Use our up-to-date, bug-free, time tested, and proactively developed version of Varnish VCL for Magento 2.
Requirements
Varnish 4.x
The supported Varnish version is 4.x.
SSL offload header
Magento 2 changed the default SSL offload header. Version 2.0 used SSL_OFFLOADED while the latter use X-Forwarded-Proto.
If you were upgrading versions, you might still have the old value. To ensure the correct value, set it via CLI:
bin/magento config:set --lock-config web/secure/offloader_header X-Forwarded-Proto
This will preserve the correct value in the file app/etc/config.php as opposed to the database.
Correct Magento/NGINX configuration
Magento must be configured with pub directory of your Magento as the root directive in NGINX.
Wrong
root /srv/www/example.com;
Correct
root /srv/www/example.com/pub;
Subsequently, the base URL should not include /pub/ at all.
This is the most secure setup, as only files under pub will be web-accessible.
The key differences from the default Magento VCL:
- Microcache for search results
- Clearing cache for a specific store (you need to amend changes to the core as per this ticket for this)
- Proper health check URI (deals with a stupid issue that was, of course, never dealt with by Magento team)