fbid|feed|ref(id|src)?|v(er|iew))=") {
 	    	set req.url = regsub(req.url, "\?.*$", "");
+	    	set req.http.X-Orig-URL = req.url;
 	  	}
 
-   		if (req.url ~ "(wp-login|wp-admin)" || req.url ~ "preview=true" || req.url ~ "xmlrpc.php") {
+   		if (req.url ~ "wp-(login|admin)" || req.url ~ "preview=true" || req.url ~ "xmlrpc.php") {
     		return (pass);
   		}
 
@@ -64,11 +52,8 @@ sub vcl_recv {
  }
 
 
+# Drop any cookies Wordpress tries to send back to the client.
 sub vcl_backend_response {
-    if (beresp.status == 503 && bereq.retries < 3 ) {
-       return(retry);
- }
-
     if (bereq.http.Cookie ~ "(UserID|_session)") {
         set beresp.http.X-Cacheable = "NO:Got Session";
         set beresp.uncacheable = true;
@@ -95,11 +80,14 @@ sub vcl_backend_response {
         set beresp.http.X-Cacheable = "YES";
     }
 
+	if ( (!(bereq.url ~ "(wp-(login|admin)|login)")) || (bereq.method == "GET") ) {
+    	unset beresp.http.set-cookie;
+    	set beresp.ttl = 1h;
+	}
 
   	if (bereq.url ~ "\.(gif|jpg|jpeg|swf|ttf|css|js|flv|mp3|mp4|pdf|ico|png)(\?.*|)$") {
 	    set beresp.ttl = 365d;
   	}
-
 
 }
 
@@ -109,24 +97,8 @@ sub vcl_hash {
 }
 }
 
-sub vcl_backend_error {
-      if (beresp.status == 503 && bereq.retries == 3) {
-          synthetic(std.fileread("/etc/varnish/error503.html"));
-          return(deliver);
-       }
- }
-
-sub vcl_synth {
-    if (resp.status == 503) {
-        synthetic(std.fileread("/etc/varnish/error503.html"));
-        return(deliver);
-     }
-}
-
 sub vcl_deliver {
-    if (resp.status == 503) {
-        return(restart);
-    }
+
    if (obj.hits > 0) {
      set resp.http.X-Cache = "HIT";
    } else {
@@ -135,13 +107,13 @@ sub vcl_deliver {
    set resp.http.Access-Control-Allow-Origin = "*";
 }
 sub vcl_hit {
-  if (req.method == "PURGE") {    
+  if (req.method == "PURGE") {
     return(synth(200,"OK"));
   }
 }
 
 sub vcl_miss {
-  if (req.method == "PURGE") {    
+  if (req.method == "PURGE") {
     return(synth(404,"Not cached"));
   }
-}
+}
diff --git a/wordpress.vcl b/wordpress.vcl
@@ -64,7 +64,6 @@ sub vcl_recv {
  }
 
 
-# Drop any cookies Wordpress tries to send back to the client.
 sub vcl_backend_response {
     if (beresp.status == 503 && bereq.retries < 3 ) {
        return(retry);
@@ -96,11 +95,6 @@ sub vcl_backend_response {
         set beresp.http.X-Cacheable = "YES";
     }
 
-	if (!(bereq.url ~ "(wp-login|wp-admin)"))  {
-		set beresp.http.X-UnsetCookies = "TRUE";
-    		unset beresp.http.set-cookie;
-    		set beresp.ttl = 1h;
-	}
 
   	if (bereq.url ~ "\.(gif|jpg|jpeg|swf|ttf|css|js|flv|mp3|mp4|pdf|ico|png)(\?.*|)$") {
 	    set beresp.ttl = 365d;

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -96,7 +96,7 @@ sub vcl_backend_response {
         set beresp.http.X-Cacheable = "YES";
     }
 
-	if ( (!(bereq.url ~ "(wp-login|wp-admin)")) || (bereq.method == "GET") ) {
+	if (!(bereq.url ~ "(wp-login|wp-admin)"))  {
 		set beresp.http.X-UnsetCookies = "TRUE";
     		unset beresp.http.set-cookie;
     		set beresp.ttl = 1h;

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -50,7 +50,7 @@ sub vcl_recv {
 	    	set req.url = regsub(req.url, "\?.*$", "");
 	  	}
 
-   		if (req.url ~ "wp-(login|admin)" || req.url ~ "preview=true" || req.url ~ "xmlrpc.php") {
+   		if (req.url ~ "(wp-login|wp-admin)" || req.url ~ "preview=true" || req.url ~ "xmlrpc.php") {
     		return (pass);
   		}
 
@@ -96,7 +96,7 @@ sub vcl_backend_response {
         set beresp.http.X-Cacheable = "YES";
     }
 
-	if ( (!(bereq.url ~ "(wp-login|wp-admin))")) || (bereq.method == "GET") ) {
+	if ( (!(bereq.url ~ "(wp-login|wp-admin)")) || (bereq.method == "GET") ) {
 		set beresp.http.X-UnsetCookies = "TRUE";
     		unset beresp.http.set-cookie;
     		set beresp.ttl = 1h;

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -96,7 +96,7 @@ sub vcl_backend_response {
         set beresp.http.X-Cacheable = "YES";
     }
 
-	if ( (!(bereq.url ~ "(wp-(login|admin)|login)")) || (bereq.method == "GET") ) {
+	if ( (!(bereq.url ~ "(wp-login|wp-admin))")) || (bereq.method == "GET") ) {
 		set beresp.http.X-UnsetCookies = "TRUE";
     		unset beresp.http.set-cookie;
     		set beresp.ttl = 1h;

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -95,11 +95,11 @@ sub vcl_backend_response {
         # Varnish determined the object was cacheable
         set beresp.http.X-Cacheable = "YES";
     }
-    	std.syslog(0, bereq.url);
+
 	if ( (!(bereq.url ~ "(wp-(login|admin)|login)")) || (bereq.method == "GET") ) {
-	std.syslog(0, "unset cookies");
-    	unset beresp.http.set-cookie;
-    	set beresp.ttl = 1h;
+		set beresp.http.X-UnsetCookies = "TRUE";
+    		unset beresp.http.set-cookie;
+    		set beresp.ttl = 1h;
 	}
 
   	if (bereq.url ~ "\.(gif|jpg|jpeg|swf|ttf|css|js|flv|mp3|mp4|pdf|ico|png)(\?.*|)$") {

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -95,8 +95,9 @@ sub vcl_backend_response {
         # Varnish determined the object was cacheable
         set beresp.http.X-Cacheable = "YES";
     }
-
-	if ( (!(bereq.url ~ "(wp-(login|admin)|login)")) && (bereq.method == "GET") ) {
+    	std.syslog(0, bereq.url);
+	if ( (!(bereq.url ~ "(wp-(login|admin)|login)")) || (bereq.method == "GET") ) {
+	std.syslog(0, "unset cookies");
     	unset beresp.http.set-cookie;
     	set beresp.ttl = 1h;
 	}

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -116,14 +116,14 @@ sub vcl_hash {
 
 sub vcl_backend_error {
       if (beresp.status == 503 && bereq.retries == 3) {
-          synthetic std.fileread("/etc/varnish/error503.html");
+          synthetic(std.fileread("/etc/varnish/error503.html"));
           return(deliver);
        }
  }
 
 sub vcl_synth {
     if (resp.status == 503) {
-        synthetic std.fileread("/etc/varnish/error503.html");
+        synthetic(std.fileread("/etc/varnish/error503.html"));
         return(deliver);
      }
 }

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -12,6 +12,7 @@
 # new 4.0 format.
 vcl 4.0;
 import directors;
+import std;
 
 # Default backend definition. Set this to point to your content server.
 backend default {

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -115,14 +115,14 @@ sub vcl_hash {
 
 sub vcl_backend_error {
       if (beresp.status == 503 && bereq.retries == 3) {
-          synthetic(std.fileread("/etc/varnish/error503.html"));
+          synthetic std.fileread("/etc/varnish/error503.html");
           return(deliver);
        }
  }
 
 sub vcl_synth {
     if (resp.status == 503) {
-        synthetic(std.fileread("/etc/varnish/error503.html"));
+        synthetic std.fileread("/etc/varnish/error503.html");
         return(deliver);
      }
 }

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -95,7 +95,7 @@ sub vcl_backend_response {
         set beresp.http.X-Cacheable = "YES";
     }
 
-	if ( (!(bereq.url ~ "(wp-(login|admin)|login)")) || (bereq.method == "GET") ) {
+	if ( (!(bereq.url ~ "(wp-(login|admin)|login)")) && (bereq.method == "GET") ) {
     	unset beresp.http.set-cookie;
     	set beresp.ttl = 1h;
 	}

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -65,6 +65,10 @@ sub vcl_recv {
 
 # Drop any cookies Wordpress tries to send back to the client.
 sub vcl_backend_response {
+    if (beresp.status == 503 && bereq.retries < 3 ) {
+       return(retry);
+ }
+
     if (bereq.http.Cookie ~ "(UserID|_session)") {
         set beresp.http.X-Cacheable = "NO:Got Session";
         set beresp.uncacheable = true;
@@ -99,6 +103,7 @@ sub vcl_backend_response {
   	if (bereq.url ~ "\.(gif|jpg|jpeg|swf|ttf|css|js|flv|mp3|mp4|pdf|ico|png)(\?.*|)$") {
 	    set beresp.ttl = 365d;
   	}
+
 
 }
 
@@ -108,8 +113,24 @@ sub vcl_hash {
 }
 }
 
-sub vcl_deliver {
+sub vcl_backend_error {
+      if (beresp.status == 503 && bereq.retries == 3) {
+          synthetic(std.fileread("/etc/varnish/error503.html"));
+          return(deliver);
+       }
+ }
 
+sub vcl_synth {
+    if (resp.status == 503) {
+        synthetic(std.fileread("/etc/varnish/error503.html"));
+        return(deliver);
+     }
+}
+
+sub vcl_deliver {
+    if (resp.status == 503) {
+        return(restart);
+    }
    if (obj.hits > 0) {
      set resp.http.X-Cache = "HIT";
    } else {

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -30,6 +30,8 @@ sub vcl_recv {
         set req.http.X-Forwarded-For = client.ip;
         set req.backend_hint= default;
     	set req.http.X-Forwarded-Proto = "https";
+    	unset req.http.Accept-Language;
+    	unset req.http.User-Agent;
 
 		if (req.method == "PURGE") {
 		    if (!client.ip ~ purge) {

diff --git a/wordpress.vcl b/wordpress.vcl
@@ -41,12 +41,10 @@ sub vcl_recv {
 	  	if (req.url ~ "\.(gif|jpg|jpeg|swf|ttf|css|js|flv|mp3|mp4|pdf|ico|png)(\?.*|)$") {
 	    	unset req.http.cookie;
 	    	set req.url = regsub(req.url, "\?.*$", "");
-	    	set req.http.X-Orig-URL = req.url;
 	  	}
 
 	  	if (req.url ~ "\?(utm_(campaign|medium|source|term)|adParams|client|cx|eid|fbid|feed|ref(id|src)?|v(er|iew))=") {
 	    	set req.url = regsub(req.url, "\?.*$", "");
-	    	set req.http.X-Orig-URL = req.url;
 	  	}
 
    		if (req.url ~ "wp-(login|admin)" || req.url ~ "preview=true" || req.url ~ "xmlrpc.php") {