Fatal编程技术网
  • php/
  • Php wordpress varnish配置中的cookie问题

Php wordpress varnish配置中的cookie问题

php wordpress cookies

Php wordpress varnish配置中的cookie问题,php,wordpress,cookies,varnish,varnish-vcl,Php,Wordpress,Cookies,Varnish,Varnish Vcl,我正在wordpress网站上使用varnish配置设置。出于安全考虑,我使用ithemes安全插件并激活隐藏wp登录并添加自定义登录url。我的自定义url为mysite.com/secret login 所以当我使用这个url登录到wp管理员时 错误:浏览器阻止或不支持cookie。你必须 启用Cookie以使用WordPress 越来越多。 所以我联系了插件所有者,这就是他要说的 问题可能是由您的清漆配置引起的。配置是 可能设置为在URL匹配时允许并识别Cookie wp登录或wp管理,同

我正在wordpress网站上使用varnish配置设置。出于安全考虑,我使用ithemes安全插件并激活隐藏wp登录并添加自定义登录url。我的自定义url为mysite.com/secret login 所以当我使用这个url登录到wp管理员时

错误:浏览器阻止或不支持cookie。你必须 启用Cookie以使用WordPress

越来越多。 所以我联系了插件所有者,这就是他要说的

问题可能是由您的清漆配置引起的。配置是 可能设置为在URL匹配时允许并识别Cookie wp登录或wp管理,同时将Cookie放到其他位置

因此,我将不得不编辑我的varnish配置。但我不知道应该如何配置它以匹配上述内容。 这是我的dafault.vcl清漆

vcl 4.0;
backend default {
.host = "127.0.0.1";
.port = "8080";
.connect_timeout = 600s;
.first_byte_timeout = 600s;
.between_bytes_timeout = 600s;
}
backend master {
.host = "127.0.0.1";
.port = "8080";
}
acl purge {
    "localhost";
}
sub vcl_recv {
if (req.method == "PURGE") {
    if (!client.ip ~ purge) {
        return(synth(405, "Not allowed."));
    }
    return(hash);
}
if (req.restarts == 0) {
    if (req.http.x-forwarded-for) {
        set req.http.X-Forwarded-For =
        req.http.X-Forwarded-For + ", " + client.ip;
    } else {
        set req.http.X-Forwarded-For = client.ip;
    }
}

### do not cache these files:
##never cache the admin pages, or the server-status page
if (req.url ~ "wp-(admin|login)" || req.http.Content-Type ~ "multipart/form-data")
{
    set req.backend_hint = master;
    return(pass);
}

## always cache these images & static assets
if (req.method == "GET" && req.url ~ "\.(css|js|gif|jpg|jpeg|bmp|png|ico|img|tga|wmf)$") {
    unset req.http.cookie;
    return(hash);
}
if (req.method == "GET" && req.url ~ "(xmlrpc.php|wlmanifest.xml)") {
    unset req.http.cookie;
    return(hash);
}

#never cache POST requests
if (req.method == "POST")
{
    return(pass);
}
#DO cache this ajax request
if(req.http.X-Requested-With == "XMLHttpRequest" && req.url ~ "recent_reviews")
{
    return (hash);
}

#dont cache ajax requests
if(req.http.X-Requested-With == "XMLHttpRequest" || req.url ~ "nocache" || req.url ~ "(control.php|wp-comments-post.php|wp-login.php|bb-login.php|bb-reset-password.php|register.php)")
{
    return (pass);
}

if (req.http.Cookie && req.http.Cookie ~ "wordpress_") {
    set req.http.Cookie = regsuball(req.http.Cookie, "wordpress_test_cookie=", "; wpjunk=");
}
### don't cache authenticated sessions
if (req.http.Cookie && req.http.Cookie ~ "(wordpress_|PHPSESSID)") {
    return(pass);
}

### parse accept encoding rulesets to make it look nice
if (req.http.Accept-Encoding) {
    if (req.http.Accept-Encoding ~ "gzip") {
        set req.http.Accept-Encoding = "gzip";
    } elsif (req.http.Accept-Encoding ~ "deflate") {
        set req.http.Accept-Encoding = "deflate";
    } else {
        # unkown algorithm
        unset req.http.Accept-Encoding;
    }
}


if (req.http.Cookie)
{
    set req.http.Cookie = ";" + req.http.Cookie;
    set req.http.Cookie = regsuball(req.http.Cookie, "; +", ";");
    set req.http.Cookie = regsuball(req.http.Cookie, ";(vendor_region|PHPSESSID|themetype2)=", "; \1=");
    set req.http.Cookie = regsuball(req.http.Cookie, ";[^ ][^;]*", "");
    set req.http.Cookie = regsuball(req.http.Cookie, "^[; ]+|[; ]+$", "");

    if (req.http.Cookie == "") {
        unset req.http.Cookie;
    }
}
if (req.url ~ "^/$") {
    unset req.http.cookie;
}
return(hash);
}
sub vcl_miss {
if (req.method == "PURGE") {
    return (synth(404, "Not in cache."));
}
if (!(req.url ~ "wp-(login|admin)")) {
    unset req.http.cookie;
}
if (req.url ~ "^/[^?]+.(jpeg|jpg|png|gif|ico|js|css|txt|gz|zip|lzma|bz2|tgz|tbz|html|htm)(\?.|)$") {
    unset req.http.cookie;
    set req.url = regsub(req.url, "\?.$", "");
}
if (req.url ~ "^/$") {
    unset req.http.cookie;
}
}
sub vcl_backend_response {
if (bereq.url ~ "^/$") {
    unset beresp.http.set-cookie;
}
if (!(bereq.url ~ "wp-(login|admin)")) {
    unset beresp.http.set-cookie;
}
if (bereq.method == "PURGE") {
    set beresp.ttl = 0s;
}
}
sub vcl_deliver {
if (obj.hits > 0) {
        set resp.http.X-Cache = "HIT";
} else {
        set resp.http.X-Cache = "MISS";
}
}
请建议我配置它并工作

if ( !( req.url ~ ^/secret-login/) ) {
unset req.http.Cookie;
}
上面的代码可以工作吗?但是我不知道我应该在哪里添加这个。请帮助我按如下方式添加,它成功了

里面

sub vcl_miss {

 if (!(req.url ~ "wp-(login|admin)" || req.url ~ "(secret-login)")) {
    unset req.http.cookie;
}
}

成功了

sub vcl_backend_response { 
if (!(bereq.url ~ "wp-(login|admin)" || bereq.url ~ "(secret-login)")) {
    unset beresp.http.set-cookie;
}
}