The Problem of having Varnish in front of Nginx or Apache is that Basic HTTP Authentication requests will be cached once you logged in. So every successful login session applys to all other clients also who visit your website. That is what we don’t want and might be in some situations a security risk.
So to passthrough HTTP Authorization requests without caching them, we need to add one more acl rule.
Simply extend your sub vcl_recv section with following code snippet:
# dont cache httpauth
if (req.http.Authorization || req.http.Authenticate) {
return(pass);
}
and restart your varnish instance then all should be fine!
HTTP/2 SSL Offloading with Hitch and Varnish Since Chrome browsers showing you insecure warning on…
File changed as we read it GlusterFS issue Recently i had trouble running Backups of…
Running multiple instances of varnish using systemd If you have not yet found a complete…
HTTP/2 SSL Offloading with Haproxy and Nginx After HTTP/2 becoming more an more prominent regarding SSL…
Get Real IP with Haproxy Tomcat Jira Confluence using x-forwarded-for Everyone knows the Problem. Get…
Review TDS2 How to backtest using tick data with Metatrader 4 in this Review TDS2…
This website uses cookies.