readme changelog updated, stable tag updated 1.4.3
[varnish-caching-wordpress-plugin.git] / varnish-conf / cloudflare.vcl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
# cloudflare.vcl -- CloudFlare HTTP Headers

# This should generally be loaded first to make sure that the headers
# get set appropriately for all requests.

acl official_cloudflare {
    # https://www.cloudflare.com/ips-v4
    "204.93.240.0"/24;
    "204.93.177.0"/24;
    "199.27.128.0"/21;
    "173.245.48.0"/20;
    "103.21.244.0"/22;
    "103.22.200.0"/22;
    "103.31.4.0"/22;
    "141.101.64.0"/18;
    "108.162.192.0"/18;
    "190.93.240.0"/20;
    "188.114.96.0"/20;
    "197.234.240.0"/22;
    "198.41.128.0"/17;
    "162.158.0.0"/15;
    # https://www.cloudflare.com/ips-v6
    "2400:cb00::"/32;
    "2606:4700::"/32;
    "2803:f800::"/32;
    "2405:b500::"/32;
    "2405:8100::"/32;
}

sub vcl_recv {
    # Set the CF-Connecting-IP header
    # If the client.ip is trusted, we leave the header alone if present.
    if (req.http.CF-Connecting-IP) {
        if (client.ip !~ official_cloudflare && client.ip !~ cloudflare) {
            set req.http.CF-Connecting-IP = client.ip;
        }
    } else {
        set req.http.CF-Connecting-IP = client.ip;
    }
}

comments