Example configuration

This is the complete Varnish configuration (user.vcl):

1vcl 4.1;
2
3backend default {
4 .host = "neverssl.com";
5 .port = "80";
6}
7
8import px;
9import std;
10
11sub vcl_init {
12 # initialize PX Varnish module
13 new px_module = px.px();
14
15
16# ==== PerimeterX Varnish Enforcer Configuration start ===
17
18 # module enabled: "true" or "false"
19 px_module.setconf("px_enabled", "true");
20
21 px_module.setconf("px_appId", "== REPLACE ==");
22 px_module.setconf("px_cookie_secret", "== REPLACE ==");
23 px_module.setconf("px_auth_token", "== REPLACE ==");
24
25
26 # debug: "true" or "false"
27 px_module.setconf("px_debug", "true");
28
29 # blocking mode: "true" or "false"
30 px_module.setconf("px_block_enabled", "true");
31
32 px_module.setconf("px_s2s_timeout", 3000);
33 px_module.setconf("px_client_timeout", 3000);
34
35 # set multiple array items
36 # px_module.setconf("px_whitelist_uri_full", "/a");
37 # px_module.setconf("px_whitelist_uri_full", "/b");
38 # px_module.setconf("px_whitelist_uri_full", "/c");
39
40# ==== PerimeterX Varnish Enforcer Configuration end ===
41
42
43 # must be called at the end of configuration setup
44 if (!px_module.setup()) {
45 std.syslog(9, "Failed to init PX module");
46 }
47}
48
49sub vcl_recv {
50
51 # if PX FirstParty request - cache body
52 if (px_module.is_first_party(req.url)) {
53 std.cache_req_body(100KB);
54 }
55
56 # let PX module to verify request
57 px_module.process_request(req.url, req.method, regsub(req.proto, "^.*/", ""), client.ip, req.http.host);
58
59 # PX module returns OK(0) if the request is not blocked
60 if (px_module.get_result() > 0) {
61 return (synth(px_module.get_result()));
62 }
63}
64
65
66sub vcl_deliver {
67 px_module.set_resp_headers();
68 return(deliver);
69}
70
71# A synthetic object is generated in VCL, not fetched from the backend
72# display PX captcha page
73sub vcl_synth {
74 set resp.status = px_module.get_resp_status();
75 px_module.set_resp_headers();
76
77 if (px_module.get_resp_body_len()) {
78 synthetic(px_module.get_resp_body());
79 }
80
81 return(deliver);
82}