我正在努力使Varnish缓存与WordPress配合使用。
我使用Nginx作为SSL终止代理,使用Varnish作为前端,使用Nginx监听8080端口作为后端。然后将Cloudflare用作CDN。
我的Varnish vcl文件如下所示: https://gist.github.com/MagePsycho/9be35ce90f1b886e19eedae852e29466
奇怪的是,缓存在Chrome的隐身模式下可以正常工作。
我已经使用以下命令捕获Wordpress主页的日志
varnishlog -q 'ReqURL eq "/"'
1# varnishlog
(Chrome浏览器-正常)
* << Request >> 131964
- Begin req 131963 rxreq
- Timestamp Start: 1550735920.247162 0.000000 0.000000
- Timestamp Req: 1550735920.247162 0.000000 0.000000
- ReqStart 127.0.0.1 55348
- ReqMethod GET
- ReqURL /
- ReqProtocol HTTP/1.1
- ReqHeader X-Real-IP: 162.158.158.52
- ReqHeader X-Forwarded-For: 94.200.42.14, 162.158.158.52
- ReqHeader X-Forwarded-Proto: https
- ReqHeader X-Forwarded-Port: 443
- ReqHeader Host: blog.somedomain.com
- ReqHeader Connection: close
- ReqHeader Accept-Encoding: gzip
- ReqHeader CF-RAY: 4ac7ab4bcd05bc50-LHR
- ReqHeader CF-Visitor: {"scheme":"https"}
- ReqHeader pragma: no-cache
- ReqHeader cache-control: no-cache
- ReqHeader authorization: Basic bWFnZXBzeWNobzpwQHNzNDI5
- ReqHeader upgrade-insecure-requests: 1
- ReqHeader user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
- ReqHeader accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
- ReqHeader accept-language: en-US,en;q=0.9
- ReqHeader cookie: __cfduid=d89eee15302ab3e849289d07c5e0211d81550672156; _ga=GA1.2.1671967921.1550672158; _gid=GA1.2.724641208.1550672158; __utmc=143790182; __utmz=143790182.1550672159.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __zlcmid=qxi22o7iIoGPBJ; PHPS
- ReqHeader CF-Connecting-IP: 94.200.42.14
- ReqHeader CDN-Loop: cloudflare
- ReqUnset X-Forwarded-For: 94.200.42.14, 162.158.158.52
- ReqHeader X-Forwarded-For: 94.200.42.14, 162.158.158.52, 127.0.0.1
- VCL_call RECV
- ReqUnset Host: blog.somedomain.com
- ReqHeader Host: blog.somedomain.com
- ReqUnset X-Forwarded-For: 94.200.42.14, 162.158.158.52, 127.0.0.1
- ReqHeader X-Forwarded-For: 94.200.42.14, 162.158.158.52, 127.0.0.1, 127.0.0.1
- VCL_return pass
- VCL_call HASH
- VCL_return lookup
- VCL_call PASS
- VCL_return fetch
- Link bereq 131965 pass
- Timestamp Fetch: 1550735920.253008 0.005846 0.005846
- RespProtocol HTTP/1.1
- RespStatus 200
- RespReason OK
- RespHeader Server: nginx/1.10.3 (Ubuntu)
- RespHeader Date: Thu, 21 Feb 2019 07:58:40 GMT
- RespHeader Content-Type: text/html; charset=UTF-8
- RespHeader Last-Modified: Wed, 20 Feb 2019 18:49:29 GMT
- RespHeader Content-Encoding: gzip
- RespHeader Vary: Accept-Encoding
- RespHeader Referrer-Policy: no-referrer-when-downgrade
- RespHeader Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
- RespHeader Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
- RespHeader X-Varnish: 131964
- RespHeader Age: 0
- RespHeader Via: 1.1 varnish-v4
- VCL_call DELIVER
- RespHeader X-Cache: MISS
- RespHeader X-Cache-Hits: 0
- RespUnset Server: nginx/1.10.3 (Ubuntu)
- RespUnset X-Varnish: 131964
- RespUnset Age: 0
- RespUnset Via: 1.1 varnish-v4
- VCL_return deliver
- Timestamp Process: 1550735920.253035 0.005873 0.000027
- RespHeader Accept-Ranges: bytes
- RespHeader Transfer-Encoding: chunked
- Debug "RES_MODE 8"
- RespHeader Connection: close
- Timestamp Resp: 1550735920.255363 0.008201 0.002328
- ReqAcct 1089 0 1089 484 28646 29130
- End
2# varnishlog
(适用于Chrome-隐身模式)
* << Request >> 131967
- Begin req 131966 rxreq
- Timestamp Start: 1550735974.938916 0.000000 0.000000
- Timestamp Req: 1550735974.938916 0.000000 0.000000
- ReqStart 127.0.0.1 55402
- ReqMethod GET
- ReqURL /
- ReqProtocol HTTP/1.1
- ReqHeader X-Real-IP: 141.101.98.131
- ReqHeader X-Forwarded-For: 94.200.42.14, 141.101.98.131
- ReqHeader X-Forwarded-Proto: https
- ReqHeader X-Forwarded-Port: 443
- ReqHeader Host: blog.somedomain.com
- ReqHeader Connection: close
- ReqHeader Accept-Encoding: gzip
- ReqHeader CF-RAY: 4ac7aca19feebc0e-LHR
- ReqHeader CF-Visitor: {"scheme":"https"}
- ReqHeader pragma: no-cache
- ReqHeader cache-control: no-cache
- ReqHeader upgrade-insecure-requests: 1
- ReqHeader user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
- ReqHeader accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
- ReqHeader accept-language: en-US,en;q=0.9
- ReqHeader CF-Connecting-IP: 94.200.42.14
- ReqHeader CDN-Loop: cloudflare
- ReqUnset X-Forwarded-For: 94.200.42.14, 141.101.98.131
- ReqHeader X-Forwarded-For: 94.200.42.14, 141.101.98.131, 127.0.0.1
- VCL_call RECV
- ReqUnset Host: blog.somedomain.com
- ReqHeader Host: blog.somedomain.com
- ReqUnset X-Forwarded-For: 94.200.42.14, 141.101.98.131, 127.0.0.1
- ReqHeader X-Forwarded-For: 94.200.42.14, 141.101.98.131, 127.0.0.1, 127.0.0.1
- ReqHeader Cookie:
- ReqUnset Cookie:
- ReqHeader Cookie:
- ReqUnset Cookie:
- ReqHeader Cookie:
- ReqUnset Cookie:
- ReqHeader Cookie:
- ReqUnset Cookie:
- ReqHeader Cookie:
- ReqUnset Cookie:
- ReqHeader Cookie:
- ReqUnset Cookie:
- ReqHeader Cookie:
- ReqUnset Cookie:
- ReqHeader Cookie:
- ReqUnset Cookie:
- ReqHeader Cookie:
- ReqUnset Cookie:
- ReqHeader Cookie:
- ReqUnset Cookie:
- ReqHeader Cookie:
- ReqUnset Cookie:
- ReqHeader Cookie:
- ReqUnset Cookie:
- ReqHeader Cookie:
- ReqUnset Cookie:
- ReqHeader Cookie:
- ReqUnset Cookie:
- ReqHeader Cookie:
- ReqUnset Cookie:
- ReqURL /
- VCL_return hash
- VCL_call HASH
- VCL_return lookup
- Hit 98349
- VCL_call HIT
- VCL_return deliver
- RespProtocol HTTP/1.1
- RespStatus 200
- RespReason OK
- RespHeader Server: nginx/1.10.3 (Ubuntu)
- RespHeader Date: Wed, 20 Feb 2019 20:13:04 GMT
- RespHeader Content-Type: text/html; charset=UTF-8
- RespHeader Last-Modified: Wed, 20 Feb 2019 18:49:29 GMT
- RespHeader Content-Encoding: gzip
- RespHeader Vary: Accept-Encoding
- RespHeader Referrer-Policy: no-referrer-when-downgrade
- RespHeader Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
- RespHeader Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
- RespHeader cache-control: max-age=900
- RespHeader magicmarker: 1
- RespHeader X-Varnish: 131967 98349
- RespHeader Age: 42390
- RespHeader Via: 1.1 varnish-v4
- VCL_call DELIVER
- RespHeader X-Cache: HIT
- RespHeader X-Cache-Hits: 2
- RespUnset Server: nginx/1.10.3 (Ubuntu)
- RespUnset X-Varnish: 131967 98349
- RespUnset Age: 42390
- RespUnset Via: 1.1 varnish-v4
- RespUnset magicmarker: 1
- RespHeader age: 0
- VCL_return deliver
- Timestamp Process: 1550735974.939009 0.000093 0.000093
- RespHeader Accept-Ranges: bytes
- RespHeader Content-Length: 28646
- Debug "RES_MODE 2"
- RespHeader Connection: close
- Timestamp Resp: 1550735974.939084 0.000168 0.000075
- ReqAcct 646 0 646 514 28646 29160
- End
有人可以帮助我在这种情况下进行调试吗?
答案 0 :(得分:1)
对此没有什么奇怪的。
在常规的Chrome会话中,您发送的是一些Cookie,而隐身会话则从不发送。
提供的VCL使用不太理想的方法来剥离与后端无关的已知Cookie(WordPress)。
这很不好的原因是,一旦添加了这个或那个插件,或者甚至是您无法真正控制的Javascript跟踪内容,它们可能会引入越来越多的需要删除的cookie。在这种情况下,我看到您的Chrome发送了__zlcmid
,但是在VCL中没有相同的剥离代码。可能还有更多,因为varnishlog
的Cookie的边被修剪为; PHPS
...
一种更好的方法是将cookie列入白名单,即删除所有 cookie,除了Wordpress已知的cookie。