Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Branch: master
@arjenschat arjenschat
333 lines (248 sloc) 8.752 kB
#<?php
backend master_only { .host = "172.20.2.227"; .connect_timeout = 600s; .first_byte_timeout = 600s; .between_bytes_timeout = 600s; }
director www_director random {
.retries = 50;
# main server
{ .backend = { .host = "172.20.2.227"; .connect_timeout = 600s; .first_byte_timeout = 600s; .between_bytes_timeout = 600s; } .weight = 40; }
# server 2
{ .backend = { .host = "172.20.2.106"; .connect_timeout = 600s; .first_byte_timeout = 600s; .between_bytes_timeout = 600s; } .weight = 60; }
}
sub vcl_recv {
if (req.request == "PURGE") {
error 405 "Not allowed.";
}
# set standard proxied ip header for getting original remote address
set req.http.X-Forwarded-For = client.ip;
set req.grace = 30m;
### NORMALIZE
# Cleanup URLs like /iframe=true&width=90%&height=90%
if(req.url ~ "iframe=true(.*)$") {
set req.url = regsub(req.url,"iframe=true(.*)$","");
error 301;
}
# Normalize the url - first remove any hashtags (shouldn't make it to the server anyway, but just in case)
if (req.url ~ "\#") {
set req.url=regsub(req.url,"\#.*$","");
}
# Strip out Google Analytics campaign variables. They are only needed
# by the javascript running on the page
# utm_source, utm_medium, utm_campaign, gclid
if(req.url ~ "(\?|&)(gclid|utm_[a-z]+)=") {
set req.url = regsuball(req.url, "(gclid|utm_[a-z]+)=[-_A-z0-9]+&?", "");
set req.url = regsub(req.url, "(\?|&)$", "");
}
# remove awesm referrers from query string
if(req.url ~ "(\?|&)awesm=") {
set req.url = regsub(req.url, "\?.*$", "");
}
# remove startIndex from query string
# not sure what this does
if(req.url ~ "(\?|&)startIndex=") {
set req.url = regsub(req.url, "\?.*$", "");
}
# remove fb_xd_fragment from query string
if(req.url ~ "\?fb_xd_fragment") {
set req.url = regsub(req.url, "\?.*$", "");
}
# remove comment-page-1 from query string
# this is the same page as the post page
if(req.url ~ "comment-page-1") {
set req.url = regsub(req.url, "comment-page-1", "");
}
# remove "?: " from query string
# EXAMPLE : http://thenextweb.com/apps/2011/09/12/photo-academy-an-all-in-one-photography-guide-on-your-iphone/?%3A+TheNextWeb+%28The+Next+Web+All+Stories%29
if(req.url ~ "\?esi$") {
} elsif(
req.url ~ "\?:"
|| req.url ~ "\?\:"
|| req.url ~ "\?\%3A"
|| req.url ~ "\?_="
|| req.url ~ "\?all=1"
|| req.url ~ "\?switch="
|| req.url ~ "\?r=contact"
|| req.url ~ "\?r=register_kennisland"
|| req.url ~ "\?utmsource="
|| req.url ~ "\?utm_term="
|| req.url ~ "\?awid="
|| req.url ~ "\?uid="
|| req.url ~ "\?asid="
|| req.url ~ "\?=depth"
|| req.url ~ "(\?|&)replytocom="
|| req.url ~ "\?wptouch_page_template="
|| req.url ~ "\?amp"
|| req.url ~ "\?sess_id"
|| req.url ~ "\? Web social media"
|| req.url ~ "\?audioselect="
|| req.url ~ "\?stream&"
|| req.url ~ "\?\%2Bbutton&\%2Bmedia"
|| req.url ~ "\?\+button"
|| req.url ~ "\?volt="
|| req.url ~ "\?pushpress=hub"
|| req.url ~ "The\+Next\+Web\+Top\+Stories"
|| req.url ~ "The\+Next\+Web\+Google"
|| req.url ~ "The\+Next\+Web\+Shareables"
|| req.url ~ "The\+Next\+Web\+Appetite"
|| req.url ~ "The\+Next\+Web\+Apps"
|| req.url ~ "\?\.com"
|| req.url ~ "\?\.it"
|| req.url ~ "\?campaign="
|| req.url ~ "\?action=com_google"
) {
set req.url = regsub(req.url, "\?.*$", "");
}
# remove double // in urls,
set req.url = regsuball( req.url, "//", "/" );
// remove extra http:// calls at the end of the url
if (req.url ~ "^/\?http://") {
set req.url = regsub(req.url, "\?http://.*", "");
}
### END NORMALIZE
# Normalize Content-Encoding
if (req.http.Accept-Encoding)
{
if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|lzma|tbz)(\?.*|)$") {
remove req.http.Accept-Encoding;
} else if (req.url ~ "\.(js|css|txt|html|htm)(\?.*|)$") {
# text files - do compression
if (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
} elsif (req.http.Accept-Encoding ~ "deflate") {
set req.http.Accept-Encoding = "deflate";
} else {
remove req.http.Accept-Encoding;
}
}
}
# Make sure all static files are server from the main server, so no nfs share is needed to all slave machines to share the images
if (req.url ~ "^/wp-(login|admin)" || req.url ~ "^/[^?]+/wp-(login|admin)" req.url ~ "^/podcast" || req.url ~ "^/cronjobs" || req.url ~ "^/[^?]+\.(jpeg|jpg|png|gif)(\?.*|)$") {
set req.backend = master_only;
}
else {
set req.backend = www_director;
}
# never cache twitter oauth login unless it are images
if (req.url ~ "^/[^?]+\.(jpeg|jpg|png|gif|ico|js|css|txt|gz|zip|lzma|bz2|tgz|tbz|html|htm)(\?.*|)$") {
# Remove cookies and query string for real static files
unset req.http.cookie;
}
else if( req.url ~ "^/register" || req.url ~ "livefyre=" || req.url ~ "/real-auth" || req.http.Cookie ~ "wptouch-pro-view"){
return (pass);
}
if( req.url ~ "oauth_token" || req.url ~ "twc_req_key"){
set req.backend = master_only;
return (pass);
}
# File type that we will always cache
if (req.request == "GET" && req.url ~ "\.(gif|jpg|swf|css|js|png|jpg|jpeg|gif|png|tiff|tif|svg|swf|ico|css|js|vsd|doc|ppt|pps|xls|pdf|mp3|mp4|m4a|ogg|mov|avi|wmv|sxw|zip|gz|bz2|tgz|tar|rar|odc|odb|odf|odg|odi|odp|ods|odt|sxc|sxd|sxi|sxw|dmg|torrent|deb|msi|iso|rpm)$") {
return(lookup);
}
# logged in users must always pass
# Removed req.http.Cookie ~ "wordpress_logged_in_"
if(req.url ~ "\?esi$") {
} else if( req.url ~ "^/[^?]+/wp-(login|admin)" || req.url ~ "^/wp-(login|admin)" || req.url ~ "preview=true") {
return (pass);
}
# Resize images
if( req.url ~ "\.png\?s=60" ){
}
elsif( req.url ~ "\?s="){
# don't cache search results
return (pass);
}
# always pass through posted requests and those with basic auth
if ( req.request == "POST" || req.http.Authorization ) {
return (pass);
}
# else ok to fetch a cached page
unset req.http.Cookie;
return (lookup);
}
sub vcl_fetch {
# Serve items up to half an hour past their expire time
set beresp.grace = 30m;
set beresp.ttl = 48h;
# cache ESI requests for 5 minutes
if (req.url ~ "\?esi$") {
set beresp.ttl = 5m;
}
# remove some headers we never want to see
unset beresp.http.Server;
unset beresp.http.X-Powered-By;
unset beresp.http.x-backend;
# Enable ESI mode in varnish based on backend responce headers
if (beresp.http.esi-enabled == "1") {
set beresp.do_esi = true;
#unset beresp.http.esi-enabled;
}
# You are respecting the Cache-Control=private header from the backend
if (beresp.http.Cache-Control ~ "private") {
set beresp.http.X-Cacheable = "NO:Cache-Control=private";
# You are extending the lifetime of the object artificially
} elsif (beresp.ttl < 1s) {
set beresp.ttl = 5s;
set beresp.grace = 5s;
set beresp.http.X-Cacheable = "YES:FORCED";
# Varnish determined the object was cacheable
} else {
set beresp.http.X-Cacheable = "YES";
}
# don't cache response to posted requests or those with basic auth
if ( req.request == "POST" || req.http.Authorization ) {
return (hit_for_pass);
}
# cache 404s and 301s for 1 minute
if (beresp.status == 404 || beresp.status == 500 || beresp.status == 301 || beresp.status == 302) {
set beresp.ttl = 1m;
return (deliver);
}
# any other request except 200
if ( beresp.status != 200) {
return (hit_for_pass);
}
# else ok to cache the response
#set beresp.http.X-expires = beresp.ttl;
return (deliver);
}
sub vcl_deliver {
# add debugging headers, so we can see what's cached
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
}
else {
set resp.http.X-Cache = "MISS";
}
# remove some headers added by varnish
unset resp.http.Via;
unset resp.http.X-Varnish;
}
sub vcl_hash {
# convert request in hash for cache lookup
hash_data(req.url);
# altering hash so subdomains are ignored.
# don't do this if you actually run different sites on different subdomains
if (req.http.host) {
hash_data(req.http.host);
}
# MOBILE
# ensure separate cache for mobile clients (WPTouch workaround)
if( req.http.User-Agent ~ "(?i)(iphone|ipod|aspen|incognito|webmate|android|dream|cupcake|froyo|blackberry|webos|samsung|bada|IEMobile|htc|Maemo|Fennec)" ){
hash_data("touch");
} else { # We're AB-ing only the desktop site
if( req.http.X-AB ) {
hash_data(req.http.X-AB);
}
}
return (hash);
}
sub vcl_error {
# retry connecting to apache 3 times before giving up
if (obj.status == 503 && req.restarts < 2) {
set obj.http.X-Restarts = req.restarts;
return(restart);
}
if (obj.status == 301) {
set obj.http.Location = req.url;
set obj.status = 301;
return(deliver);
}
}
Jump to Line
Something went wrong with that request. Please try again.