hi,
our users can enter IP access restrictions in .htaccess files e.g .allow from 1.2.3.4 deny from 2.3.0
> [...]
Is there a way to automagically add and check such restrictions to cached objects?
it might be possible to always send a HEAD request first and if it succeeds send the cached copy. that adds additional roundtrips of course.
it might be possible to set a header whenever an ip restriction happens and inspect that header within varnish (would need a vmod to do efficiently without edge cases i suppose).
finally _if_ you can enumerate the htaccess files it might be possible to parse them and generate (a fragment of) the varnish vcl from a script and reload. use kqueue or inotify to do that automatically, if there is any need.
good luck, tobias florek _______________________________________________ varnish-misc mailing list [email protected] https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
