Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

If you are looking for ssl termination on varnish, i would assume you have enough knowledge of configuring varnish and looking into this you must be able to configure ssl termination including Client-IP forwarding.

Default location with 444 error would make sense to forward any unwated traffic, you may want to google it around if its not already in www.ashishnepal.com 😉

server {
### server port and name ###
listen 192.168.1.24:443;
ssl on;
server_name www.tikejhya.com;

### SSL log files ###
access_log logs/ssl-access.log;
error_log logs/ssl-error.log;

### SSL cert files ###
ssl_certificate /var/certs/tikejhya.com.crt;
ssl_certificate_key /var/certs/tikejhya.com.key;

ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
keepalive_timeout 60;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;

location / {
# Pass the request on to Varnish.
proxy_pass http://127.0.0.1;

# Pass a bunch of headers to the downstream server, so they’ll know what’s going on.
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

# Most web apps can be configured to read this header and understand that the current session is actually HTTPS.
proxy_set_header X-Forwarded-Proto https;
# We expect the downsteam servers to redirect to the right hostname, so don’t do any rewrites here.
proxy_redirect off;
}
}