@@ -35,6 +35,7 @@ application:
3535..code-block ::text
3636
3737 sub vcl_recv {
38+ // Add a Surrogate-Capability header to announce ESI support.
3839 set req.http.Surrogate-Capability = "abc=ESI/1.0";
3940 }
4041
@@ -45,12 +46,16 @@ Symfony2 adds automatically:
4546..code-block ::text
4647
4748 sub vcl_fetch {
49+ /*
50+ Check for ESI acknowledgement
51+ and remove Surrogate-Control header
52+ */
4853 if (beresp.http.Surrogate-Control ~ "ESI/1.0") {
4954 unset beresp.http.Surrogate-Control;
5055
51- //for Varnish >= 3.0
56+ //For Varnish >= 3.0
5257 set beresp.do_esi = true;
53- //for Varnish < 3.0
58+ //For Varnish < 3.0
5459 // esi;
5560 }
5661 }
@@ -75,14 +80,43 @@ that will invalidate the cache for a given resource:
7580
7681..code-block ::text
7782
83+ /*
84+ Connect to the backend server
85+ on the local machine on port 8080
86+ */
87+ backend default {
88+ .host = "127.0.0.1";
89+ .port = "8080";
90+ }
91+
92+ sub vcl_recv {
93+ /*
94+ Varnish default behaviour doesn't support PURGE.
95+ Match the PURGE request and immediately do a cache lookup,
96+ otherwise Varnish will directly pipe the request to the backend
97+ and bypass the cache
98+ */
99+ if (req.request == "PURGE") {
100+ return(lookup);
101+ }
102+ }
103+
78104 sub vcl_hit {
105+ // Match PURGE request
79106 if (req.request == "PURGE") {
107+ // Force object expiration for Varnish < 3.0
80108 set obj.ttl = 0s;
109+ // Do an actual purge for Varnish >= 3.0
110+ // purge;
81111 error 200 "Purged";
82112 }
83113 }
84114
85115 sub vcl_miss {
116+ /*
117+ Match the PURGE request and
118+ indicate the request wasn't stored in cache.
119+ */
86120 if (req.request == "PURGE") {
87121 error 404 "Not purged";
88122 }
@@ -91,7 +125,56 @@ that will invalidate the cache for a given resource:
91125caution ::
92126
93127 You must protect the ``PURGE `` HTTP method somehow to avoid random people
94- purging your cached data.
128+ purging your cached data. You can do this by setting up an access list:
129+
130+ ..code-block ::text
131+ /*
132+ Connect to the backend server
133+ on the local machine on port 8080
134+ */
135+ backend default {
136+ .host = "127.0.0.1";
137+ .port = "8080";
138+ }
139+
140+ // Acl's can contain IP's, subnets and hostnames
141+ acl purge {
142+ "localhost";
143+ "192.168.55.0"/24;
144+ }
145+
146+ sub vcl_recv {
147+ // Match PURGE request to avoid cache bypassing
148+ if (req.request == "PURGE") {
149+ // Match client IP to the acl
150+ if (!client.ip ~ purge) {
151+ // Deny access
152+ error 405 "Not allowed.";
153+ }
154+ // Perform a cache lookup
155+ return(lookup);
156+ }
157+ }
158+
159+ sub vcl_hit {
160+ // Match PURGE request
161+ if (req.request == "PURGE") {
162+ // Force object expiration for Varnish < 3.0
163+ set obj.ttl = 0s;
164+ // Do an actual purge for Varnish >= 3.0
165+ // purge;
166+ error 200 "Purged";
167+ }
168+ }
169+
170+ sub vcl_miss {
171+ // Match PURGE request
172+ if (req.request == "PURGE") {
173+ // Indicate that the object isn't stored in cache
174+ error 404 "Not purged";
175+ }
176+ }
177+
95178
96179`Edge Architecture` :http://www.w3.org/TR/edge-arch
97180.. _`GZIP and Varnish` :https://www.varnish-cache.org/docs/3.0/phk/gzip.html