2

After configuring Magento 2 under SSL on every page successfully (HTTPS everywhere - Magento 2) I have found a problem on SSL since why I open this question.

If I enable SSL with NGINX as a Proxy I loose cache on the whole website. I suspect the problem is in the VCL configuration file but I cannot find the error.

My setup:

  1. Server 01 --> Varnish + Nginx --> 192.168.1.22 Varnish is configured to listen on port 80

  2. Server 02 --> Apache + MySQL --> 192.168.1.20 Apache is configured to listen on port 8080

Varnish configuration

vcl 4.0;
import std;
# The minimal Varnish version is 4.0
backend default {
 .host = "192.168.1.20";
 .port = "8080";
}
acl purge {
 "192.168.1.20";
}
sub vcl_recv {
 if (req.method == "PURGE") {
 if (client.ip !~ purge) {
 return (synth(405, "Method not allowed"));
 }
 if (!req.http.X-Magento-Tags-Pattern) {
 return (synth(400, "X-Magento-Tags-Pattern header required"));
 }
 ban("obj.http.X-Magento-Tags ~ " + req.http.X-Magento-Tags-Pattern);
 return (synth(200, "Purged"));
 }
 if (req.method != "GET" &&
 req.method != "HEAD" &&
 req.method != "PUT" &&
 req.method != "POST" &&
 req.method != "TRACE" &&
 req.method != "OPTIONS" &&
 req.method != "DELETE") {
 /* Non-RFC2616 or CONNECT which is weird. */
 return (pipe);
 }
 # We only deal with GET and HEAD by default
 if (req.method != "GET" && req.method != "HEAD") {
 return (pass);
 }
 # Bypass shopping cart and checkout requests
 if (req.url ~ "/checkout") {
 return (pass);
 }
 # normalize url in case of leading HTTP scheme and domain
 set req.url = regsub(req.url, "^http[s]?://", "");
 # collect all cookies
 std.collect(req.http.Cookie);
 # static files are always cacheable. remove SSL flag and cookie
 if (req.url ~ "^/(pub/)?(media|static)/.*\.(ico|css|js|jpg|jpeg|png|gif|tiff|bmp|mp3|ogg|svg|swf|woff|woff2|eot|ttf|otf)$") {
 unset req.http.Https;
 unset req.http.Cookie;
 }
 return (hash);
}
sub vcl_hash {
 if (req.http.cookie ~ "X-Magento-Vary=") {
 hash_data(regsub(req.http.cookie, "^.*?X-Magento-Vary=([^;]+);*.*$", "1円"));
 }
}
sub vcl_backend_response {
 if (beresp.http.content-type ~ "text") {
 set beresp.do_esi = true;
 }
 if (bereq.url ~ "\.js$" || beresp.http.content-type ~ "text") {
 set beresp.do_gzip = true;
 }
 # cache only successfully responses and 404s
 if (beresp.status != 200 && beresp.status != 404) {
 set beresp.ttl = 0s;
 set beresp.uncacheable = true;
 return (deliver);
 } elsif (beresp.http.Cache-Control ~ "private") {
 set beresp.uncacheable = true;
 set beresp.ttl = 86400s;
 return (deliver);
 }
 if (beresp.http.X-Magento-Debug) {
 set beresp.http.X-Magento-Cache-Control = beresp.http.Cache-Control;
 }
 # validate if we need to cache it and prevent from setting cookie
 # images, css and js are cacheable by default so we have to remove cookie also
 if (beresp.ttl > 0s && (bereq.method == "GET" || bereq.method == "HEAD")) {
 unset beresp.http.set-cookie;
 if (bereq.url !~ "\.(ico|css|js|jpg|jpeg|png|gif|tiff|bmp|gz|tgz|bz2|tbz|mp3|ogg|svg|swf|woff|woff2|eot|ttf|otf)(\?|$)") {
 set beresp.http.Pragma = "no-cache";
 set beresp.http.Expires = "-1";
 set beresp.http.Cache-Control = "no-store, no-cache, must-revalidate, max-age=0";
 set beresp.grace = 1m;
 }
 }
 return (deliver);
}
sub vcl_deliver {
 if (resp.http.X-Magento-Debug) {
 if (resp.http.x-varnish ~ " ") {
 set resp.http.X-Magento-Cache-Debug = "HIT";
 } else {
 set resp.http.X-Magento-Cache-Debug = "MISS";
 }
 } else {
 unset resp.http.Age;
 }
}

Nginx configuration

server {
 listen 443 ssl; 
 server_name magentotest.devcom;
 ssl_certificate /etc/ssl/certs/nginx.crt;
 ssl_certificate_key /etc/ssl/certs/nginx.key;
 location / {
 proxy_pass http://127.0.0.1:80;
 proxy_set_header X-Real-IP $remote_addr;
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 proxy_set_header X-Forwarded-Proto https;
 proxy_set_header X-Forwarded-Port 443;
 proxy_set_header Host $host;
 }
}
asked May 26, 2016 at 10:04
3
  • change 127.0.0.1 to something different Commented May 26, 2016 at 14:10
  • I changed to proxy_pass 192.168.1.22:80; but nothing change, content is still not cached Commented May 27, 2016 at 13:07
  • I also tried the configuration reported on GitHub github.com/fballiano/docker-nginx-ssl-for-magento2/blob/master/… I really don't understand why Varnish doesn't cache Nginx requests. If I disable NGINX SSL and visit the website on port 80 all requests on second visit are cached, but if I visit the website on SSL nothing is cached. Commented May 28, 2016 at 21:56

1 Answer 1

0

Your Nginx Config is....

enter image description here

Using the nginx's test certificate is not cached in browser.

The cache works properly only if you use a formal certificate, such as let's encrypt.

After applying the official certificate to nginx, if you test your browser, you can see that it becomes a disk cache right away. enter image description here

answered Mar 13, 2023 at 7:09

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.