Skip to content

Commit

Permalink
Merge pull request #34 from interlegis/default_acls_fix
Browse files Browse the repository at this point in the history 
Default acls fix
  • Loading branch information
@maxchk
maxchk committed Aug 22, 2014
2 parents 96c8b9c + 62eaa3e commit c2bc498
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions templates/varnish-vcl.erb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,10 +54,12 @@ sub vcl_recv {
remove req.http.Cookie;
}

<%- if @blockedips.length > 0 -%>
# blocked list
if ((client.ip ~ blockedips)<%- if @blockedbots.length > 0 -%>||(req.http.User-Agent ~ "(?i)<%- @blockedbots.each do |bot| -%><%= bot %><%- if cookie != @blockedbots[-1] -%>|<%-end-%><%-end-%>")<%-end-%>) {
error 403 "Access forbidden.";
}
<%- end -%>

<%- if @enable_waf -%>
# Web Application Firewall
Expand All @@ -80,6 +82,7 @@ sub vcl_recv {
# backend selection logic
include "includes/backendselection.vcl";

<%- if @purgeips.length > 0 -%>
# Allows purge for the IPs in purge ACL
if (req.request == "PURGE") {
if (!(client.ip ~ purge)) {
Expand All @@ -93,6 +96,7 @@ sub vcl_recv {
# request won't go to the backend.
error 200 "Added ban.";
}
<%- end -%>

if (req.request != "GET" &&
req.request != "HEAD" &&
Expand Down

0 comments on commit c2bc498

Please sign in to comment.