Install and Configure Varnish with Apache multiple Virtual Hosts on Ubuntu 12.10

Install and Configure Varnish with Apache multiple Virtual Hosts on Ubuntu 12.10
by Janeth Kent Date: 21-06-2013 varnish apache ubuntu linux unix

About Varnish


Varnish is an HTTP accelerator and a useful tool for speeding up a server, especially during a times when there is high traffic to a site. It works by redirecting visitors to static pages whenever possible and only drawing on the virtual private server itself if there is a need for an active process.


To perform the steps in this tutorial, you will need to both have a user with sudo privileges and apache installed on your virtual private server.

Apache can be installed on your VPS with a single command from the apt-get repository.

sudo apt-get install apache2

Install Varnish


The varnish site recommends installing the varnish package through their repository.

You can start that process by grabbing the repository:

sudo curl http://repo.varnish-cache.org/debian/GPG-key.txt | sudo apt-key add -

The next step is to add the repository to the list of apt sources. Go ahead and open up that file.

sudo nano /etc/apt/sources.list

Once inside the file, add the varnish repository to the list of sources.

deb http://repo.varnish-cache.org/ubuntu/ lucid varnish-3.0

Save and exit.

Finally, update apt-get and install varnish.

sudo apt-get update
sudo apt-get install varnish

Configure Varnish


Once you have both apache and varnish installed, you can start to configure them to ease the load on your server from future visitors.

Varnish will serve the content on port 80, while fetching it from apache which will run on port 8080.

Let's go ahead and start setting that up by opening the /etc/default/varnish file:

sudo nano /etc/default/varnish

Uncomment all of the lines under "DAEMON_OPTS"—under Alternative 2, and make the configuration match the following code:

 DAEMON_OPTS="-a :80 \
             -T localhost:6082 \
             -f /etc/varnish/default.vcl \
             -S /etc/varnish/secret \
             -s malloc,256m"

Once you save and exit out of that file, open up the default.vcl file:

sudo nano /etc/varnish/default.vcl

This file tells varnish where to look for the webserver content. Although Apache listens on port 80 by default, we will change the settings for it later. Within this file, we will tell varnish to look for the content on port 8080. For multiple virtual hosta the configuration should be like this:

backend default {
    .host = "127.0.0.1";
    .port = "8080";
}

## Multiple virtual hosta
sub vcl_recv {
 if (req.http.host ~ "^www.website1.com(:[0-9]+)?$") {
    set req.backend = default;
 } else if (req.http.host ~ "^www.website2.com(:[0-9]+)?$") {
    set req.backend = default;
 } else if (req.http.host ~ "^www.website3.com(:[0-9]+)?$") {
    set req.backend = default;
 }
}


## Fetch
sub vcl_fetch {
        ## Remove the X-Forwarded-For header if it exists.
        remove req.http.X-Forwarded-For;

        ## insert the client IP address as X-Forwarded-For. This is the normal IP address of the user.
        set    req.http.X-Forwarded-For = req.http.rlnclientipaddr;
        ## Added security, the "w00tw00t" attacks are pretty annoying so lets block it before it reaches our webserver
        if (req.url ~ "^/w00tw00t") {
                error 403 "Not permitted";
        }
                ## Deliver the content
        return(deliver);
}

## Deliver
sub vcl_deliver {
        ## We'll be hiding some headers added by Varnish. We want to make sure people are not seeing we're using Varnish.
        ## Since we're not caching (yet), why bother telling people we use it?
        remove resp.http.X-Varnish;
        remove resp.http.Via;
        remove resp.http.Age;

        ## We'd like to hide the X-Powered-By headers. Nobody has to know we can run PHP and have version xyz of it.
        remove resp.http.X-Powered-By;
}



Configure Apache


So far we have told varnish that apache ports will be running on 8080. However the default settings for apache are still on port 80. We will correct the discrepancy now.

Open up the apache ports file:

sudo nano /etc/apache2/ports.conf

Change the port number for both the NameVirtualHost and the Listen line to port 8080, and the virtual host should only be accessible from the localhost. The configuration should look like this:

NameVirtualHost 127.0.0.1:8080
Listen 127.0.0.1:8080

Change these settings in the every virtual host file contained in the /etc/apache2/sites-available/ directory:

sudo nano /etc/apache2/sites-available/website1

The Virtual Host should also be set to port 8080, and updated line looks like this:


  DocumentRoot "/var/www/website1.com"
  ServerName website1.com
  
  allow from all
  Options +Indexes
  
  ServerAlias *.website1.com


Save and exit the file and proceed to restart Apache and Varnish to make the changes effective.

sudo service apache2 restart
sudo service varnish restart

Accessing your domain should instantly take you to the varnish cached version, and you can see the details of varnish's workings with this command:

varnishstat


 
by Janeth Kent Date: 21-06-2013 varnish apache ubuntu linux unix hits : 20966  
 
Janeth Kent

Janeth Kent

Licenciada en Bellas Artes y programadora por pasión. Cuando tengo un rato retoco fotos, edito vídeos y diseño cosas. El resto del tiempo escribo en MA-NO WEB DESIGN AND DEVELOPMENT.

 
 
 

Related Posts

How To Use Varnish As A Highly Available Load Balancer On Ubuntu 20.04 With SSL

Load balancing with high availability can be tough to set up. Fortunately, Varnish HTTP Cache server provides a dead simple highly available load balancer that will also work as a…

htaccess Rules to Help Protect from SQL Injections and XSS

This list of rules by no means is a sure bet to secure your web services, but it will help in preventing script-kiddings from doing some basic browsing around. MySQL injection…

How to install a Linux partition on a Windows 10 PC

In spite of a past we could say almost confronted, the approach between Windows and Linux is accelerating more and more, drawing a story closer to love than to hate.…

WSL2 is released to run Linux distributions on Windows

If you are reading about this for the first time, the Windows Subsystem for Linux is a kind of virtual machine that allows you to run the Linux terminal on…

Linux For Dummies: Permissions

In the previous articles I made a short introduction to the Unix world and in the following article I have dealt with the basic commands for the file system management. Today we are…

Linux for Dummies: Ubuntu Terminal

I introduced in the previous article, available here, the basic concepts concerning the Linux world. Today we are going to have a look to some basic operations that we can perform…

Linux for Dummies: Introduction

If you have thought about migrating from Windows to a Unix operating system, or Linux specifically there are things you should know. The goal is to give essential information (and…

Must-Have htaccess Tips for you to Avoid Duplicate Content on Your Site

In order to be able to implement these tips it is necessary that your Apache server already has the mod_rewrite module activated. mod_rewrite and .htaccess are used together so that…

The Best RSS Readers for Ubuntu

Even if most of the tech experts actively claim that RSS (Rich Site Summary) is dead especially after Google Reader was discontinued 5 years ago but it isn’t yet as…

80 Linux Network Monitor Software & Tools for Managing & Monitoring Unix/Linux Systems

It’s hard work monitoring and debugging Linux performance problems, but it’s easier with the right tools at the right time. Finding a Linux Network Monitor tool or Software package for…

How to install Letsencrypt Certificates with Certbot in Ubuntu

In this article we will explain how to install, manage and configure the SSL Security certificate, Let's Encypt in NGINX server used as proxy. This certificate is free but does…

How to Set up a Fully Functional Mail Server on Ubuntu 16.04 with iRedMail

Setting up your own mail server from scratch on Linux is complex and tedious, until you meet iRedMail. This tutorial is going to show you how you can easily and…

Clicky