Example configuration
This is the complete Varnish configuration (user.vcl):
vcl 4.1; backend default { .host = "neverssl.com"; .port = "80"; } import px; import std; sub vcl_init { # initialize PX Varnish module new px_module = px.px(); # ==== PerimeterX Varnish Enforcer Configuration start === # module enabled: "true" or "false" px_module.setconf("px_enabled", "true"); px_module.setconf("px_appId", "== REPLACE =="); px_module.setconf("px_cookie_secret", "== REPLACE =="); px_module.setconf("px_auth_token", "== REPLACE =="); # debug: "true" or "false" px_module.setconf("px_debug", "true"); # blocking mode: "true" or "false" px_module.setconf("px_block_enabled", "true"); px_module.setconf("px_s2s_timeout", 3000); px_module.setconf("px_client_timeout", 3000); # set multiple array items # px_module.setconf("px_whitelist_uri_full", "/a"); # px_module.setconf("px_whitelist_uri_full", "/b"); # px_module.setconf("px_whitelist_uri_full", "/c"); # ==== PerimeterX Varnish Enforcer Configuration end === # must be called at the end of configuration setup if (!px_module.setup()) { std.syslog(9, "Failed to init PX module"); } } sub vcl_recv { # if PX FirstParty request - cache body if (px_module.is_first_party(req.url)) { std.cache_req_body(100KB); } # let PX module to verify request px_module.process_request(req.url, req.method, regsub(req.proto, "^.*/", ""), client.ip, req.http.host); # PX module returns OK(0) if the request is not blocked if (px_module.get_result() > 0) { return (synth(px_module.get_result())); } } sub vcl_deliver { px_module.set_resp_headers(); return(deliver); } # A synthetic object is generated in VCL, not fetched from the backend # display PX captcha page sub vcl_synth { set resp.status = px_module.get_resp_status(); px_module.set_resp_headers(); if (px_module.get_resp_body_len()) { synthetic(px_module.get_resp_body()); } return(deliver); }