It is a magento 2.3.3 site with PHP 7.3 and Varnish 6. It looks like varnish is stripping PHPSESSID. Is this normal behaviour or some workaround needs to be done in VCL code? This is how the curl request look like. PHPSESSID seems to appear in non-www headers but not the www headers. Is this varnish issue or nginx configuration issue? Below is my nginx conf.
curl -I https://example.com
HTTP/2 302
server: nginx
date: Tue, 17 Dec 2019 12:10:46 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=u1erp4gte3ja7d5bll9u6knsfl; expires=Wed, 18-Dec-2019 12:10:46 GMT; Max-Age=86400; path=/; domain=.example.com; secure; HttpOnly
location: https://www.example.com/
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
curl -I https://www.example.com
HTTP/2 200
server: nginx
date: Tue, 17 Dec 2019 12:10:38 GMT
content-type: text/html; charset=UTF-8
content-length: 54847
vary: Accept-Encoding
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
server {
listen 443 ssl http2;
server_name example.com www.example.com;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_certificate /home/example/conf/web/ssl.example.com.pem;
ssl_certificate_key /home/example/conf/web/ssl.example.com.key;
access_log /var/log/nginx/domains/example.com.log combined;
access_log /var/log/nginx/domains/example.com.bytes bytes;
error_log /var/log/nginx/domains/example.com.error.log error;
location / {
proxy_pass http://127.0.0.1:6081;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Ssl-Offloaded "1";
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 8080;
server_name example.com www.example.com;
set $MAGE_ROOT /home/example/web/example.com/public_html;
set $MAGE_MODE production; # or production
include /home/example/web/example.com/public_html/nginx.conf.sample;
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include /home/example/conf/web/snginx.example.com.conf*;
}
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Click below to sign up and get $100 of credit to try our products over 60 days!
Thanks you for responding. Below is the VCL file.
Hello,
Your Nginx config looks all correct. I believe that this would be Varnish that’s causing the issue for you.
Could you share your Varnish config here so that I could have a look and try to advise you further?
Regards, Bobby