# Auto Generated Varnish Configuration
# Copyright(c)Eenos
# Build time : ${time}
# Domain : ${servername}

sub vcl_recv {
        # Set the backend 
        if (${vhostdata}) {
            set req.backend_hint = ip_${iphash}; 
        
            # Remove empty query string parameters        
            if (req.url ~ "\?$") {
                set req.url = regsub(req.url, "\?$", "");
            }

            # Sorts query string parameters alphabetically for cache normalization purposes
            set req.url = std.querysort(req.url);

            # Remove the proxy header to mitigate the httpoxy vulnerability      
            unset req.http.proxy;
            # Add X-Forwarded-Proto header when using https
            if (!req.http.X-Forwarded-Proto) {
                if(std.port(server.ip) == 443 || proxy.is_ssl()) {
                    set req.http.X-Forwarded-Proto = "https";
                } else {
                    set req.http.X-Forwarded-Proto = "http";
                }
            }
            # Only handle relevant HTTP request methods
            if (
                req.method != "GET" &&
                req.method != "HEAD" &&
                req.method != "PUT" &&
                req.method != "POST" &&
                req.method != "PATCH" &&
                req.method != "TRACE" &&
                req.method != "OPTIONS" &&
                req.method != "DELETE"
            ) {
                return (pipe);
            }
            # Only cache GET and HEAD requests
            if (req.method != "GET" && req.method != "HEAD") {
                set req.http.X-Cacheable = "NO:REQUEST-METHOD";
                return(pass);
            }
            # Mark static files with the X-Static-File header, and remove any cookies
            # X-Static-File is also used in vcl_backend_response to identify static files
            if (req.url ~ "^[^?]*\.(7z|avi|bmp|bz2|css|csv|doc|docx|eot|flac|flv|gif|gz|ico|jpeg|jpg|js|less|mka|mkv|mov|mp3|mp4|mpeg|mpg|odt|ogg|ogm|opus|otf|pdf|png|ppt|pptx|rar|rtf|svg|svgz|swf|tar|tbz|tgz|ttf|txt|txz|wav|webm|webp|woff|woff2|xls|xlsx|xml|xz|zip)(\?.*)?$") {
                set req.http.X-Static-File = "true";                
                unset req.http.Cookie;
                return(hash);                
            }
            # No caching of special URLs, logged in users and some plugins
            if (
                req.http.Cookie ~ "wordpress_(?!test_)[a-zA-Z0-9_]+|wp-postpass|comment_author_[a-zA-Z0-9_]+|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_[a-zA-Z0-9]+|wordpress_logged_in_|comment_author|PHPSESSID" ||
                req.http.Authorization ||
                req.url ~ "add_to_cart" ||
                req.url ~ "edd_action" ||
                req.url ~ "nocache" ||
                req.url ~ "^/addons" ||
                req.url ~ "^/bb-admin" ||
                req.url ~ "^/bb-login.php" ||
                req.url ~ "^/bb-reset-password.php" ||
                req.url ~ "^/cart" ||
                req.url ~ "^/checkout" ||
                req.url ~ "^/control.php" ||
                req.url ~ "^/login" ||
                req.url ~ "^/logout" ||
                req.url ~ "^/lost-password" ||
                req.url ~ "^/my-account" ||
                req.url ~ "^/product" ||
                req.url ~ "^/register" ||
                req.url ~ "^/register.php" ||
                req.url ~ "^/server-status" ||
                req.url ~ "^/signin" ||
                req.url ~ "^/signup" ||
                req.url ~ "^/stats" ||
                req.url ~ "^/wc-api" ||
                req.url ~ "^/wp-admin" ||
                req.url ~ "^/wp-comments-post.php" ||
                req.url ~ "^/wp-cron.php" ||
                req.url ~ "^/wp-login.php" ||
                req.url ~ "^/wp-activate.php" ||
                req.url ~ "^/wp-mail.php" ||
                req.url ~ "^/wp-login.php" ||
                req.url ~ "^\?add-to-cart=" ||
                req.url ~ "^\?wc-api=" ||
                req.url ~ "^/preview=" ||
                req.url ~ "^/\.well-known/acme-challenge/"
            ) {
                set req.http.X-Cacheable = "NO:Logged in/Got Sessions";
                if(req.http.X-Requested-With == "XMLHttpRequest") {
                    set req.http.X-Cacheable = "NO:Ajax";
                }
                return(pass);
            }           
            # Remove any cookies left
            unset req.http.Cookie;
            return(hash);
    }
}

sub vcl_hash {
    if (${vhostdata}) { 
        if(req.http.X-Forwarded-Proto) {
            # Create cache variations depending on the request protocol       
            hash_data(req.http.X-Forwarded-Proto);
        }       
    }
}

sub vcl_deliver {
    if (${vhostdata}) {
        # You can do accounting or modifying the final object here.
        if (obj.hits) { # Add debug header to see if it's a HIT/MISS and the number of hits, disable when not needed
            set resp.http.X-Cache = "HIT";
        } else {
            set resp.http.X-Cache = "MISS";
        }
        # Cleanup of headers
        unset resp.http.x-url;
        unset resp.http.x-host;   
        unset resp.http.x-powered-by;        
        return (deliver);
    }
}

# Bypass webmail , eenos etc,.
# Domain : mail.${servername}
sub vcl_recv {
    # Set the backend 
    if (req.http.host=="mail.${servername}" || req.http.host=="www.mail.${servername}" || req.http.host=="eenos.${servername}"){
        set req.backend_hint = ip_${iphash}; 
        return (pass);
    }
}
