Networking HowTos
Networking HowTos

Configure Varnish to Allow Purging the Cache

January 16, 2013 Linux

This howto guide will show you how to configure Varnish to allow you to purge specific items from the cache.

This guide assumes you have Varnish v3.0.0 or later installed, as the configuration will be different for older versions. It also assumes that you have a basic varnish configuration working, and pointing to a backend configured.
Configure your purge ACL
You want to limit who is able to purge files from your cache. This is done using access control lists, or ACL’s for short.
Open the varnish configuration file in an editor of your choice:

$ sudo nano /etc/varnish/default.vcl

Add the following at the top of the file:

acl purgelist {
  "10.0.0.0/8";
  "127.0.0.1";
}

The purge ACL is this case is called purgelist. We will be referencing this further down. Add more IP’s if needed.
Block purge requests from IP’s not in the purge ACL
Edit the “sub vcl_recv” section to add the following. If this section doesn’t exist, you can add it in:

sub vcl_recv {
  if (req.request == "PURGE") {
    if (!client.ip ~ purgelist) {
      error 405 "Not Allowed";
    }
    return (lookup);
  }
  #
  # Other commands for vcl_recv can go here ....
  #
}

This first checks to see if the request was a PURGE request. If so, it checks if the client’s IP is in the purgelist ACL, and if not, throws an error 405.
Purging the content if allowed
Edit the “sub vcl_hit” and “sub vcl_miss” sections to add the following. If you have other configuration in these sections, you can add this information at the top of the relevent section.

sub vcl_hit {
  if (req.request == "PURGE") {
    purge;
    error 200 "Purged.";
  }
  #
  # Other commands for vcl_hit can go here ....
  #
}
sub vcl_miss {
  if (req.request == "PURGE") {
    purge;
    error 200 "Purged.";
  }
  #
  # Other commands for vcl_miss can go here ....
  #
}

Save the file and exit the editor.
Reload the varnish configuration
Ubuntu:

$ sudo service varnish reload

RHEL/CentOS:
(as root)

# service varnish reload

Testing the Purge
To test the purge, run the following command using the curl command:

$ curl -X PURGE http://your_domain/file/to/purge.htm

For more info on actually purging the cache, you can check out the following guide:
Purge Varnish Cache Using Curl

You Might Also Like