Varnish ban query string

varnish

I'm trying to setup ban in Varnish 4.
I have this in vcl_recv :

    ban("req.http.host == " +req.http.host+" && req.url ~ "+req.url);
    return(synth(200, "Ban added"));

When I make a request, it does say ban added, and I do see it un the ban.list with varnishadm :

1499676469.672070     0    req.http.host == something.com && req.url ~ /some/path?q=*

Except it doesn't work, nothing gets invalidated.
If I try to ban path* it seems to apply to "regular" files like path.css for example, but it looks like it never invalidates URLs based on query string.
Is there something else I need to do to get it to consider the query string ?
The query strings are pretty unreadable, full of % codes, if that matters.

Thanks

Best Answer

I think you're looking for PURGE instead. It will be more effective, and will invalidate whatever URL you request in PURGE request. In vcl_recv, add:

if (req.method == "PURGE") {
    # If not allowed then a error 405 is returned
    if (!client.ip ~ purge) {
        return(synth(405, "This IP is not allowed to send PURGE requests."));
    }
    return (purge);
}

Next, invalidate a page from cache:

curl -X PURGE http://127.0.0.1/your-super-request-with-params -H "Host: example.com"

If you really want BANs instead (do you really have to?), then don't use REGEX matching (~) to invalidate specific URLs, since it will more than likely interpret ? and other query parameters as engine flags. So:

ban("req.http.host == " + req.http.host + " && req.url = " + req.url);
return(synth(200, "Ban added"));

Related Solutions

Nginx – Configure php5-fpm for many concurrent users

I suspect your varnish cache is not caching anywhere near enough of the hits

here's what I would do in your situation:

Lower php max children to 100 or even 50 (if varnish does its job properly you don't need them) also remove the max requests line to allow the php processes not to respawn too quickly and thus prevent APC from being cleared too quickly which is also bad

also IF is not good according to nginx - http://wiki.nginx.org/IfIsEvil

I would change this line:

            if (!-e $request_filename) {
                    rewrite ^(.+)$ /index.php?q=$1 last;
            }

to:

try_files $uri $uri/ /index.php?$args;

If your version of nginx supports it (pretty certain if your nginx version is > 0.7.51 then it supports it)

you should also look at inserting the w3tc nginx rules direct into your vhost file to enabled proper disk enhanced caching of pages (which is faster than APC caching with nginx)

Take a look at the following varnish vcl which I use for sites - you will need to read through and edit a few things for your website - it also assumes that its only WP sites on the server and only 1 site on the server, it can easily be modified for more sites (take a look at the cookie section)

generic vcl: https://gist.github.com/b7332971a848bcb7ecef

With this config I would argue to remove fastcgi_cache to prevent any possible issues with a cache-chain occurring whereby trying locate any stray stale cache entries is more difficult

also tell w3tc that varnish is at 127.0.0.1 and it will purge it for you ;)

I deployed this to a server on Wednesday evening (with a few domain specific modifications) that was handling 2500 active site visitors it reduced load to less than 1 and the approx number of running php children was around 10-20 (this number does depend on number of logged in users and other factors like cookies) this server did have much more ram but the principle is the same, you should be able to easily handle the number of visitors you get at peaks

Nginx – How to set Varnish so that it doesn’t cache a specific URL with a query string

Putting the following block in vcl_recv should do it:

if ( req.url ~ "^/\?random" ) {
  return (pass);
}

When you return(pass), you will jump past the opportunity to look up the request in the cache.

The default behavior is to do a bunch of tests to see if it is likely that the content is dynamic (does it set cookies, does it require authentication, is it a POST-request, things like that) - if none of those conditions are met, Varnish falls back to return(lookup)

Best Answer

Related Solutions

Nginx – Configure php5-fpm for many concurrent users

Nginx – How to set Varnish so that it doesn’t cache a specific URL with a query string

Related Topic