Varnish configuration for Wordpress

wordpress.vcl

## A varnish vcl file for WordPress, serves cached pages to not-logged in users

director apps random {
    { .backend = { .host = "127.0.0.1"; .port = "http"; } .weight = 1; } 
}

acl purge {
    "localhost";
}

sub vcl_recv {
    set req.backend = apps;

    # Supporting PURGE
    if (req.request == "PURGE") {
        if (!client.ip ~ purge) {
            error 405 "Not allowed.";
        }
        purge("req.url ~ " req.url " && req.http.host == " req.http.host);
        error 200 "Purged.";
    }

    # Normalize Content-Encoding
    if (req.http.Accept-Encoding) {
        if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|lzma|tbz)(\?.*|)$") {
            remove req.http.Accept-Encoding;
        } elsif (req.http.Accept-Encoding ~ "gzip") {
            set req.http.Accept-Encoding = "gzip";
        } elsif (req.http.Accept-Encoding ~ "deflate") {
            set req.http.Accept-Encoding = "deflate";
        } else {
            remove req.http.Accept-Encoding;
        }
    }

    # Remove cookies and query string for real static files
    if (req.url ~ "^/[^?]+\.(jpeg|jpg|png|gif|ico|js|css|txt|gz|zip|lzma|bz2|tgz|tbz|html|htm)(\?.*|)$") {
      return(lookup);
    }

    # Remove cookies from front page
    if (req.url ~ "^/$") {
       unset req.http.cookie;
    }

    # We only care about the wordpress cookies, don't cache them
    if (req.http.Cookie && req.http.Cookie ~ "(wordpress_logged_in|comment_.*)") {
       return(pass);
    }

    # Don't cache wordpress or vbulletin urls
    if(req.url ~ "^/(wp-|forum)") {
       return(pass);
    } else {
       unset req.http.cookie;
    }
}


sub vcl_fetch {
    set beresp.grace = 5m;

    # Varnish determined the object was not cacheable
    if (!beresp.cacheable) {
        set beresp.http.X-Cacheable = "NO";
    } else {
        set beresp.http.X-Cacheable = "YES";
    }

    if (req.url ~ "^/$") {
        set beresp.ttl = 10m;
        unset beresp.http.set-cookie;
    }
}

sub vcl_deliver {
    if (obj.hits > 0) {
        set resp.http.X-Cache = "HIT";
    } else {
        set resp.http.X-Cache = "MISS";
    }

    if(req.http.Cookie) {
       set resp.http.X-Cookie = req.http.Cookie;
    } else {
       set resp.http.X-Cookie = "NONE";
    }

    return(deliver);
}

sub vcl_hit {
    if (!obj.cacheable) {
        return(pass);
    }

    if (req.http.Cache-Control ~ "no-cache") {
        # Ignore requests via proxy caches,  IE users and badly behaved crawlers
        # like msnbot that send no-cache with every request.
        if (! (req.http.Via || req.http.User-Agent ~ "bot|MSIE")) {
            set obj.ttl = 0s;
            return (restart);
        }
    }

    return(deliver);
}

sub vcl_pass {
    #make sure we have the correct ip in x-forwarded-for
    if (req.http.X-Forwarded-For) {
         set bereq.http.X-Forwarded-For = req.http.X-Forwarded-For;
    } else {
        set bereq.http.X-Forwarded-For = regsub(client.ip, ":.*", "");
    }
}

sub vcl_hash {
  # these 2 entries are the default ones used for vcl. Below we add our own.
  set req.hash += req.url;
  set req.hash += req.http.host;

  if (req.http.user-agent ~ "(?i)palm|blackberry|nokia|phone|midp|mobi|symbian|chtml|ericsson|minimo|audiovox|motorola|samsung|telit|upg2|windows ce|ucweb|astel|plucker|x320|x240|j2me|sgh|portable|spri
nt|docomo|kddi|softbank|android|mmp|pdxgw|netfront|xiino|vodafone|portalmmm|sagem|mot-|sie-|ipod|up\\.b|webos|amoi|novarra|cdm|alcatel|pocket|iphone|mobileexplorer|mobile" && !(req.http.user-agent ~ "(
?i)ipad")) {
    set req.hash += "mobile";
  }

  return(hash);
}