Question

Varnish + SSL + Multiple Sub-Domains on Apache

So I run three separate Ghost blog/NodeJS websites. I currently use Apache, listening on port 80 and reverse proxy-ing to each specific NodeJS server. All of these rewrite to HTTPS, so no browsing the site with HTTP.

I would like to set up Varnish in front of the Apache server. Now I know it’s not really important to set up Varnish-- I have a no-name website with very little traffic. It’s already convoluted that I have Apache running with NodeJS behind it.

How would I be able to set up Varnish to pipe HTTPS traffic to the Apache server? I saw that Varnish doesnt really handle HTTPS traffic without using nginx. I would rather not have another server running on top of Apache and NodeJS.

Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

There would be absolutely no point in making Varnish just pipe the data to the backend. What most people do is terminate the TLS-connection in Apache2 or Nginx, then proxy that to Varnish, which in turn proxies it to your web server. That way you can cache the data in Varnish.

You can also make Varnish do redirect if the traffic is not going over TLS by looking for X-Forwarded-Proto-headers. Also remember to hash based on the X-Forwarded-Proto-headers, or else you will have a very strange cache, as the objects will look the same to Varnish.