The correct approach may vary if there's a majority of WP sites or non WP sites.
Given that you only have only one WP site and WP domain is my.wordpress.tld
you should change your rules to:
sub vcl_recv {
if ( req.http.host ~ "my.wordpress.tld"
&& ! (req.url ~ "wp-(login|admin)")
) {
unset req.http.cookie;
}
}
#...
sub vcl_fetch {
if ( req.http.host ~ "my.wordpress.tld"
&& ! (req.url ~ "wp-(login|admin)")
) {
unset beresp.http.set-cookie;
}
}
It's easy to generalize the code for 2+ WP sites replacing req.http.host ~ "my.wordpress.tld"
with an or expression like (req.http.host ~ "my1.wordpress.tld" || req.http.host ~ "my2.wordpress.tld")
.
Given that you only have only one NON-WP site and NON-WP domain is my.not-wordpress.tld
you should change your rules to:
sub vcl_recv {
if ( ! req.http.host ~ "my.not-wordpress.tld"
&& ! (req.url ~ "wp-(login|admin)")
) {
unset req.http.cookie;
}
}
#...
sub vcl_fetch {
if ( ! req.http.host ~ "my.not-wordpress.tld"
&& ! (req.url ~ "wp-(login|admin)")
) {
unset beresp.http.set-cookie;
}
}
Again, it's easy to generalize the code for 2+ NON-WP sites replacing req.http.host ~ "my.wordpress.tld"
with an or expression like (req.http.host ~ "my1.not-wordpress.tld" || req.http.host ~ "my2.not-wordpress.tld")
.
NOTES:
- You should understand what cookie striping means and the differences between stripping a cookie on the request and avoiding a cookie to be setted on the response
- Be carefull when copy-pasting, since the expresion to get ride of the cookies is not the same on
vcl_fetch
andvcl_recv