yumupgrades for production use, this is the repository for you.
Active subscription is required.
Use our up-to-date, bug-free, time tested, and proactively developed version of Varnish VCL for Magento 2.
The supported Varnish version is 4.x.
SSL offload header
Magento 2 changed the default SSL offload header. Version 2.0 used
SSL_OFFLOADED while the latter use
If you were upgrading versions, you might still have the old value. To ensure the correct value, set it via CLI:
bin/magento config:set --lock-config web/secure/offloader_header X-Forwarded-Proto
This will preserve the correct value in the file
app/etc/config.php as opposed to the database.
Correct Magento/NGINX configuration
Magento must be configured with
pub directory of your Magento as the
root directive in NGINX.
Subsequently, the base URL should not include
/pub/ at all.
This is the most secure setup, as only files under
pub will be web-accessible.
The key differences from the default Magento VCL:
- Microcache for search results
- Clearing cache for a specific store (you need to amend changes to the core as per this ticket for this)
- Proper health check URI (deals with a stupid issue that was, of course, never dealt with by Magento team)
14 thoughts on “Varnish 4.x VCL for Magento 2”
Does this configuration already have all traffic re-directed to our SSL-termination proxy?
I have previously used this kind of redirecting rules in my configuration:
Do I need to add this to the file, or does it have something similar already implemented?
Yes, you would still need to add code similar to the one you posted for SSL redirects.
However, it is not needed if you set Magento base URLs to start with
https://. In that case Magento will do the redirects and Varnish will cache them.
What are the differences/advantages between this VCL and the one that is generated from the Magento 2.1 Admin?
The VCL here will cache search results for 30 minutes whereas default Magento VCL will not.
i have a question regarding magento 2 and varrnish caching:
I configured it and it works fine so far.
Now we know that google wants to have us website owners to deliver the whole website in secure https to get better ranking (and in general its a good idea 🙂 ) .
Is then the whole varnish cache ineffective because all of the data stream is secure and not directed to the varnish cache but to hitch?
Varnish will stay effective in a Hitch + Varnish setup.
As long as you configure things in a way that traffic flows through Varnish – you are fine.
In a typical setup, that is the case. Example :
* An SSL terminator (be it Hitch, or nginx, or anything else) at port 443, “forwarding” (proxying) traffic to Varnish at port 80
* Varnish listening at port 80, forwarding traffic to backend at e.g. port 8080
* The backend (Apache, nginx, whatever) at port 8080.
Ok, thank you!
I am getting 502 Gateway time out error, while using this vcl, Can you please guide me what I did wrong?
That error is coming from NGINX. So you should be checking its error log. Gateway timeout likely means that PHP processing is too slow.
Hi, while using this VCL, my page content doesn’t display correctly. I only get the full page after refreshing the page 4-5 time. Do you have any clue on what’s happening here? Once I turn off Varnish, the site works fine.
My first guess would be that the Magento is running with either
defaultmode wherein static assets are generated “upon on access”.
That would cause heavy server load even from access to a single page and subsequently exceeding some defined timeouts.
Make sure your Magento is running in production mode?
Is the above vcl templates still valide for varnish6, generated from magento 2.4? If no, could the above be upgraded please.
Hi Danila, I guess you are very busy but can you please rearrange the VCL for Varnish 6.X? Since varnish 4.X is quite old we can not install
Guys, don’t know your specific reason for using Varnish 6, but Varnish 4 isn’t “dead” to me yet.
Sure, Varnish 4 is EOL but some features has been made commercial in Varnish 6 (example Varnish Agent),
and Magento 2 never dropped support for Varnish 4 even in its VCL generation code.
And if they ever do, it doesn’t matter – all it needs is for a caching proxy cache that supports ESI (Varnish just happens to be one that is well known).
As far as Varnish 6 config, the standard one can be generated through the command line via
And the better plan for the improved config above (for both Varnish 4 and 6) would be developing a new command that generates VCL in a similar fashion but the resulting VCL will have the right stuff / fixes above.
Anyone wishing this to happen, vote/comment on a ticket on the extras n98-magerun2 commands repo. This would help to set priorities.