与wordpress在清漆配置上的cookie问题

Question

I am working on a wordpress site with varnish configs setup.for security concern i use ithemes security plugin and activated the hide wp-login and added a custom login url.my custom url is mysite.com/secret-login So when i use this url to login to wp-admin

ERROR: Cookies are blocked or not supported by your browser. You must enable cookies to use WordPress.

is getting. So I contacted the plugin owner and this is what he has to say

The issue is likely caused by your Varnish config. The config is likely set to allow and recognize cookies when the URL matches wp-login or wp-admin while dropping cookies elsewhere.

So I will have to edit my varnish config.But I have no idea how it should be configured to match the above. Here is my dafault.vcl varnish

vcl 4.0;
backend default {
.host = "127.0.0.1";
.port = "8080";
.connect_timeout = 600s;
.first_byte_timeout = 600s;
.between_bytes_timeout = 600s;
}
backend master {
.host = "127.0.0.1";
.port = "8080";
}
acl purge {
    "localhost";
}
sub vcl_recv {
if (req.method == "PURGE") {
    if (!client.ip ~ purge) {
        return(synth(405, "Not allowed."));
    }
    return(hash);
}
if (req.restarts == 0) {
    if (req.http.x-forwarded-for) {
        set req.http.X-Forwarded-For =
        req.http.X-Forwarded-For + ", " + client.ip;
    } else {
        set req.http.X-Forwarded-For = client.ip;
    }
}

### do not cache these files:
##never cache the admin pages, or the server-status page
if (req.url ~ "wp-(admin|login)" || req.http.Content-Type ~ "multipart/form-data")
{
    set req.backend_hint = master;
    return(pass);
}

## always cache these images & static assets
if (req.method == "GET" && req.url ~ "\.(css|js|gif|jpg|jpeg|bmp|png|ico|img|tga|wmf)$") {
    unset req.http.cookie;
    return(hash);
}
if (req.method == "GET" && req.url ~ "(xmlrpc.php|wlmanifest.xml)") {
    unset req.http.cookie;
    return(hash);
}

#never cache POST requests
if (req.method == "POST")
{
    return(pass);
}
#DO cache this ajax request
if(req.http.X-Requested-With == "XMLHttpRequest" && req.url ~ "recent_reviews")
{
    return (hash);
}

#dont cache ajax requests
if(req.http.X-Requested-With == "XMLHttpRequest" || req.url ~ "nocache" || req.url ~ "(control.php|wp-comments-post.php|wp-login.php|bb-login.php|bb-reset-password.php|register.php)")
{
    return (pass);
}

if (req.http.Cookie && req.http.Cookie ~ "wordpress_") {
    set req.http.Cookie = regsuball(req.http.Cookie, "wordpress_test_cookie=", "; wpjunk=");
}
### don't cache authenticated sessions
if (req.http.Cookie && req.http.Cookie ~ "(wordpress_|PHPSESSID)") {
    return(pass);
}

### parse accept encoding rulesets to make it look nice
if (req.http.Accept-Encoding) {
    if (req.http.Accept-Encoding ~ "gzip") {
        set req.http.Accept-Encoding = "gzip";
    } elsif (req.http.Accept-Encoding ~ "deflate") {
        set req.http.Accept-Encoding = "deflate";
    } else {
        # unkown algorithm
        unset req.http.Accept-Encoding;
    }
}


if (req.http.Cookie)
{
    set req.http.Cookie = ";" + req.http.Cookie;
    set req.http.Cookie = regsuball(req.http.Cookie, "; +", ";");
    set req.http.Cookie = regsuball(req.http.Cookie, ";(vendor_region|PHPSESSID|themetype2)=", "; \1=");
    set req.http.Cookie = regsuball(req.http.Cookie, ";[^ ][^;]*", "");
    set req.http.Cookie = regsuball(req.http.Cookie, "^[; ]+|[; ]+$", "");

    if (req.http.Cookie == "") {
        unset req.http.Cookie;
    }
}
if (req.url ~ "^/$") {
    unset req.http.cookie;
}
return(hash);
}
sub vcl_miss {
if (req.method == "PURGE") {
    return (synth(404, "Not in cache."));
}
if (!(req.url ~ "wp-(login|admin)")) {
    unset req.http.cookie;
}
if (req.url ~ "^/[^?]+.(jpeg|jpg|png|gif|ico|js|css|txt|gz|zip|lzma|bz2|tgz|tbz|html|htm)(\?.|)$") {
    unset req.http.cookie;
    set req.url = regsub(req.url, "\?.$", "");
}
if (req.url ~ "^/$") {
    unset req.http.cookie;
}
}
sub vcl_backend_response {
if (bereq.url ~ "^/$") {
    unset beresp.http.set-cookie;
}
if (!(bereq.url ~ "wp-(login|admin)")) {
    unset beresp.http.set-cookie;
}
if (bereq.method == "PURGE") {
    set beresp.ttl = 0s;
}
}
sub vcl_deliver {
if (obj.hits > 0) {
        set resp.http.X-Cache = "HIT";
} else {
        set resp.http.X-Cache = "MISS";
}
}

Please suggest me to configure it and work.

if ( !( req.url ~ ^/secret-login/) ) {
unset req.http.Cookie;
}

Will the above code work ? but i dont know where exactly i should add this.Please help

Answer 1

added as follows and it worked

inside

sub vcl_miss {

 if (!(req.url ~ "wp-(login|admin)" || req.url ~ "(secret-login)")) {
    unset req.http.cookie;
}
}

and

sub vcl_backend_response { 
if (!(bereq.url ~ "wp-(login|admin)" || bereq.url ~ "(secret-login)")) {
    unset beresp.http.set-cookie;
}
}

Worked !!