Mailing List Archive

When a user tries to upload content via our CMS, we're getting a incorrect permissions due to PHPSESSID not being sent.
Here is my current vcl file, what would I have to change to resolve the PHPSESSID error?
As an alternative to resolving this issue (not ideal) set a section of the site to not be cached by varnish but I'm also not sure of how to do that.
vcl 4.0;
import directors;
import std;

backend site1 {
.host = "127.0.0.1";
.port = "8080";
}

backend site2 {
.host = "127.0.0.1";
.port = "8081";
}

backend site3 {
.host = "127.0.0.1";
.port = "8082";
}

acl purge {
"localhost";
"127.0.0.1";
}


sub vcl_recv {
# SINGLE BACKEND
# set req.backend_hint= default;
if (req.http.host == "www.site2.co.uk") {
set req.backend_hint = site2;
}
else if (req.http.host == "www.site3.co.uk") {
set req.backend_hint = site3;
}
else if (req.http.host == "site1.site2.co.uk") {
set req.backend_hint = site1;
}
else {
return (synth(404, "Host not found"));
}

# SET HTTP HEADERS
set req.http.X-Forwarded-For = client.ip;
set req.http.X-Forwarded-Proto = "https";

# REMOVE HEADERS THAT MIGHT DUPLICATE CACHE
unset req.http.Accept-Language;
unset req.http.User-Agent;

# PURGE
if (req.method == "PURGE") {
if (!client.ip ~ purge) {
return(synth(405,"Not allowed."));
}
return (purge);
}
if ( std.port(server.ip) == 6080) {

set req.http.x-redir = "https://" + req.http.host + req.url;
return (synth(750, "Moved permanently"));
}

# DROP COOKIES AND PARAMS FROM STATIC ASSET
if (req.url ~ "\.(gif|jpg|jpeg|swf|ttf|css|js|flv|mp3|mp4|pdf|ico|png)(\?.*|)$") {
unset req.http.cookie;
set req.url = regsub(req.url, "\?.*$", "");
}

# PASS COOKIES
if (req.http.cookie) {
if (req.http.cookie ~ "(exclude_)") {
return(pass);
} else {
unset req.http.cookie;
}
}
}



sub vcl_backend_response {
# RETRY BACKEND 3 TIMES IF DOWN
if (beresp.status == 503 && bereq.retries < 3 ) {
return(retry);
}

if (bereq.http.Cookie ~ "(UserID|_session)") {
set beresp.http.X-Cacheable = "NO:Got Session";
set beresp.uncacheable = true;
return (deliver);

} elsif (beresp.ttl <= 0s) {
set beresp.http.X-Cacheable = "YES";

} elsif (beresp.http.set-cookie) {
set beresp.http.X-Cacheable = "YES";
set beresp.uncacheable = false;
return (deliver);

} elsif (beresp.http.Cache-Control ~ "private") {
set beresp.http.X-Cacheable = "NO:Cache-Control=private";
set beresp.uncacheable = true;
return (deliver);

} else {
set beresp.http.X-Cacheable = "YES";

unset beresp.http.expires;

set beresp.http.cache-control = "max-age=900";

set beresp.ttl = 1w;

set beresp.http.magicmarker = "1";
}

# UNSET COOKIES
if (!(bereq.url ~ "(exclude)")) {
set beresp.http.X-UnsetCookies = "TRUE";
unset beresp.http.set-cookie;
set beresp.ttl = 1h;
}

# YEAR LONG CACHE FILE TYPES
if (bereq.url ~ "\.(gif|jpg|jpeg|png)(\?.*|)$") {
set beresp.ttl = 365d;

# MONTH LONG CACHE FILE TYPES
if (bereq.url ~ "\.(css|js|flv|mp3|mp4|pdf|)(\?.*|)$") {
set beresp.ttl = 30d;

}

}
set beresp.grace = 1w;

}

sub vcl_hash {
if ( req.http.X-Forwarded-Proto ) {
hash_data( req.http.X-Forwarded-Proto );
}
}

sub vcl_backend_error {
# DISPAY CUSTOM ERROR IF FAILS
if (beresp.status == 503 && bereq.retries == 3) {
synthetic(std.fileread("/etc/varnish/error503.html"));
return(deliver);
}
}

sub vcl_synth {
# REDIRECT FOR HTTP
if (resp.status == 750) {
set resp.status = 301;
set resp.http.Location = req.http.x-redir;
return(deliver);
}
# DISPLAY CUSTOM PAGE IF BACKEND DOWN
if (resp.status == 503) {
synthetic(std.fileread("/etc/varnish/error503.html"));
return(deliver);
}
}


sub vcl_deliver {


# RESTART IF BACKEND DOWN
if (resp.status == 503) {
return(restart);
}
if (resp.http.magicmarker) {
# REMOVE MAGIC MARK
unset resp.http.magicmarker;

# FRESH OBJECT
set resp.http.age = "0";
}
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
} else {
set resp.http.X-Cache = "MISS";
}
set resp.http.Access-Control-Allow-Origin = "*";
}
sub vcl_hit {
if (req.method == "PURGE") {
return(synth(200,"OK"));
}
}


sub vcl_miss {
if (req.method == "PURGE") {
return(synth(404,"Not cached"));
}
}