I have an Opencart 3.0.3.8 site on a server running AlmaLinux 8 with Plesk installed. The server uses PHP-FPM and Nginx.
My site, which has approximately 7,000 products, uses the Complete SEO Package module for SEO. Single product pages and information pages have an .html extension (a holdover from a very old setup—this e-commerce site is about 15 years old). Varnish works without issues for pages in the format https://www.example.com/single-product-page, but when I view the page at https://www.example.com/single-product-page.html, I see x-cache-status bypass. I have tried everything but can’t solve this problem. Can any experts tell me where I might be going wrong?
The header output is as follows:
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 31 Dec 2024 13:26:58 GMT
permissions-policy: keyboard-map=(), attribution-reporting=(), run-ad-auction=(), private-state-token-redemption=(), private-state-token-issuance=(), join-ad-interest-group=(), idle-detection=(), compute-pressure=(), browsing-topics=()
server: nginx
vary: Accept-Encoding
x-cache-status: BYPASS
x-dns-prefetch-control: off
x-powered-by: PHP/7.3.33
x-powered-by: PleskLin
In the Plesk panel, the following additional directive is defined for http:
#PLESK-VARNISH-BEGIN
SetEnvIf X-Forwarded-Proto https HTTPS=on
Header set Vary "Accept-Encoding" env=!NO_VARY
RewriteEngine on
# We remove HTTPS redirection because we are behind Varnish
# RewriteCond %{HTTPS} !=on
# RewriteCond %{HTTP:X-Forwarded-Proto} !https [NC]
# RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#PLESK-VARNISH-END
The Additional nginx directives section is defined as follows:
#PLESK-VARNISH-BEGIN
location ~ ^/.* {
proxy_pass http://0.0.0.0:6081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
# Edit cookie and cache headers
proxy_hide_header Set-Cookie;
proxy_ignore_headers Set-Cookie;
proxy_set_header Cookie "";
# Timeout settings
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
}
#PLESK-VARNISH-END
And here is the content of the default.vcl file:
#########################################################################
### The perfect Varnish 4.x+ configuration ###
### for WordPress, Joomla, Drupal & other (common) CMS based websites ###
#########################################################################
######################
#
# UPDATED on December 15th, 2021
#
# Configuration Notes:
# 1. Default dynamic content caching respects your backend's cache-control HTTP header.
# If however you need to enforce a different cache-control TTL,
# do a search for "180" and replace with the new value in seconds.
# Stale cache is served for up to 24 hours.
# 2. Make sure you update the "backend default { ... }" section with the correct IP and port
#
######################
# Varnish Reference:
# See the VCL chapters in the User-Guide at https://varnish-cache.org/docs/
# Marker to tell the VCL compiler that this VCL has been adapted to the new 4.1 format
vcl 4.1;
# Imports
import std;
# ACL defination
acl purge {
"localhost";
"127.0.0.1";
}
# Default backend definition. Set this to point to your content server.
backend default {
.host = "127.0.0.1";
.port = "7080";
}
sub vcl_recv {
std.log("Client IP: " + client.ip);
std.log("Request URL: " + req.url);
std.log("Request method: " + req.method);
# Cookie handling
if (req.http.Cookie) {
set req.http.Cookie = regsuball(req.http.Cookie, "^(OCSESSID=.*?;?).*$", "\1");
set req.http.Cookie = regsuball(req.http.Cookie, "^(language=.*?;?).*$", "\1");
set req.http.Cookie = regsuball(req.http.Cookie, "^(currency=.*?;?).*$", "\1");
if (req.http.Cookie ~ "^\s*$") {
unset req.http.Cookie;
}
}
# Basic request handling
if (req.http.Set-Cookie) { return(pass); }
# Purge handling
if (req.method == "PURGE") {
if (!client.ip ~ purge) {
return(synth(405, "Not allowed."));
}
if (req.http.X-Purge-Method == "regex") {
ban("req.url ~ " + req.http.X-Purge-Regex);
} else {
ban("req.url == " + req.url);
}
return(synth(200, "Cache cleared"));
}
# LetsEncrypt passthrough
if (req.url ~ "^/\.well-known/acme-challenge/") {
return (pass);
}
# Forward client IP
if (req.restarts == 0) {
if (req.http.X-Real-IP) {
set req.http.X-Forwarded-For = req.http.X-Real-IP;
} else if (req.http.X-Forwarded-For) {
set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
# Security
unset req.http.proxy;
# URL normalization
if (req.url !~ "wp-admin") {
set req.url = std.querysort(req.url);
}
# Method handling
if (req.method != "GET" && req.method != "HEAD" &&
req.method != "PUT" && req.method != "POST" &&
req.method != "TRACE" && req.method != "OPTIONS" &&
req.method != "DELETE") {
return (pipe);
}
if (req.method != "GET" && req.method != "HEAD") {
return (pass);
}
# URL cleanup
if (req.url ~ "(\?|&)(_bta_[a-z]+|fbclid|gclid|utm_[a-z]+)=") {
set req.url = regsuball(req.url, "(_bta_[a-z]+|fbclid|gclid|utm_[a-z]+)=[-_A-z0-9+()%.]+&?", "");
set req.url = regsub(req.url, "[?|&]+$", "");
}
if (req.url ~ "\?$") { set req.url = regsub(req.url, "\?$", ""); }
if (req.url ~ "\#") { set req.url = regsub(req.url, "\#.*$", ""); }
# Cookie cleanup
std.collect(req.http.Cookie);
set req.http.Cookie = regsuball(req.http.Cookie, "(has_js|_ga|wp-settings-[0-9]+|wordpress_test_cookie)=[^;]+(; )?", "");
set req.http.Cookie = regsuball(req.http.Cookie, "^;\s*", "");
if (req.http.cookie ~ "^\s*$") { unset req.http.cookie; }
# Cache bypass conditions
if (req.http.Authorization ||
req.http.Authenticate ||
req.http.X-Logged-In == "True" ||
req.http.Cookie ~ "(userID|joomla_[a-zA-Z0-9_]+|wordpress_[a-zA-Z0-9_]+|wp-postpass)") {
return (pass);
}
# Path exclusions
if (req.url ~ "^/(administrator|cart|checkout|login|wp-admin|wp-login.php)") {
return (pass);
}
# AJAX handling
if (req.http.X-Requested-With == "XMLHttpRequest" || req.url ~ "nocache") {
return (pass);
}
# Static file handling
if (req.http.Accept-Encoding) {
if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {
unset req.http.Accept-Encoding;
} elsif (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
} elsif (req.http.Accept-Encoding ~ "deflate") {
set req.http.Accept-Encoding = "deflate";
} else {
unset req.http.Accept-Encoding;
}
}
# Static content bypass
if (req.url ~ "\.(css|js|jpg|jpeg|png|gif|ico|woff|ttf|eot|svg)$") {
unset req.http.Cookie;
return (hash);
}
return (hash);
}
sub vcl_backend_response {
# Static file optimization
if (bereq.url ~ "\.(jpg|jpeg|gif|png|css|js|ico|woff|ttf|eot|svg)$") {
unset beresp.http.Set-Cookie;
set beresp.ttl = 30d;
set beresp.http.Cache-Control = "public, max-age=2592000";
}
# Error handling
if (beresp.status >= 500 && beresp.status <= 504) {
return (abandon);
}
# Cache control
if (beresp.http.Cache-Control !~ "max-age" || beresp.http.Cache-Control ~ "max-age=0") {
set beresp.http.Cache-Control = "public, max-age=180, stale-while-revalidate=360, stale-if-error=43200";
}
# Header cleanup
unset beresp.http.Pragma;
unset beresp.http.Vary;
set beresp.grace = 24h;
return (deliver);
}
sub vcl_deliver {
# Cache status headers
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
set resp.http.X-Cache-Hits = obj.hits;
std.log("Cache HIT for: " + req.url);
} else {
set resp.http.X-Cache = "MISS";
std.log("Cache MISS for: " + req.url);
}
return (deliver);
}