Magento and Varnish with SSL Support using HAProxy

Rohan Sharma 5 years agono commentsDevelopments

blog image

For Safe and Secure online transactions SSL is mandatory. Now if we are planning to use Varnish with our Magento then this something cannot be achieved using Varnish alone because it cannot handle HTTPS traffic.

In our another article Install & Configure Varnish to Use with Magento 2 we showed how to configure Varnish as frontend and Apache as backend with Magento. But that is configured to handle only HTTP traffic.

To use Varnish with SSL support we need to introduce TLS termination in front of Varnish.

There are many options for TLS Termination, but we are using HAProxy in this guide.

See the following image for better understanding

Before we proceed for HAProxy installation and configuration we would recommend you to install and configure Varnish with Magento using our Install & Configure Varnish to Use with Magento 2 guide.

We assume that you have installed Varnish on Magento Server, and it is also configured with Magento.

Let us now proceed with HAProxy installation. In order to support HTTP/2 we would be needing HAProxy version equals or greater than 1.8.

Install HAProxy

sudo apt install haproxy

Check HAProxy Version

haproxy -V

It should be greater than 1.8.

Enable HTTPS by installing Free SSL Certificates from Let’s Encrypt.

You can also use these certificates for production

sudo apt update
sudo apt install software-properties-common
sudo add-apt-repository universe
sudo add-apt-repository ppa:certbot/certbot
sudo apt update
sudo apt install certbot
sudo certbot certonly --webroot -w /var/www/html/domain.com -d domain.com

You will now see a Congratulations Message and most likely your Certificate and Chain will be saved in /etc/letsencrypt/live/domain.com

Combine Chain + Key file to use with HAProxy

sudo cat /etc/letsencrypt/live/domain.com/fullchain.pem /etc/letsencrypt/live/domain.com/privkey.pem > /etc/ssl/private/domain.com.pem

In another article where we setup Varnish to listen on Port 80 and Apache was listening on 443 will now be replaced with HAProxy.

We will be using HAProxy to listen on Port 80 & 443 and backend will be pointed on 8888 where our Varnish would be listening

Configure HAProxy

sudo nano /etc/haproxy/haproxy.cfg

Now let’s add Frontend and Backend Sections at the very end of the file.

frontend www-http
   bind :80 alpn h2,http/1.1
   #http-request set-header "SSL-OFFLOADED" "1"
   reqadd X-Forwarded-Proto:\ http
   #X-Forwarded-Proto: http
   default_backend varnish-backend
   
frontend www-https
   bind :443 ssl crt /etc/ssl/private/domain.com.pem alpn h2,http/1.1
   #http-request set-header "SSL-OFFLOADED" "1"
   reqadd X-Forwarded-Proto:\ https
   #X-Forwarded-Proto: https
   default_backend varnish-backend

backend varnish-backend
   #redirect scheme https if !{ ssl_fc }
   server varnish :8888 check

Varnish & Apache Ports

Let’s make sure we have our Varnish listening on Port 8888 and Mod SSL is disable for Apache.

If you have followed our other article Install & Configure Varnish to Use with Magento 2 then you can open the following file:

sudo nano /etc/systemd/system/varnish.service.d/override.conf

and change port 80 to 8888

ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :8888 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,512M

Disable SSL

sudo a2dismod ssl

Restart Varnish, Apache & Haproxy

sudo systemctl daemon-reload
sudo service varnish restart
sudo service apache2 restart
sudo service haproxy restart

Configure Magento to Purge Varnish

As we have changed the port of Varnish so we need to configure Magento again to Purge Varnish 

sudo php bin/magento setup:config:set --http-cache-hosts=Your-Server-IP:8888

Now lets confirm the ports

sudo netstat -tulpn

We should be having our Varnish listening on 8888, Apache on 8080 & Haproxy on 80 & 443

Make sure we have port 8888 open within our AWS Security Group.

You can now open Magento and configure it to use Secure URLs.

Related Posts

Tags: HAProxy varnish and magento varnish cache varnish with ssl

Leave a Reply

avatar
  Subscribe  
Notify of

You might also like

blog image

Install & Configure Varnish to Use with Magento 2

Rohan Sharma - 5 years ago

blog image

Magento 1 vs Magento 2

Rohan Sharma - 5 years ago

The arrival of Magento 2 has left many storekeepers and developers pondering about the effect of this new code base on the performance of the site and implementation of custom utility. The chief advantage of using Magento is it’s out of the box e-commerce solutions that it provides which enables you to customize the site according to your need. Magento has developed since 2008 as an answer to the e-commerce solution controlling the majority of market share in e-commerce software. There are a few problems with the present version of Magento which are addressed in its latest version.

blog image

Tips to Compare the Total Cost of Ownership of Magento Open Source and Magento Commerce

Rohan Sharma - 5 years ago

Are you considering to launch a new online store or switching the existing one to a new platform like Magento? Are you confused between Magento Open Source and Magento Commerce? If the answer is yes, then it’s incredibly essential to comprehend and estimate the total cost of ownership (TCO).

Popular Posts
Categories
Tags
#Axtrics #eCommerce #Events #Magento #Magento Development #Shopify #Tour & Travels #chatbots #artificial intelligence #AI #NLP #Live-chatting #Facebook #Hipmunk #e-commerce #business #social media #instagram #IGTV #LinkedIn #Twitter #News #USA #LinkedIn Live #FDI #Amazon #Flipkart #walmart #india #PM Modi #cloudtail #WhatsApp #messenger #YouTube #B2B #chat model #shared model #dedicated model #omnichannel #brick-and-mortar #content #commerce #context #chatbot #SMS #social networks #CTO #Chief technical officer #digital marketing #revo #Revo America #Toycart #magento1 #magento2 #technology #mobile wallets #blockchain #CNP #firewall #PCI security #PHP #marketing #facebook messenger #Magento Open Source #Magento Commerce #TCO #Cloud #Fastly #online #website #software #Varnish #HAProxy #b2 #subscription #information technology #varnish and magento #magento 2 cache #varnish cache #varnish with ssl #magento speed optimization #phpopcache #varnish and apache #netfix #Robot #internet technology #infomation #Tawk.to #bostify #third party logistcs #warehouse management system #WMS #Omni-channel #brick-and-mortar store #eCo #shopping #online shopping #mobile devices #supply chain #Mysql #development #app #SEO #Copywriting #URL #FAQ #West Elm #Keywords #yotpo #ugc #keyword #internet marketig #internet marketing #content writing #influence marketing #content strategy #online payment #Klarna #Affirm #Google Pay #Amazon Pay #Aplle Pay #Braintree #PayPal #Apple Pay #Multiple payment gateways #APM #Automated Clearing House #Conersions #conversion rate #conversions #eCommerce business #online business #strategy #company #internet #optimization #digital #American Exppress #Mastercard #Visa #checkout #Adobe #headless commerce #Adobe Commerce Cloud #GraphQL #Omnichannel trade #CMS #POS #A/B testing #Adobe Sensei #mobile shopping #REST #pinterest #tweet #online posts #Google analytic #hootsuite #buffer #social brand #later #HubSpot #Google #Google Ads #Google Analytics #Google Tab Manager #Google Optimize #Google Data Studio #Smile.io #MailChi #MailChimp #Klaviyo #SEMRush #SearchSpring #JustUNO #Moz Pro #eC #PPC #Automation #Google Marketing #CRM #marketing tools #eCommerce marketing tools #user-generated content #customer experience #zappos #USP #unique selling point #live chat #amazon rpime #amazon prime #email #emailmarketing #squint test #eCommerce automation #orders #internal facing #external facing #eCommerce marketing #Bronto #Dotmailer #Active Campaign #WooCommerce #Dotdigital #WordPress #BigCommerce #Google pagespeed #online marketing #a/b testing tools #VWO #Optimizely #Omniconvert #Crazy egg #AB tasty #Convert #Sephora #PIM #Product information Management #scale operations #output product data pipeline #black friday #holiday #sale #deal #black friday deal #cyberweek #cyber week #flash sale ##BlackFriday ##BlackFriday2019 #inbound marketing #products #ads #facebook ads #carousel ads #lead generation ads #dynamic product ads #lead gen ads #Reddit #Quora #Frequently Asked Questions #Tattly #Zendesk #HelpDesk #FB #Facebook eCommerce Ad #Salesforce #Dropbox #Slack #Headless eCommerce #email marketing #Facebook Pag #Facebook Page #Search engine optimization #Mobile eCommerce #mobile Apps #ditigtal marketing #Product management #Adobr #COVID-19 #AdWords #Google AdWords #Mobile-friendly #CTR #SKAG #Ad Copy Testing #Google shopping #remarketing #Ad extensions #Coronavirus #B2C #social media marketing #hashtags #social distancing #eCommerce website #SurveyMonkey #Qualaroo #UserTesting #eCommerce development #outbound marketing #Sales funnel #TOFU #MOFU #BOFU #eCommerce Conversion funnel #paid promotion #reach #engage #delight #email campaigns #paid media #inbound sale #outbound sale #identify phse #coversion funnel #identify phase #connect phase #explore phase #advise phase #email subject line #SMART goals #Ad Conversion #ROI #Google Ad #SERP #CTA #The North Face #Ahrefs #Pure Cycles #Airbnb #website design #CPC #paid search #organic search #Pay-per-click #content marketing #content creation #unique value proposition #eCommerce advertising #SEO strategy #instagram marketing #Instagram Best Practices #organic marketing #insta #Facebook Lead generation Ads #product videos #product page #social media branding #Bulk.ly #UX #Googlle #googlr #Web Development #Search Engine Optimization (SEO) #Web Design #"Web Development Web Design On-site SEO Newsletter Subscription Content Management Coupon Subscription" #website development #zencart to shopify migration #Shopify App Deployment #Ecommerce shopify store #magento to shopify migration #shopify store development #shopify store designing #Magento website #ERP integration #Web Designing

Ready to grow customer lifetime value?

Contact Us Today!