stackoom
  简体   繁体   中英

cookie issue on varnish config with wordpress

 原文  2015-12-04 06:06:12       php/ wordpress/ cookies/ varnish/ varnish-vcl

Question

I am working on a wordpress site with varnish configs setup.for security concern i use ithemes security plugin and activated the hide wp-login and added a custom login url.my custom url is mysite.com/secret-login So when i use this url to login to wp-admin

ERROR: Cookies are blocked or not supported by your browser. You must enable cookies to use WordPress.

is getting. So I contacted the plugin owner and this is what he has to say

The issue is likely caused by your Varnish config. The config is likely set to allow and recognize cookies when the URL matches wp-login or wp-admin while dropping cookies elsewhere.

So I will have to edit my varnish config.But I have no idea how it should be configured to match the above. Here is my dafault.vcl varnish 

vcl 4.0;
backend default {
.host = "127.0.0.1";
.port = "8080";
.connect_timeout = 600s;
.first_byte_timeout = 600s;
.between_bytes_timeout = 600s;
}
backend master {
.host = "127.0.0.1";
.port = "8080";
}
acl purge {
    "localhost";
}
sub vcl_recv {
if (req.method == "PURGE") {
    if (!client.ip ~ purge) {
        return(synth(405, "Not allowed."));
    }
    return(hash);
}
if (req.restarts == 0) {
    if (req.http.x-forwarded-for) {
        set req.http.X-Forwarded-For =
        req.http.X-Forwarded-For + ", " + client.ip;
    } else {
        set req.http.X-Forwarded-For = client.ip;
    }
}

### do not cache these files:
##never cache the admin pages, or the server-status page
if (req.url ~ "wp-(admin|login)" || req.http.Content-Type ~ "multipart/form-data")
{
    set req.backend_hint = master;
    return(pass);
}

## always cache these images & static assets
if (req.method == "GET" && req.url ~ "\.(css|js|gif|jpg|jpeg|bmp|png|ico|img|tga|wmf)$") {
    unset req.http.cookie;
    return(hash);
}
if (req.method == "GET" && req.url ~ "(xmlrpc.php|wlmanifest.xml)") {
    unset req.http.cookie;
    return(hash);
}

#never cache POST requests
if (req.method == "POST")
{
    return(pass);
}
#DO cache this ajax request
if(req.http.X-Requested-With == "XMLHttpRequest" && req.url ~ "recent_reviews")
{
    return (hash);
}

#dont cache ajax requests
if(req.http.X-Requested-With == "XMLHttpRequest" || req.url ~ "nocache" || req.url ~ "(control.php|wp-comments-post.php|wp-login.php|bb-login.php|bb-reset-password.php|register.php)")
{
    return (pass);
}

if (req.http.Cookie && req.http.Cookie ~ "wordpress_") {
    set req.http.Cookie = regsuball(req.http.Cookie, "wordpress_test_cookie=", "; wpjunk=");
}
### don't cache authenticated sessions
if (req.http.Cookie && req.http.Cookie ~ "(wordpress_|PHPSESSID)") {
    return(pass);
}

### parse accept encoding rulesets to make it look nice
if (req.http.Accept-Encoding) {
    if (req.http.Accept-Encoding ~ "gzip") {
        set req.http.Accept-Encoding = "gzip";
    } elsif (req.http.Accept-Encoding ~ "deflate") {
        set req.http.Accept-Encoding = "deflate";
    } else {
        # unkown algorithm
        unset req.http.Accept-Encoding;
    }
}


if (req.http.Cookie)
{
    set req.http.Cookie = ";" + req.http.Cookie;
    set req.http.Cookie = regsuball(req.http.Cookie, "; +", ";");
    set req.http.Cookie = regsuball(req.http.Cookie, ";(vendor_region|PHPSESSID|themetype2)=", "; \1=");
    set req.http.Cookie = regsuball(req.http.Cookie, ";[^ ][^;]*", "");
    set req.http.Cookie = regsuball(req.http.Cookie, "^[; ]+|[; ]+$", "");

    if (req.http.Cookie == "") {
        unset req.http.Cookie;
    }
}
if (req.url ~ "^/$") {
    unset req.http.cookie;
}
return(hash);
}
sub vcl_miss {
if (req.method == "PURGE") {
    return (synth(404, "Not in cache."));
}
if (!(req.url ~ "wp-(login|admin)")) {
    unset req.http.cookie;
}
if (req.url ~ "^/[^?]+.(jpeg|jpg|png|gif|ico|js|css|txt|gz|zip|lzma|bz2|tgz|tbz|html|htm)(\?.|)$") {
    unset req.http.cookie;
    set req.url = regsub(req.url, "\?.$", "");
}
if (req.url ~ "^/$") {
    unset req.http.cookie;
}
}
sub vcl_backend_response {
if (bereq.url ~ "^/$") {
    unset beresp.http.set-cookie;
}
if (!(bereq.url ~ "wp-(login|admin)")) {
    unset beresp.http.set-cookie;
}
if (bereq.method == "PURGE") {
    set beresp.ttl = 0s;
}
}
sub vcl_deliver {
if (obj.hits > 0) {
        set resp.http.X-Cache = "HIT";
} else {
        set resp.http.X-Cache = "MISS";
}
}

Please suggest me to configure it and work. 

if ( !( req.url ~ ^/secret-login/) ) {
unset req.http.Cookie;
}

Will the above code work ? but i dont know where exactly i should add this.Please help

1 answers

solution1
 1 ACCPTED  2015-12-15 12:12:47

added as follows and it worked

inside 

sub vcl_miss {

 if (!(req.url ~ "wp-(login|admin)" || req.url ~ "(secret-login)")) {
    unset req.http.cookie;
}
}

and 

sub vcl_backend_response { 
if (!(bereq.url ~ "wp-(login|admin)" || bereq.url ~ "(secret-login)")) {
    unset beresp.http.set-cookie;
}
}

Worked !!

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question WordPress Login&&Cookie issue Varnish not sending PHPSESSID cookie Can I set a cookie value by calling a PHP script from Varnish config Set cookie is have an issue with path in wordpress Codeigniter : Varnish and Cookie / Session conflict Varnish does not cache multiple wordpress Varnish ESI Request — What Cookie Is Sent? wordpress wp-ecommerce shopping cart header/cookie issue Varnish on nGinx and PhpMyAdmin Redirect Issue Issue to include wp-config.php file in wordpress plugin file
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM