Setting Up Varnish Security Firewall
Varnish can add a extra layer of security as well as HTTP accelerator. https://github.com/comotion/VSF is a Web Application Firewall (WAF) written using the Varnish Control Language (VCL) and a sprinkling of Varnish Modules (vmods). If you want to know how to install vmod go to http://blog.jambura.com/2014/09/28/building-a-varnish-vmod/
To install Varnish Security Firewall we need to install 4 different
If you varnish version is 3.x.x then use https://github.com/fastly/libvmod-urlcode/tree/varnish-3 for libvmod-urlcode.
After you setup all 4 vmods then download the https://github.com/comotion/VSF. I am assuming you are following http://blog.jambura.com/2014/09/28/building-a-varnish-vmod/.
git clone https://github.com/comotion/VSF.git
So the path to VSF’s vcl is /root/varnish/VSF/vcl/. now symlink the vcl directory into /etc/varnish/security
cd /etc/varnish && ln -s /root/varnish/VSF/vcl security
then you edit your default.vcl and add this line near the top:
after that restart varnish.
service varnish restart