I am working on a wordpress site with varnish configs setup.for security concern i use ithemes security plugin and activated the hide wp-login and added a custom login url.my custom url is mysite.com/secret-login
So when i use this url to login to wp-admin
ERROR: Cookies are blocked or not supported by your browser. You must
enable cookies to use WordPress.
is getting.
So I contacted the plugin owner and this is what he has to say
The issue is likely caused by your Varnish config. The config is
likely set to allow and recognize cookies when the URL matches
wp-login or wp-admin while dropping cookies elsewhere.
So I will have to edit my varnish config.But I have no idea how it should be configured to match the above.
Here is my dafault.vcl varnish
vcl 4.0;
backend default {
.host = "127.0.0.1";
.port = "8080";
.connect_timeout = 600s;
.first_byte_timeout = 600s;
.between_bytes_timeout = 600s;
}
backend master {
.host = "127.0.0.1";
.port = "8080";
}
acl purge {
"localhost";
}
sub vcl_recv {
if (req.method == "PURGE") {
if (!client.ip ~ purge) {
return(synth(405, "Not allowed."));
}
return(hash);
}
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
### do not cache these files:
##never cache the admin pages, or the server-status page
if (req.url ~ "wp-(admin|login)" || req.http.Content-Type ~ "multipart/form-data")
{
set req.backend_hint = master;
return(pass);
}
## always cache these images & static assets
if (req.method == "GET" && req.url ~ ".(css|js|gif|jpg|jpeg|bmp|png|ico|img|tga|wmf)$") {
unset req.http.cookie;
return(hash);
}
if (req.method == "GET" && req.url ~ "(xmlrpc.php|wlmanifest.xml)") {
unset req.http.cookie;
return(hash);
}
#never cache POST requests
if (req.method == "POST")
{
return(pass);
}
#DO cache this ajax request
if(req.http.X-Requested-With == "XMLHttpRequest" && req.url ~ "recent_reviews")
{
return (hash);
}
#dont cache ajax requests
if(req.http.X-Requested-With == "XMLHttpRequest" || req.url ~ "nocache" || req.url ~ "(control.php|wp-comments-post.php|wp-login.php|bb-login.php|bb-reset-password.php|register.php)")
{
return (pass);
}
if (req.http.Cookie && req.http.Cookie ~ "wordpress_") {
set req.http.Cookie = regsuball(req.http.Cookie, "wordpress_test_cookie=", "; wpjunk=");
}
### don't cache authenticated sessions
if (req.http.Cookie && req.http.Cookie ~ "(wordpress_|PHPSESSID)") {
return(pass);
}
### parse accept encoding rulesets to make it look nice
if (req.http.Accept-Encoding) {
if (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
} elsif (req.http.Accept-Encoding ~ "deflate") {
set req.http.Accept-Encoding = "deflate";
} else {
# unkown algorithm
unset req.http.Accept-Encoding;
}
}
if (req.http.Cookie)
{
set req.http.Cookie = ";" + req.http.Cookie;
set req.http.Cookie = regsuball(req.http.Cookie, "; +", ";");
set req.http.Cookie = regsuball(req.http.Cookie, ";(vendor_region|PHPSESSID|themetype2)=", "; 1=");
set req.http.Cookie = regsuball(req.http.Cookie, ";[^ ][^;]*", "");
set req.http.Cookie = regsuball(req.http.Cookie, "^[; ]+|[; ]+$", "");
if (req.http.Cookie == "") {
unset req.http.Cookie;
}
}
if (req.url ~ "^/$") {
unset req.http.cookie;
}
return(hash);
}
sub vcl_miss {
if (req.method == "PURGE") {
return (synth(404, "Not in cache."));
}
if (!(req.url ~ "wp-(login|admin)")) {
unset req.http.cookie;
}
if (req.url ~ "^/[^?]+.(jpeg|jpg|png|gif|ico|js|css|txt|gz|zip|lzma|bz2|tgz|tbz|html|htm)(?.|)$") {
unset req.http.cookie;
set req.url = regsub(req.url, "?.$", "");
}
if (req.url ~ "^/$") {
unset req.http.cookie;
}
}
sub vcl_backend_response {
if (bereq.url ~ "^/$") {
unset beresp.http.set-cookie;
}
if (!(bereq.url ~ "wp-(login|admin)")) {
unset beresp.http.set-cookie;
}
if (bereq.method == "PURGE") {
set beresp.ttl = 0s;
}
}
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
} else {
set resp.http.X-Cache = "MISS";
}
}
Please suggest me to configure it and work.
if ( !( req.url ~ ^/secret-login/) ) {
unset req.http.Cookie;
}
Will the above code work ? but i dont know where exactly i should add this.Please help
added as follows and it worked
inside
and
Worked !!