Varnish and WordPress

Varnish and WordPress Admin Login

Just the other day i got Varnish working nicely with WordPress, W3TC (W3 Total Cache) and iThemes Security, at least that was what i thought. Today i tried logging into the WordPress Admin Panel using a friend’s computer. After entering the user name and password it took me right back to the login form. No matter what, i always ended up with the login form and a baffled Habschned in front of the computer. It occurred to me that the problem must be with Varnish, as that was the piece of software responsible for displaying the cached version of the login form and maybe with iThemes security too, especially as i had set a login slug there. So the actual login URL for the WordPress admin panel was instead of

Grabbed a copy of PuTTY, logged into the server and had a quick look at the default.vcl file for Varnish which looks like (partial quote though, not the full file hehe)

As you can see there isn’t going on much cookie-wise. So i went and added code that removed any cookie send to WordPress

and then restarted Varnish using service varnish restart. I immediately tried logging in just to find out that the login still didn’t work. Again i ended up in that “Enter user name and Password” -> blank login form loop. Vicious circle hehe. I looked at the code for a few minutes, trying to figure out what’s wrong and then remembered that i use a login slug (set in iThemes Security). So back to nano again, adding the login slug to the No-Cookie rule and the No-Cache-Backend part. This is what i ended up with after the edits

See the two instances of super_secret_slug i added to the default.vcl file? And that did the trick for me. Now Varnish drops cookies for the listed URLs and the login works fine with Varnish cache on. Sooooo, if you are using Varnish and a custom login slug for your WordPress installation you will have to update your Varnish configuration i guess.


Be the first to comment

Leave a Reply

Your email address will not be published.

I confirm