清漆 Wordpress SSL Apache

Question

我正在使用 wordpress，我需要网页加速器。

我有 SSL，我决定安装 Varnish。

配置看起来像这样

请求 -> Apache (:443) -> Varnish (:80) -> Apache (:8080)。

一切正常，页面显示正确，我的标题是：

Accept-Ranges    bytes
Age  0
Connection   Keep-Alive
Content-Encoding    gzip
Content-Length  19699
Content-Type    text/html; charset=UTF-8
Date    Thu, 29 Nov 2018 21:11:24 GMT
Keep-Alive  timeout=5, max=100
Link    <https://.../>; rel="https://api.w.org/"
Link    
<https://test.manufakturakawy.com/?p=1>; rel=shortlink
Server  Apache/2.4.18 (Ubuntu)
Vary    Accept-Encoding
Via 1.1 varnish-v4
X-Pingback  https://..../xmlrpc.php
X-Varnish   33072

问题是，“年龄”是 0。

我已经安装了 [plugin][1]，上面写着：

Cache Service   Varnish caching service is running but is unable to cache your site.

Default.vcl 文件几乎是标准的：

 vcl 4.0;

# Default backend definition. Set this to point to your content server.
backend default {
    .host = "127.0.0.1";
    .port = "8080";
}

sub vcl_recv {
    # Happens before we check if we have this in cache already.
    #
    # Typically you clean up the request here, removing cookies you don't need,
    # rewriting the request, etc.


}

sub vcl_backend_response {
    # Happens after we have read the response headers from the backend.
    #
    # Here you clean the response headers, removing silly Set-Cookie headers
    # and other mistakes your backend does.

if (beresp.ttl == 120s) {

    set beresp.ttl = 1h;

  }

}

sub vcl_deliver {
    # Happens when we have all the pieces we need, and are about to send the
    # response to the client.
    #
    # You can do accounting or modifying the final object here.
}



  [1]: https://wordpress.org/plugins/varnish-http-purge/

你能支持我吗，我错过了什么？

Answer 1

我为https://example.com 设置好了，但http://example.com 没有重定向到https://example.com

#/etc/httpd/conf.d/external-https.conf
<VirtualHost *:443>
        ServerName example.com
        ErrorLog              /var/log/httpd/external-https_error.log
        CustomLog             /var/log/httpd/external-https_access.log combined

        SSLEngine on
        SSLCertificateFile /etc/pki/tls/certs/example.com.crt
        SSLCertificateKeyFile /etc/pki/tls/certs/example.com.key

        ProxyPreserveHost       On
        RequestHeader set X-Forwarded-Port "443"
        RequestHeader set X-Forwarded-Proto "https"
        ProxyPass               / http://127.0.0.1:80/
        ProxyPassReverse        / http://127.0.0.1:80/
</VirtualHost>

#/etc/httpd/conf.d/internal-http.conf
<VirtualHost 127.0.0.1:8080>
        SetEnvIf X-Forwarded-Proto https HTTPS=on
        ServerName    example.com
        DocumentRoot  /var/www/html/example
        ErrorLog      /var/log/httpd/internal-http_error.log
        CustomLog     /var/log/httpd/internal-http_access.log combined
</VirtualHost>

CentOS 7 上的 Apache 版本 2.4.6

Apache 监听 8080 端口

清漆版本 5.2

• 清漆后端监听 8080 (vi /etc/varnish/default.vcl)
• 清漆参数监听 80 (vi /etc/varnish/varnish.params)

您可以阅读详细表格 https://bash-prompt.net/guides/apache-varnish/

Answer 2

此更新会将http://example.com 重定向到https://example.com

#vi /etc/varnish/default.vcl
sub vcl_recv {
        if (req.http.host ~ "^(www\.)?example\.com$" && req.http.X-Forwarded-Proto !~ "(?i)https") {
                return (synth(750, ""));
        }
}
sub vcl_synth {
    if (resp.status == 750) {
        set resp.status = 301;
        set resp.http.Location = "https://" + req.http.host + req.url;
        return(deliver);
    }
}

sub vcl_hash {
    if (req.http.X-Forwarded-Proto) {
        hash_data(req.http.X-Forwarded-Proto);
    }
}