Stephen Reese

I recently enabled HTTPS on this site and wanted to use a 301 redirect in order to correctly re-route guests from HTTP to HTTPS (HTTP to SSL/TLS). I originally performed all of my rewrites in Apache which acts as my backend. While Apache handled the typical non-www to www redirects with ease, it created a redirect loop when attempting to redirect users from HTTP to HTTPS. I decided to let Varnish Cache 4 rather than the Apache backend handle the redirect.

HTTP to HTTPS redirect

The documentation on the on the Varnish site is for Varnish 3 which is not compatible for Varnish 4 as of this writing:

sub vcl_recv {
    if ( (req.http.host ~ "^(?i)somesite.org" || req.http.host ~ "^(?i)www.somesite.org")
         && req.http.X-Forwarded-Proto !~ "(?i)https") {
        set req.http.x-Redir-Url = "https://www.somesite.org" + req.url;
        error 750 req.http.x-Redir-Url;
    }
}

sub vcl_error {
    if (obj.status == 750) {
        set obj.http.Location = obj.response;
        set obj.status = 302;
        return (deliver);
    }

After some research, I found a redirect example that was similar to what I was trying to achieve in Varnish 4:

sub vcl_recv {
        if ( (req.http.host ~ "^(?i)www.domain.com" || req.http.host ~ "^(?i)domain.com") && req.http.X-Forwarded-Proto !~ "(?i)https") {
                return (synth(750, ""));
        }
}

sub vcl_synth {
    if (resp.status == 750) {
        set resp.status = 301;
        set resp.http.Location = "https://www.domain.com" + req.url;
        return(deliver);
    }
}

Now non-HTTPS requests to domains listed in the vcl_recv should redirect to the respective HTTPS version of your site.


Comments

comments powered by Disqus