Wordpress Varnish 4在返回pass时不允许登录Drupal 7,仅在返回管道时才允许登录
我们的服务器上有几个Apache虚拟主机,一些是Drupal站点,一些是Wordpress站点。我最近安装了Varnish 4,并正确配置了它。据我所知,它工作得很好,只是返回过程的性能不如我预期的那样。考虑下面这段代码,在这里,www. FordAdAccess是唯一一个我想拥有ValueCache的虚拟主机:Wordpress Varnish 4在返回pass时不允许登录Drupal 7,仅在返回管道时才允许登录,wordpress,drupal,drupal-7,varnish,varnish-vcl,Wordpress,Drupal,Drupal 7,Varnish,Varnish Vcl,我们的服务器上有几个Apache虚拟主机,一些是Drupal站点,一些是Wordpress站点。我最近安装了Varnish 4,并正确配置了它。据我所知,它工作得很好,只是返回过程的性能不如我预期的那样。考虑下面这段代码,在这里,www. FordAdAccess是唯一一个我想拥有ValueCache的虚拟主机: sub vcl_recv { if (req.http.host != "www.foradacopa.com") { return (pass); } # M
sub vcl_recv {
if (req.http.host != "www.foradacopa.com") {
return (pass);
}
# More stuff happens after this, but as I understand it should only apply to
# www.foradacopa.com requests, right?
}
在VCL配置文件中,我无法登录www.pickupamerica.org,这是一个Drupal站点。相反,我得到的结果与此类似:。检查登录后响应的标题时,没有通常存在的设置Cookie,并且响应不是来自缓存。默认情况下,当您返回pass时,Varnish是否会更改标题或内容?在我的VCL配置中是否有其他地方我应该查找此头的剥离?在你返回通行证后会发生什么?难道它不应该将请求传递到后端并返回后端响应而不进行更改吗
下面是完整的VCL配置文件,我们在其中返回管道而不是pass,并且可以登录。在安全性和性能方面,这是一个可接受的解决方案吗
backend default {
.host = "127.0.0.1";
.port = "8080";
}
acl purge {
"10.0.1.100";
"10.0.1.101";
"10.0.1.102";
"10.0.1.103";
"10.0.1.104";
}
sub vcl_recv {
if (req.http.host != "www.foradacopa.com") {
return (pipe);
}
if (req.request == "PURGE") {
if (!client.ip ~ purge) {
error 405 "Not allowed.";
}
return (lookup);
}
if (req.url ~ "\.(gif|jpg|jpeg|swf|css|js|flv|mp3|mp4|pdf|ico|png)(\?.*|)$") {
unset req.http.cookie;
set req.url = regsub(req.url, "\?.*$", "");
}
if (req.url ~ "\?(utm_(campaign|medium|source|term)|adParams|client|cx|eid|fbid|feed|ref(id|src)?|v(er|iew))=") {
set req.url = regsub(req.url, "\?.*$", "");
}
if (req.url ~ "wp-(login|admin)" || req.url ~ "preview=true" || req.url ~ "xmlrpc.php") {
return (pass);
}
if (req.http.cookie) {
if (req.http.cookie ~ "(wordpress_|wp-settings-)") {
return(pass);
} else {
unset req.http.cookie;
}
}
}
sub vcl_fetch {
if ( (!(req.url ~ "(wp-(login|admin)|login)")) || (req.request == "GET") ) {
unset beresp.http.set-cookie;
set beresp.ttl = 1h;
}
if (req.url ~ "\.(gif|jpg|jpeg|swf|css|js|flv|mp3|mp4|pdf|ico|png)(\?.*|)$") {
set beresp.ttl = 365d;
}
}
sub vcl_deliver {
# multi-server webfarm? set a variable here so you can check
# the headers to see which frontend served the request
# set resp.http.X-Server = "server-01";
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
} else {
set resp.http.X-Cache = "MISS";
}
}
sub vcl_hit {
if (req.request == "PURGE") {
purge;
error 200 "OK";
}
}
sub vcl_miss {
if (req.request == "PURGE") {
purge;
error 404 "Not cached";
}
}
sub vcl_pipe {
# http://www.varnish-cache.org/ticket/451
# This forces every pipe request to be the first one.
set bereq.http.connection = "close";
}
在同一后端上运行Wordpress和Drupal站点并在其前面添加Varnish,同时仍然允许登录的任何其他技巧都将是非常棒的 此流程图帮助我了解了正在发生的事情: 本质上,在调用return pass之后,请求通过vcl_pass、vcl_fetch和vcl_deliver。在我的VCL配置中,cookies在VCL_fetch中被剥离,现在很清楚a pass将通过那里,我明白了为什么我不能登录
在这种情况下,了解返回管道是否比返回通道更有意义仍然是件好事。另外,Wordpress+Drupal的VCL配置智慧非常受欢迎:当您注意到Drupal或Wordpress登录cookie时,至少应该使用管道。但对于Drupal和Wordpress站点,开发人员通常要求完全不干涉Varnish。毕竟,这些工具都有自己的缓存系统