So here is my caddyfile :
# Domaine exemple.domaine.fr
exemple.domaine.fr {
# Port où Varnish écoute les requêtes
reverse_proxy 127.0.0.1:6081
}
:8061 {
root * /srv/www/exemple.domaine.fr/htdocs
encode zstd gzip
file_server
php_fastcgi unix//run/php-fpm/www.sock
}
My VCL file :
vcl 4.1;
import std;
import proxy;
import directors;
backend test {
.host = "127.0.0.1";
.port = "8060";
}
backend exemple {
.host = "127.0.0.1";
.port = "8061";
}
sub vcl_init {
}
sub vcl_recv {
if (req.http.host == "test.domaine.fr") {
set req.backend_hint = test;
} elseif (req.http.host == "exemple.domaine.fr") {
set req.backend_hint = exemple;
} else {
# Fallback to a default backend or return an error
return (synth(404, "Not Found"));
}
if (!req.http.X-Forwarded-Proto) {
if(std.port(server.ip) == 443 || proxy.is_ssl()) {
set req.http.X-Forwarded-Proto = "https";
} else {
set req.http.X-Forwarded-Proto = "http";
}
}
}
sub vcl_backend_response {
if (beresp.http.content-type ~ "text|javascript|json|svg+xml|icon|font" && beresp.http.content-type !~ "woff") {
set beresp.do_gzip = true;
}
/*
* Uncomment the following lines only if you've partitioned your Varnish
* backend storage into multiple stevedores as described above.
*
* This takes advantage of the fact that PHP sets an X-Powered-By header
* on its responses. If you've set `expose_php = Off' in your php.ini,
* you'll need to find some other criteria to differentiate dynamic from
* static requests. I recommend leaving it on and removing the header in
* this conditional (the commented line) if it worries you.
*
* If this is working properly, varnishstat will show separate SMA.dynamic
* and SMF.static key groups that change over time as requests are served.
*
if (beresp.http.x-powered-by) {
set beresp.storage_hint = "dynamic";
//unset beresp.http.x-powered-by;
}
else {
set beresp.storage_hint = "static";
}
*/
}
sub vcl_synth {
}
sub vcl_deliver {
# Finaliser la réponse avant de l'envoyer au client
}
And my debug log :
May 03 03:32:15 vps.net caddy[72057]: {"level":"debug","ts":1714699935.0950131,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"127.0.0.1:6081","total_upstreams":1}
May 03 03:32:15 vps.net caddy[72057]: {"level":"debug","ts":1714699935.095577,"logger":"http.handlers.rewrite","msg":"rewrote request","request":{"remote_ip":"127.0.0.1","remote_port":"54000","client_ip":"XXX.XXX.XXX.XXX","proto":"HTTP/1.1","method":"GET","host":"exemple.domaine.fr","uri":"/","headers":{"Accept-Encoding":["gzip, deflate, br, zstd"],"Sec-Ch-Ua-Platform":["\"Windows\""],"Sec-Fetch-User":["?1"],"X-Forwarded-Proto":["https"],"Sec-Fetch-Dest":["document"],"Upgrade-Insecure-Requests":["1"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"],"Accept-Language":["fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7"],"Cookie":[],"Sec-Ch-Ua-Mobile":["?0"],"Sec-Fetch-Mode":["navigate"],"X-Forwarded-Host":["exemple.domaine.fr"],"X-Forwarded-For":["XXX.XXX.XXX.XXX, 127.0.0.1"],"X-Varnish":["132"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Cache-Control":["max-age=0"],"Dnt":["1"],"Sec-Ch-Ua":["\"Google Chrome\";v=\"123\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\""],"Sec-Fetch-Site":["none"]}},"method":"GET","uri":"/index.php"}
May 03 03:32:15 vps.net caddy[72057]: {"level":"debug","ts":1714699935.095648,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"/run/php-fpm/www.sock","total_upstreams":1}
May 03 03:32:15 vps.net caddy[72057]: {"level":"debug","ts":1714699935.0957148,"logger":"http.reverse_proxy.transport.fastcgi","msg":"roundtrip","request":{"remote_ip":"127.0.0.1","remote_port":"54000","client_ip":"XXX.XXX.XXX.XXX","proto":"HTTP/1.1","method":"GET","host":"exemple.domaine.fr","uri":"/index.php","headers":{"Upgrade-Insecure-Requests":["1"],"Cookie":[],"X-Forwarded-For":["XXX.XXX.XXX.XXX, 127.0.0.1, 127.0.0.1"],"Sec-Fetch-Mode":["navigate"],"Accept-Encoding":["gzip, deflate, br, zstd"],"Sec-Fetch-Dest":["document"],"Cache-Control":["max-age=0"],"Dnt":["1"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"],"Accept-Language":["fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7"],"X-Forwarded-Host":["exemple.domaine.fr"],"X-Varnish":["132"],"Sec-Ch-Ua":["\"Google Chrome\";v=\"123\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\""],"X-Forwarded-Proto":["https"],"Sec-Ch-Ua-Mobile":["?0"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Sec-Fetch-Site":["none"],"Sec-Ch-Ua-Platform":["\"Windows\""],"Sec-Fetch-User":["?1"]}},"env":{"SERVER_NAME":"exemple.domaine.fr","DOCUMENT_ROOT":"/srv/www/exemple.domaine.fr/htdocs","DOCUMENT_URI":"/index.php","SERVER_PORT":"80","HTTP_SEC_FETCH_USER":"?1","HTTP_UPGRADE_INSECURE_REQUESTS":"1","HTTP_COOKIE":"","REQUEST_SCHEME":"http","HTTP_SEC_FETCH_DEST":"document","SCRIPT_NAME":"/index.php","HTTP_SEC_FETCH_MODE":"navigate","HTTP_ACCEPT_ENCODING":"gzip, deflate, br, zstd","HTTP_X_VARNISH":"132","REMOTE_IDENT":"","HTTP_SEC_CH_UA_MOBILE":"?0","HTTP_ACCEPT":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","HTTP_X_FORWARDED_FOR":"XXX.XXX.XXX.XXX, 127.0.0.1, 127.0.0.1","HTTP_DNT":"1","HTTP_USER_AGENT":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36","CONTENT_LENGTH":"","SCRIPT_FILENAME":"/srv/www/exemple.domaine.fr/htdocs/index.php","HTTP_SEC_CH_UA_PLATFORM":"\"Windows\"","QUERY_STRING":"","GATEWAY_INTERFACE":"CGI/1.1","REMOTE_PORT":"54000","REMOTE_USER":"","SERVER_PROTOCOL":"HTTP/1.1","SERVER_SOFTWARE":"Caddy/v2.7.6","REQUEST_URI":"/","HTTP_X_FORWARDED_HOST":"exemple.domaine.fr","AUTH_TYPE":"","HTTP_SEC_FETCH_SITE":"none","HTTP_SEC_CH_UA":"\"Google Chrome\";v=\"123\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\"","CONTENT_TYPE":"","REQUEST_METHOD":"GET","HTTP_CACHE_CONTROL":"max-age=0","HTTP_X_FORWARDED_PROTO":"https","PATH_INFO":"","REMOTE_HOST":"127.0.0.1","HTTP_HOST":"exemple.domaine.fr","HTTP_ACCEPT_LANGUAGE":"fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7","REMOTE_ADDR":"127.0.0.1"},"dial":"/run/php-fpm/www.sock","env":{"HTTP_DNT":"1","HTTP_USER_AGENT":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36","CONTENT_LENGTH":"","HTTP_SEC_CH_UA_MOBILE":"?0","HTTP_ACCEPT":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","HTTP_X_FORWARDED_FOR":"XXX.XXX.XXX.XXX, 127.0.0.1, 127.0.0.1","QUERY_STRING":"","SCRIPT_FILENAME":"/srv/www/exemple.domaine.fr/htdocs/index.php","HTTP_SEC_CH_UA_PLATFORM":"\"Windows\"","SERVER_PROTOCOL":"HTTP/1.1","SERVER_SOFTWARE":"Caddy/v2.7.6","REQUEST_URI":"/","HTTP_X_FORWARDED_HOST":"exemple.domaine.fr","AUTH_TYPE":"","GATEWAY_INTERFACE":"CGI/1.1","REMOTE_PORT":"54000","REMOTE_USER":"","CONTENT_TYPE":"","HTTP_SEC_FETCH_SITE":"none","HTTP_SEC_CH_UA":"\"Google Chrome\";v=\"123\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\"","PATH_INFO":"","REQUEST_METHOD":"GET","HTTP_CACHE_CONTROL":"max-age=0","HTTP_X_FORWARDED_PROTO":"https","REMOTE_ADDR":"127.0.0.1","REMOTE_HOST":"127.0.0.1","HTTP_HOST":"exemple.domaine.fr","HTTP_ACCEPT_LANGUAGE":"fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7","SERVER_PORT":"80","HTTP_SEC_FETCH_USER":"?1","HTTP_UPGRADE_INSECURE_REQUESTS":"1","HTTP_COOKIE":"","REQUEST_SCHEME":"http","SERVER_NAME":"exemple.domaine.fr","DOCUMENT_ROOT":"/srv/www/exemple.domaine.fr/htdocs","DOCUMENT_URI":"/index.php","HTTP_SEC_FETCH_DEST":"document","HTTP_X_VARNISH":"132","REMOTE_IDENT":"","SCRIPT_NAME":"/index.php","HTTP_SEC_FETCH_MODE":"navigate","HTTP_ACCEPT_ENCODING":"gzip, deflate, br, zstd"},"request":{"remote_ip":"127.0.0.1","remote_port":"54000","client_ip":"XXX.XXX.XXX.XXX","proto":"HTTP/1.1","method":"GET","host":"exemple.domaine.fr","uri":"/index.php","headers":{"Upgrade-Insecure-Requests":["1"],"Cookie":[],"X-Forwarded-For":["XXX.XXX.XXX.XXX, 127.0.0.1, 127.0.0.1"],"Sec-Fetch-Mode":["navigate"],"Accept-Encoding":["gzip, deflate, br, zstd"],"Sec-Fetch-Dest":["document"],"Cache-Control":["max-age=0"],"Dnt":["1"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"],"Accept-Language":["fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7"],"X-Forwarded-Host":["exemple.domaine.fr"],"X-Varnish":["132"],"Sec-Ch-Ua":["\"Google Chrome\";v=\"123\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\""],"X-Forwarded-Proto":["https"],"Sec-Ch-Ua-Mobile":["?0"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Sec-Fetch-Site":["none"],"Sec-Ch-Ua-Platform":["\"Windows\""],"Sec-Fetch-User":["?1"]}}}
May 03 03:32:15 vps.net caddy[72057]: {"level":"debug","ts":1714699935.1285634,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"unix//run/php-fpm/www.sock","duration":0.032876029,"request":{"remote_ip":"127.0.0.1","remote_port":"54000","client_ip":"XXX.XXX.XXX.XXX","proto":"HTTP/1.1","method":"GET","host":"exemple.domaine.fr","uri":"/index.php","headers":{"Accept-Language":["fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7"],"X-Forwarded-Host":["exemple.domaine.fr"],"X-Varnish":["132"],"Sec-Ch-Ua":["\"Google Chrome\";v=\"123\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\""],"X-Forwarded-Proto":["https"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Sec-Fetch-Site":["none"],"Sec-Ch-Ua-Platform":["\"Windows\""],"Sec-Fetch-User":["?1"],"Sec-Ch-Ua-Mobile":["?0"],"Cookie":[],"X-Forwarded-For":["XXX.XXX.XXX.XXX, 127.0.0.1, 127.0.0.1"],"Sec-Fetch-Mode":["navigate"],"Accept-Encoding":["gzip, deflate, br, zstd"],"Upgrade-Insecure-Requests":["1"],"Cache-Control":["max-age=0"],"Dnt":["1"],"Sec-Fetch-Dest":["document"]}},"headers":{"Content-Type":["text/html; charset=UTF-8"],"X-Redirect-By":["WordPress"],"Location":["https://exemple.domaine.fr/"],"Content-Encoding":["gzip"],"Vary":["Accept-Encoding"],"Status":["301 Moved Permanently"],"X-Powered-By":["PHP/8.2.18"]},"status":301}
May 03 03:32:15 vps.net caddy[72057]: {"level":"debug","ts":1714699935.1290314,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"127.0.0.1:6081","duration":0.033949211,"request":{"remote_ip":"XXX.XXX.XXX.XXX","remote_port":"49355","client_ip":"XXX.XXX.XXX.XXX","proto":"HTTP/2.0","method":"GET","host":"exemple.domaine.fr","uri":"/","headers":{"Accept-Language":["fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7"],"Sec-Ch-Ua-Mobile":["?0"],"Dnt":["1"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"],"Sec-Fetch-Mode":["navigate"],"Upgrade-Insecure-Requests":["1"],"Accept-Encoding":["gzip, deflate, br, zstd"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"X-Forwarded-Proto":["https"],"Sec-Fetch-User":["?1"],"Sec-Fetch-Dest":["document"],"Cache-Control":["max-age=0"],"Sec-Ch-Ua":["\"Google Chrome\";v=\"123\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\""],"Cookie":[],"Sec-Ch-Ua-Platform":["\"Windows\""],"X-Forwarded-Host":["exemple.domaine.fr"],"Sec-Fetch-Site":["none"],"X-Forwarded-For":["XXX.XXX.XXX.XXX"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"exemple.domaine.fr"}},"headers":{"Connection":["keep-alive"],"Status":["301 Moved Permanently"],"Vary":["Accept-Encoding"],"Age":["0"],"Via":["1.1 varnish (Varnish/6.6)"],"Content-Encoding":["gzip"],"Location":["https://exemple.domaine.fr/"],"Content-Length":["20"],"X-Varnish":["131"],"X-Powered-By":["PHP/8.2.18"],"Content-Type":["text/html; charset=UTF-8"],"Server":["Caddy"],"X-Redirect-By":["WordPress"],"Date":["Fri, 03 May 2024 01:32:15 GMT"]},"status":301}
A bit long…
EDIT :
Maybe the realtime varnish log can help, if i understand well there something wrong with HTTP and HTTPS : loop redirection ? or maybe because of Wordpress ? (- BerespHeader X-Redirect-By: WordPress)
- Begin bereq 172 pass
- VCL_use boot
- Timestamp Start: 1714700615.005516 0.000000 0.000000
- BereqMethod GET
- BereqURL /
- BereqProtocol HTTP/1.1
- BereqHeader Host: exemple.domaine.fr
- BereqHeader User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
- BereqHeader Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
- BereqHeader Accept-Encoding: gzip, deflate, br, zstd
- BereqHeader Accept-Language: fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7
- BereqHeader Cache-Control: max-age=0
- BereqHeader Cookie: remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989d=eyJpdiI6IjJwRDFBRjVJTlN3T3IwMDVlaFVaV1E9PSIsInZhbHVlIjoiQTZlWUZkVDdCU1QwOUt3QXJLTTRKSXRtampPakJ0NHdDQ0dJa01LRmdcL0ZUYmNLMUhodmUzSktMZVhqSnZzV1NcL1NQVVpZeStvWnZXRmZDVzlmS0Z3cVZUbDJ4TERueVBVRjZc
- BereqHeader Dnt: 1
- BereqHeader Sec-Ch-Ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
- BereqHeader Sec-Ch-Ua-Mobile: ?0
- BereqHeader Sec-Ch-Ua-Platform: "Windows"
- BereqHeader Sec-Fetch-Dest: document
- BereqHeader Sec-Fetch-Mode: navigate
- BereqHeader Sec-Fetch-Site: none
- BereqHeader Sec-Fetch-User: ?1
- BereqHeader Upgrade-Insecure-Requests: 1
- BereqHeader X-Forwarded-Host: exemple.domaine.fr
- BereqHeader X-Forwarded-Proto: https
- BereqHeader X-Forwarded-For: XXX.XXX.XXX.XXX, 127.0.0.1
- BereqHeader X-Varnish: 173
- VCL_call BACKEND_FETCH
- VCL_return fetch
- Timestamp Fetch: 1714700615.005537 0.000020 0.000020
- Timestamp Connected: 1714700615.005540 0.000023 0.000003
- BackendOpen 27 exemple 127.0.0.1 8061 127.0.0.1 55222 reuse
- Timestamp Bereq: 1714700615.005589 0.000072 0.000048
- Timestamp Beresp: 1714700615.037606 0.032089 0.032016
- BerespProtocol HTTP/1.1
- BerespStatus 301
- BerespReason Moved Permanently
- BerespHeader Content-Encoding: gzip
- BerespHeader Content-Type: text/html; charset=UTF-8
- BerespHeader Location: https://exemple.domaine.fr/
- BerespHeader Server: Caddy
- BerespHeader Status: 301 Moved Permanently
- BerespHeader Vary: Accept-Encoding
- BerespHeader X-Powered-By: PHP/8.2.18
- BerespHeader X-Redirect-By: WordPress
- BerespHeader Date: Fri, 03 May 2024 01:43:35 GMT
- BerespHeader Content-Length: 20
- VCL_call BACKEND_RESPONSE
- VCL_return deliver
- Timestamp Process: 1714700615.037621 0.032105 0.000015
- Filters testgunzip
- Storage malloc Transient
- Fetch_Body 3 length stream
- Gzip u F - 20 0 80 80 90
- BackendClose 27 exemple recycle
- Timestamp BerespBody: 1714700615.037669 0.032152 0.000047
- Length 20
- BereqAcct 1571 0 1571 323 20 343
- End
I have this log as many times as there are redirections
XXX.XXX.XXX.XXX is my personal IP