Request coalescing and other reasons to use Varnish as origin shield

It’s now time to go one step beyond

  • request 1 would like the data to be compressed using gzip (accept-encoding: gzip)
  • request 2 only wants the last 10 bytes of data (range: bytes -10)
  • request 3 is only interested in the metadata of the URL (HEAD)
  • request 4 asks for the first 512 bytes, and would like them compressed with brotli (accept-encoding: brotli, range: bytes 0-511)
  • set the method to GET to grab the full object.
  • unset the range header, for the same reason.
  • force the accept-encoding header to gzip or brotli to save bandwidth and cache space.
  • shared secret in a header: possibly the simplest of them all, we just need to check that a header has the right value
  • JWT: this one is getting popular thanks to a simple standard, easy technologies to pick up and the ability to sign or encrypt using a symmetric or asymmetric key
  • custom tokens: they are legion, but they’re almost all about extracting some data from the request (which Varnish was born to do) combined with a signing mechanism (easy to do with the right VMOD). This means that we can integrate virtually any token with just a few lines of configuration.
  • IP ACL: it’s an oldie but goodie; we just need to check the client IP against one or more IP range, and deny access if we don’t get a match.
  • reverse-DNS: a new trick up Varnish’s sleeve, it’s now able to reverse-lookup an IP and make sure it matches a list of trusted domains. It’s generally used for bot validation, but it’s also valuable here when ACL won’t do because of dynamic IPs.
  • External API: after all, we don’t need to do everything ourselves, and we can ask a third-party API endpoint to validate the request for us. And of course, we can cache the response to save time the next time it pops up.
  • powerful and sensible default behavior is key to performance
  • customization is an integral part of the experience to cover new and highly specific cases

--

--

--

Varnish Software is the world’s leading provider of open source web application acceleration software.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How to ship product in record time.

Creational Design Pattern: 1. Singleton pattern

The Process Mapping Canvas

Rails — WickedPDF — Heroku setup

MLOps and Data: Managing Large ML Datasets with DVC and S3 (Part 1)

Light following Robot!!

Yes, Impostor Syndrome Is Actually Good for Software Developers

Man standing in front of wall of data

Creative Patterns — overview

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Varnish Software

Varnish Software

Varnish Software is the world’s leading provider of open source web application acceleration software.

More from Medium

How To Install the Apache with Tomcat Web Server on Centos 7

Getting list of Git files owned by a specific owner based on the CODEOWNERS file

The HTTP gattling gun.

Cursor Based Pagination