Varnish/Apache issues

README.md

@@ -300,7 +300,6 @@ sudo /Library/StartupItems/VirtualBox/VirtualBox restart
 
 ## Changelog
 
-- v0.2.39 – Revert v0.2.37 (aa9e83f)
 - v0.2.38 – Move events to after `deploy:update_code` ([#82](https://github.com/genesis/wordpress/pull/82))
 - v0.2.37 – Fix isues with Varnish ([#62](https://github.com/genesis/wordpress/pull/62):
     - Cleaned up cookie logic in `production.vcl` (see #28, and 3fd9d0c)

package.json

@@ -1,7 +1,7 @@
 {
   "private": true,
   "name": "genesis-wordpress",
-  "version": "0.2.39",
+  "version": "0.2.33",
   "description": "Libraries for a multi-staged WordPress workflow with Vagrant",
   "main": "generator/app/index.js",
   "dependencies": {

provisioning/roles/common/templates/prefork.conf

@@ -44,8 +44,8 @@
     {% set _apache_max_clients = apache_settings.max_clients %}
 {%- else -%}
     {% set _apache_max_clients = ((ansible_memtotal_mb - _memory_system - _memory_mysql) / (_memory_php|int/2)) | round(method='ceil') | int %}
-    {%- if ansible_processor_vcpus > _apache_max_clients -%}
-        {% set _apache_max_clients = ansible_processor_vcpus %}
+    {%- if _apache_max_clients < 5 -%}
+        {% set _apache_max_clients = 5 %}
     {%- endif -%}
 {%- endif -%}
 

provisioning/roles/varnish/files/etc-default-varnish

@@ -38,7 +38,7 @@ VARNISH_STORAGE_SIZE=512M
 VARNISH_SECRET_FILE=/etc/varnish/secret
 
 # Backend storage specification
-VARNISH_STORAGE="malloc,${VARNISH_STORAGE_SIZE}"
+VARNISH_STORAGE="file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}"
 
 # Default TTL used when the backend does not specify one
 VARNISH_TTL=120

provisioning/roles/varnish/files/etc-varnish/conf.d/receive/wordpress.vcl

@@ -1,21 +1,20 @@
-# Pass all local or login/admin requests straight through
-if (req.http.Host ~ "^local\." || (req.url ~ "wp-(login|admin)")) {
+# Pass all login requests straight through
+if (req.url ~ "wp-login") {
     return (pass);
 }
-
-if (req.http.Cookie ~ "^wp-" || req.http.Cookie ~ "^wordpress_") {
-  return (pass);
+# Pipe all admin requests directly
+if (req.url ~ "wp-admin") {
+    return (pipe);
 }
 
-# Drop any cookies sent to Wordpress.
-if (!(req.url ~ "wp-(login|admin)")) {
-    unset req.http.Cookie;
+# Pass all requests containing a wp- or wordpress_ cookie
+# (meaning NO caching for logged in users)
+if (req.http.Cookie ~ "^([^;]+;\s*)*?(wp-|wordpress_)") {
+  return (pass);
 }
 
-# Anything else left?
-if (!req.http.Cookie) {
-    unset req.http.Cookie;
-}
+# Drop *all* cookies sent to Wordpress, if we've gotten this far
+unset req.http.Cookie;
 
 # Try a cache-lookup
 return (lookup);

provisioning/roles/varnish/files/etc-varnish/production.vcl

@@ -94,28 +94,9 @@ sub vcl_recv {
     #
 
     # Some generic cookie manipulation, useful for all templates that follow
-    # Remove the "has_js" cookie
-    set req.http.Cookie = regsuball(req.http.Cookie, "has_js=[^;]+(; )?", "");
 
-    # Remove any Satallite cookies
-    set req.http.Cookie = regsuball(req.http.Cookie, "__gaid=[^;]+(; )?", "");
-    set req.http.Cookie = regsuball(req.http.Cookie, "_sdsat_[^=]+=[^;]+(; )?", "");
-
-    # Remove any Google Analytics based cookies
-    set req.http.Cookie = regsuball(req.http.Cookie, "__utm.=[^;]+(; )?", "");
-    set req.http.Cookie = regsuball(req.http.Cookie, "_ga=[^;]+(; )?", "");
-    set req.http.Cookie = regsuball(req.http.Cookie, "utmctr=[^;]+(; )?", "");
-    set req.http.Cookie = regsuball(req.http.Cookie, "utmcmd.=[^;]+(; )?", "");
-    set req.http.Cookie = regsuball(req.http.Cookie, "utmccn.=[^;]+(; )?", "");
-
-    # Remove any Cloudflare cookies
-    set req.http.Cookie = regsuball(req.http.Cookie, "__cfduid=[^;]+(; )?", "");
-
-    # Remove the Quant Capital cookies (added by some plugin, all __qca)
-    set req.http.Cookie = regsuball(req.http.Cookie, "__qc.=[^;]+(; )?", "");
-
-    # Remove the AddThis cookies
-    set req.http.Cookie = regsuball(req.http.Cookie, "__atuvc=[^;]+(; )?", "");
+    # Remove any '_' prefixed cookies
+    set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)_[^=]+=[^;]*", "");
 
     # Remove a ";" prefix in the cookie if present
     set req.http.Cookie = regsuball(req.http.Cookie, "^;\s*", "");
@@ -148,10 +129,10 @@ sub vcl_recv {
     # A valid discussion could be held on this line: do you really need to cache static files that don't cause load? Only if you have memory left.
     # Sure, there's disk I/O, but chances are your OS will already have these files in their buffers (thus memory).
     # Before you blindly enable this, have a read here: http://mattiasgeniar.be/2012/11/28/stop-caching-static-files/
-    if (req.url ~ "^[^?]*\.(bmp|bz2|css|doc|eot|flv|gif|gz|ico|jpeg|jpg|js|less|mp[34]|pdf|png|rar|rtf|swf|tar|tgz|txt|wav|woff|xml|zip)(\?.*)?$") {
-        unset req.http.Cookie;
-        return (lookup);
-    }
+    # if (req.url ~ "^[^?]*\.(bmp|bz2|css|doc|eot|flv|gif|gz|ico|jpeg|jpg|js|less|mp[34]|pdf|png|rar|rtf|swf|tar|tgz|txt|wav|woff|xml|zip)(\?.*)?$") {
+    #     unset req.http.Cookie;
+    #     return (lookup);
+    # }
 
     # Send Surrogate-Capability headers to announce ESI support to backend
     set req.http.Surrogate-Capability = "key=ESI/1.0";
@@ -245,9 +226,9 @@ sub vcl_fetch {
     # Enable cache for all static files
     # The same argument as the static caches from above: monitor your cache size, if you get data nuked out of it, consider giving up the static file cache.
     # Before you blindly enable this, have a read here: http://mattiasgeniar.be/2012/11/28/stop-caching-static-files/
-    if (req.url ~ "^[^?]*\.(bmp|bz2|css|doc|eot|flv|gif|gz|ico|jpeg|jpg|js|less|mp[34]|pdf|png|rar|rtf|swf|tar|tgz|txt|wav|woff|xml|zip)(\?.*)?$") {
-        unset beresp.http.set-cookie;
-    }
+    # if (req.url ~ "^[^?]*\.(bmp|bz2|css|doc|eot|flv|gif|gz|ico|jpeg|jpg|js|less|mp[34]|pdf|png|rar|rtf|swf|tar|tgz|txt|wav|woff|xml|zip)(\?.*)?$") {
+    #     unset beresp.http.set-cookie;
+    # }
 
     # Sometimes, a 301 or 302 redirect formed via Apache's mod_rewrite can mess with the HTTP port that is being passed along.
     # This often happens with simple rewrite rules in a scenario where Varnish runs on :80 and Apache on :8080 on the same box.