Nginx – how to disable varnish X Forwarded For header

apache-2.2nginxvarnish

i am using nginx <=> varnish <=> apache

i am passing client IP to varnish via nginx proxy_set_header X-Forwarded-For $remote_addr;

but varnish also adding X-Forwarded-For as 127.0.0.1 so apache showing 2 IPs comma based.

i need IP send by nginx only i want to disable varnish adding 127.0.0.1

varnish version 3.0.0
here is default.vcl

backend default {
.host = "204.29.58.4";
.port = "80"; } sub vcl_recv {
if (req.http.Range) {
return(pipe);
} }

Best Answer

The default vcl_recv function (which is appended to yours) contains this:

 if (req.restarts == 0) {
   if (req.http.x-forwarded-for) {
       set req.http.X-Forwarded-For =
           req.http.X-Forwarded-For + ", " + client.ip;
   } else {
       set req.http.X-Forwarded-For = client.ip;
   }
 }

..which is modifying the header. To prevent this from happening, you should have your vcl_recv implemented as a full function that always returns, instead of depending on the appending of the default behavior, which contains config that you don't want. Something like this:

sub vcl_recv {
    if (req.http.Range) {
      return(pipe);
    }
    if (req.request != "GET" &&
      req.request != "HEAD" &&
      req.request != "PUT" &&
      req.request != "POST" &&
      req.request != "TRACE" &&
      req.request != "OPTIONS" &&
      req.request != "DELETE") {
        /* Non-RFC2616 or CONNECT which is weird. */
        return (pipe);
    }
    if (req.request != "GET" && req.request != "HEAD") {
        /* We only deal with GET and HEAD by default */
        return (pass);
    }
    if (req.http.Authorization || req.http.Cookie) {
        /* Not cacheable by default */
        return (pass);
    }
    return (lookup);
}

Related Solutions

mod_rpaf Nginx Apache – Fix Issues After Ubuntu Upgrade

Just been dealing with this myself. There was an Ubuntu bug confirmed on Friday. You can get things working again by changing:

<IfModule mod_rpaf.c>

<IfModule mod_rpaf-2.0.c>

in /etc/apache2/mods-available/rpaf.conf

Varnish doesn’t seems to be doing anything

The way I have setup Varnish/Magento with Turpentine before is like this:

Have varnish listen on port 80, nginx on any port (something like 8080)

Configure varnish to listen on port 80 in /etc/default/varnish.conf

Configure /etc/varnish/default.vcl and set backend to 8080 (which is set right now)

so the requests from internet will hit on Varnish and if it finds the static content in it's cache it won't go back to the nginx to process. It will simply deliver that content from it's cache.

The cache is set to store in RAM as it's set to malloc 256m means 256MB in RAM you can also store it's cache in Hard Disk in a file and size it according to your disk space and needs.

nginx does not need to listen on port 80 because you will have Varnish there. So any request which is not served by Varnish will be sent back to nginx on port 8080. Nginx will send that back to php-fpm which will process it and send back the results to nginx which in turn will send the results to Varnish which again sends it to browser.

the headers are set in the varnish vcl file. You may see the varnish headers once it's listening on port 80 and delivering the content to browsers.

Best Answer

Related Solutions

mod_rpaf Nginx Apache – Fix Issues After Ubuntu Upgrade

Varnish doesn’t seems to be doing anything

Related Topic