0

I wonder if someone can point me in the right direction with this. Something changed on my VPS at my hosting provider and loads of things have been going wrong ever since. One of those things is Varnish - I have had to rebuild my whole varnish configuration and since, every few hours a few of my sites encounter a 404 Forbidden error that is only solved by restarting varnish manually via SSH. I have attached my config below. If someone can help me that would be great. Really starting to pull my hair out now!

backend default {
  .host = "publicIP";
  .port = "8080";
}




acl purge { "localhost"; "127.0.0.1"; "publicIP";}

sub vcl_recv {



# IP forwarding.
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}


# Don't serve cached pages to logged in users
    if ( req.http.cookie ~ "wordpress_logged_in" || req.url ~ "vaultpress=true" ) {
        return( pass );
    }   




    if (req.request == "PURGE") {
    if (!client.ip ~ purge) {
    error 405 "Not allowed.";
    }
    return (lookup);
    }



#set req.grace = 60m;
if (req.request != "GET" && req.request != "HEAD" && req.request != "PUT" && req.request != "POST" && req.request != "TRACE" && req.request != "OPTIONS" && req.request != "DELETE") { 
 return (pipe); } 
if (req.request != "GET" && req.request != "HEAD") { 
 return (pass); } 
#if (req.http.Authorization || req.http.Cookie) { 
#return (pass); } 
return (lookup); 
# Set X-Forwarded-For header for logging in nginx
remove req.http.X-Forwarded-For;
set req.http.X-Forwarded-For = client.ip;

# Remove has_js and CloudFlare/Google Analytics __* cookies and statcounter is_unique
set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(_[_a-z]+|has_js|is_unique)=[^;]*", "");
# Remove a ";" prefix, if present.
set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", "");

# Either the admin pages or the login
if (req.url ~ "/wp-(login|admin|cron|cart|my-account|checkout|addons|administrator)") {
# Don't cache, pass to backend
return (pass);
}
if (req.url ~ "/administrator") {
  return (pass);
} 
if ( req.url ~ "\?add-to-cart=" ) {
 return (pass);
}
if (req.url ~ "/(contact-us|contact|get-a-quote|upload-files|competition)")
{
return(pass);
}
# Never cache PUT, PATCH, DELETE or POST requests 
#if (req.method == "PUT" || req.method == "PATCH" || req.method == "DELETE" || req.method == "POST") { 
#return (pass);
#} 
# Remove the wp-settings-1 cookie
set req.http.Cookie = regsuball(req.http.Cookie, "wp-settings-1=[^;]+(; )?", "");

# Remove the wp-settings-time-1 cookie
set req.http.Cookie = regsuball(req.http.Cookie, 
"wp-settings-time-1=[^;]+(; )?", "");

# Remove the wp test cookie
set req.http.Cookie = regsuball(req.http.Cookie, 
"wordpress_test_cookie=[^;]+(;)?", "");

# Static content unique to the theme can be cached (so no user uploaded images)
# The reason I don't take the wp-content/uploads is because of cache size on bigger blogs
# that would fill up with all those files getting pushed into cache
if (req.url ~ "lib/themes/" && req.url ~ 
"\.(css|js|png|gif|jp(e)?g)") {
unset req.http.cookie;
}

# Even if no cookies are present, I don't want my "uploads" to be cached due to their potential size
if (req.url ~ "/lib/uploads/") {
return (pass);
}

# any pages with captchas need to be excluded
if (req.url ~ "^/contact/" || req.url ~ "^/links/domains-for-sale/")
{
return(pass);
}

# Check the cookies for wordpress-specific items
if (req.http.Cookie ~ "wordpress_" || req.http.Cookie ~ "comment_") {
# A wordpress specific cookie has been set
return (pass);
}

# allow PURGE from localhost
if (req.request == "PURGE") {
if (!client.ip ~ purge) {
error 405 "Not allowed.";
}
return (lookup);
}

# Force lookup if the request is a no-cache request from the client
if (req.http.Cache-Control ~ "no-cache") {
return (pass);
}

# Try a cache-lookup
return (lookup);

}

sub vcl_fetch {
#set obj.grace = 5m;
#set beresp.grace = 60m;

   set beresp.http.Vary = "Accept-Encoding";
# Images
if (req.url ~ "\.(jpg|jpeg|png|gif|ico|tiff|tif|bmp|ppm|pgm|xcf|psd|webp|svg)") {
  unset beresp.http.cookie;
  set beresp.http.cache-control = "max-age=2592000";
  return (hit_for_pass);
}

if (!(req.url ~ "wp-(login|admin|cron|cart|my-account|checkout|addons|administrator)")) {
    set beresp.ttl = 6h;
    set beresp.http.cache-control = "max-age=1800, must-revalidate";
}








}

sub vcl_hit {
if (req.request == "PURGE") {
purge;
error 200 "Purged.";
}
}

sub vcl_miss {
if (req.request == "PURGE") {
purge;
error 200 "Purged.";
}
}


sub vcl_deliver {
# multi-server webfarm? set a variable here so you can check
# the headers to see which frontend served the request
#   set resp.http.X-Server = "server-01";
   if (obj.hits > 0) {
     set resp.http.X-Cache = "HIT";
   } else {
     set resp.http.X-Cache = "MISS";
   }

     if (resp.http.magicmarker) {
                        /* Remove the magic marker */
                        unset resp.http.magicmarker;

                        /* By definition we have a fresh object */
                        set resp.http.age = "0";
                }

}
WPDEVE
  • 1
  • 2

1 Answers1

0

If this happens every few hours and disappears after a restart of Varnish, it seems to be a memory issue.

How do you store teh varnish cache and have you check is varnish cache is full when this happens ?

Check this for help : https://serverfault.com/a/55219/223334

lazzio
  • 306
  • 1
  • 2
  • 11
  • Not entirely sure how the cache is stored - whatever the default setting is I guess? Also, not sure how to check whether the cache is full or not. Your link doesn't really help me to be honest. Nuked counter is currently showing 0 but that is probably because I have just restarted Varnish. Does varnish stat show how much memory is used/how much is left? – WPDEVE Feb 18 '16 at 12:32
  • Is anyone able to help me with this at all? – WPDEVE Feb 18 '16 at 18:19
  • @wpdeve i aint understand why you prefer vabish over nginx, in nginx it would ve quite easy but please checl at the time of error `ps aux|grep vanish` (or how its been called) moreover post `df -h` and `free - m` – djdomi Sep 01 '19 at 19:02