I have a site which requires users to be logged in, but the pages are not customised. I was playing with a way to cache the content in varnish while still doing an access check. This method uses an access check pages (test.php below) which then uses ESI to load the real, cacheable content.

I’ve tried it in a dev env, I’m not yet sure if we’ll use this in production.

Varnish config

We have a site with a hardware ssl accelerator wich routes http traffic to port 80 and decrypted https traffic (so back to http) to port 443. We wanted varnish to cache the 443 traffic, and I came up with this proof of concept config, in reality you’d want to have a bunch of different rules for your https site to ensure you cache only what you want to.

in /etc/varnish/default.vcl

The default configuration of varnish logs every request twice, once for the client and once for the backend communication

edit the line in /etc/init.d/varnishncsa to something like

To setup an IP based access control list so that only allowed users may access the site.

I’ve just spent too long being very confused as to why varnish wasn’t working

I’d forgotten that the Debian version doesn’t read the default.vcl config file by default!

You ha

I’m using varnish to cache a REST service that’s slow enough to cause me grief in development.

Out of the box it assumes you are caching your own server and that the client is already using the right host header.

To specify that it should use a host header to match the backend I’m using a config like