Manual:Varnish caching/en

Varnish is a lightweight, efficient reverse proxy server which reduces the time taken to serve often-requested pages.

Varnish is an HTTP accelerator which stores copies of the pages served by the web server. The next time the same page is requested, Varnish will serve the copy instead of requesting the page from the Apache server. This caching process removes the need for MediaWiki to regenerate that same page again, resulting in a tremendous performance boost.

Varnish has the advantage of being designed specifically for use as an HTTP accelerator (reverse proxy). It stores much of its cached data in memory, creating fewer disk files and fewer accesses to the filesystem than the larger, more multi-purpose package. Like Squid, it serves often-requested pages to anonymous-IP users from cache instead of requesting them from the origin web server. This reduces both CPU usage and database access by the base MediaWiki server.

Because of this performance gain, MediaWiki has been designed to integrate closely with a web cache and will notify Squid or Varnish when a page should be purged from the cache in order to be regenerated.

From MediaWiki's point of view, a correctly-configured Varnish installation is interchangeable with its Squid counterpart.

The architecture
An example setup of Varnish, Apache and MediaWiki on a single server is outlined below. A more complex caching strategy may use multiple web servers behind the same Varnish caches (all of which can be made to appear to be a single host) or use independent servers to deliver wiki or image content.

To the outside world, Varnish appears to act as the web server. In reality it passes on requests to the Apache web server, but only when necessary. An Apache running on the same server only listens to requests from localhost (127.0.0.1) while Varnish only listens to requests on the server's external IP address. Both services run on port 80 without conflict as each is bound to different IP addresses.

Configuring Varnish
The following configuration works for Varnish version 4 and above.

Configuring MediaWiki
Since Varnish is doing the requests from localhost, Apache will receive "127.0.0.1" as the direct remote address. However, as Varnish forwards requests to Apache, it is configured to add the "X-Forwarded-For" header so that the remote address from the outside world is preserved. MediaWiki must be configured to use the "X-Forwarded-For" header in order to correctly display user addresses in special:recentchanges.

The required configuration is the same for Squid as for Varnish. Make sure the LocalSettings.php file contains the following lines:

Be sure to replace '192.168.0.1' with the IP address on which your Varnish cache is listening. These settings serve two purposes:
 * If a request is received from the Varnish cache server, the MediaWiki logs need to display the IP address of the user, not that of Varnish. A special:recentchanges in which every edit is reported as '127.0.0.1' is all but useless; listing that address as a Squid/Varnish server tells MediaWiki to ignore the IP address and instead look at the 'x-forwarded-for' header for the user's IP.
 * If a page or image is changed on the wiki, MediaWiki will send notification to every server listed in telling it to discard (purge) the outdated stored page.

Use for addresses which need to be kept out of recentchanges, but which do not receive HTTP PURGE messages. For instance, if Apache and Squid are respectively on 127.0.0.1 and an external address on the same machine, there's no need to send Apache a "purge" message intended for Squid. Likewise, if Squid is listening to multiple addresses, only send "purge" to one of them.

See also Squid configuration settings for all settings related to Squid/Varnish caching.

If you use HTTPS, be sure to set to the same value as  but with http:// protocol, to prevent purge requests from being sent as HTTPS, since Varnish doesn't support HTTPS.

If using, be sure to send request header "X-Forwarded-Proto: https" to suppress the redirect, otherwise disable $wgForceHTTPS to prevent redirect loops.

Some notes
Note that Varnish is an alternative to Squid, but does not replace other portions of a complete MediaWiki caching strategy such as:


 * Pre-compiled PHP code: The default behaviour of PHP under Apache is to load and interpret PHP web scripts each time they are accessed. Installation of a cache such as APC (, then allocate memory by setting  or better in  ) can greatly reduce the amount of CPU time required by Apache to serve PHP content.
 * Localisation/Internationalisation: By default, MediaWiki will create a huge  database table and access it constantly - possibly more than doubling the load on the database server after an "upgrade" to the latest MediaWiki version. Set  to force the localisation information to be stored to the file system to remedy this.
 * Variables and session data: Storing variable data such as the MediaWiki sidebar, the list of namespaces or the spam blacklist to a memory cache will substantially increase the speed of a MediaWiki installation. Forcing user login data to be stored in a common location is also essential to any installation in which multiple, interchangeable Apache servers are hidden behind the same Varnish caches to serve pages for the same wikis. Install the memcached package and set the following options in to force both user login information and cached variables to use memcache:
 * Note that, if you have multiple servers, the localhost address needs to be replaced with that of the shared memcached server(s), which must be the same for all of the matching web servers at your site. This ensures that logging a user into one server in the cluster logs them into the wiki on all the interchangeable web servers.
 * Note that, if you have multiple servers, the localhost address needs to be replaced with that of the shared memcached server(s), which must be the same for all of the matching web servers at your site. This ensures that logging a user into one server in the cluster logs them into the wiki on all the interchangeable web servers.
 * Note that, if you have multiple servers, the localhost address needs to be replaced with that of the shared memcached server(s), which must be the same for all of the matching web servers at your site. This ensures that logging a user into one server in the cluster logs them into the wiki on all the interchangeable web servers.

In many cases, there are multiple alternative caching approaches which will produce the same result. See.

Log file
The Apache web server log, by default, shows only the address of the Varnish cache server, in this example "127.0.0.1:80"

Apache may be configured to log the original user's address by capturing "x-forwarded-for" information under a custom log file format.

An example for Apache's httpd.conf to configure logging of x-forwarded-for is:

Image hotlinking
If a site uses Apache's  to block attempts by other websites to hotlink images, this configuration will need to be removed and equivalent configuration added to Varnish's configuration files. Where an image server is located behind Varnish, typically 90% or more of common image requests never reach Apache and therefore will not be blocked by a "http_referer" check in Apache's configurations.