Varnish not caching website which have session

Question

I tried curl -I domainname and here is the response.

HTTP/1.1 200 OK
Date: Tue, 21 Apr 2015 14:49:09 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Set-Cookie: PHPSESSID=kpgqqefkge38jlqc608hq12046; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
X-Varnish: 294982
Age: 0
Via: 1.1 varnish-v4
Content-Length: 0
Connection: keep-alive

HTTP/1.1 200 OK
Date: Tue, 21 Apr 2015 14:49:10 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Set-Cookie: PHPSESSID=onqvu51sggp70nla7ke5scgr61; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
X-Varnish: 163920
Age: 0
Via: 1.1 varnish-v4
Connection: keep-alive


HTTP/1.1 200 OK
Date: Tue, 21 Apr 2015 14:49:10 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Set-Cookie: PHPSESSID=s8sd6qufhjl9ki0dh8jc2nb206; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
X-Varnish: 294985
Age: 0
Via: 1.1 varnish-v4
Content-Length: 0
Connection: keep-alive

The above response has following observations :

The PHPsessionID value keeps on changing at every HIT.
The Varnish Age value remain 0 . Which means that the site is not getting chached?

I have a website which requires use of session. As users are allowed to login and their details are kept in session.

Any way how to make the website get cached by Varnish ? Thank you!

Start here and if you can't figure it out from there, come back with more specific information: https://www.varnish-cache.org/trac/wiki/VCLExampleCachingLoggedInUsers — ThatGraemeGuy, Apr 21 '15 at 07:38
Try to use fewer "code" at the begin, our wonderful "gurus" voting to close your question don't really like that. — peterh, Apr 22 '15 at 09:03

score 3 · Answer 1 · answered Apr 21 '15 at 09:46

3

You have to disable PHP's session autostarting, and start sessions only when users log in. This way PHP doesn't set PHPSESSID cookie for non-logged-in users, which lets Varnish cache those pages.

answered Apr 21 '15 at 09:46

Tero Kilkanen

34,499
3
38
58

On my website I did this 1. index.php : the whole site process starts from this page , this had `session_start()`, which **is now removed**. 2. I have page called Ajax.php, which is written just to handle a login ajax call. This page has session_start(). When user is not loggedIN, session_start() is not started from index.php nor ajax php. Varnish caches the page when hit on browser. Now if I browse it should cache other pages too right? But it doesn't. What I noticed is Cookie _gat & _ga (google analytics cookie) are created. Does this block varnish to cache site when hit is on browser? – user1099944 Apr 23 '15 at 13:27
I got success with Varnish caching the site when hitting through browser. Steps 1. Session_start() is removed from site. 2. Setting Cookie on Ajaxcall and not on other pages. 3. `sub vcl_recv {if (req.url ~ "ajaxcalls") {return(pipe);}else{unset req.http.Cookie;}return(hash);}` 4. Now the user info is kept in cookie after the user logs in. On page load I have a ajaxcall which checks the encrypted user value and checks if any user is logged in. 5 But issue is. I get LAG which shows Login on page load and than user name after ajaxcall check, though user is already loggedin. Any alternative? – user1099944 Apr 27 '15 at 11:49

Varnish not caching website which have session

1 Answers1