Varnish with Wordpress

I have moved my Wordpress site (a small blog) onto a hosting platform with Varnish at its front. Varnish, rightly, won't cache when cookies exist.

It looks like Wordpress starts the session, even if it doesn't need it. As such, it sets the PHPSESSID cookie, even though a var_dump() of $_SESSION is empty (when done at the end of index.php).

Is there a way to stop Wordpress doing this? Perhaps with an existing or, indeed, custom plugin?

EDIT: Looking at it again, does the session get used for anything useful on the frontend of the site? Posting a comment seems to set other cookies. Can I just exclude PHPSESSID from Varnish?

I know W3 Total Cache works with Varnish but it's a massive plugin and, despite spending a lot of time configuring it, performance was worse and things occasionally broke.

Topic varnish Wordpress

Category Web

1
answered at

We have a similar use-case to you, but we're running Varnish on a multi-site Wordpress site that runs four high-traffic news-sites.

Here's the relevant excerpts from our VCL file.

# WordPress - admin, uploads and preview.
if (req.url ~ "^/wp/" || req.url ~ "^/wp-(login|admin)" || req.url ~ "^/wp-content/uploads/" || req.url ~ "&preview=true") {
    return (pass);
} else 
# Allow Editors to see an uncached version, and Users to see up-to-date comments.
if (req.http.host ~ "<our domain>" && req.http.Cookie ~ "wordpress_logged_in_") {
    return (pass);
} else 
# Password protected posts.
if (req.http.Cookie ~ "wp-postpass_") {
    return (pass);
}
unset req.http.cookie;

(NB: This is Varnish 4 VCL syntax, which is subtly different to Varnish 3.)

1
answered at

I gave it a punt and it seems to be OK. Below is my VCL. It basically unsets all cookies unless it's wp-admin. This will only work for a very simple site.

# Specific to my.website.com
if (bereq.http.host == "my.website.com") {
        # Strip all cookies (the only one should be PHPSESSID) if not admin
        if ( ! bereq.url ~ "^/wp-admin/") {
                unset beresp.http.Set-Cookie;
        }
}

About

Geeks Mental is a community that publishes articles and tutorials about Web, Android, Data Science, new techniques and Linux security.