Varnish is a web accelerator. Its mission is to sit in front of a web server an cache the content. It makes your web site go fast.
In this mode, Varnish will stop incomplete HTTP requests from reaching your Apache webserver.

Installing Varnish:

Varnish is distributed in the Debian package repositories, but the version there might be out of date, and  generally recommend using the packages provided by varnish-cache.org or packages from backports.debian.org.

To use the varnish-cache.org repository and install varnish, do the following:

• curl http://repo.varnish-cache.org/debian/GPG-key.txt | apt-key add -
• echo "deb http://repo.varnish-cache.org/debian/ $(lsb_release -s -c) varnish-2.1" >> /etc/apt/sources.list.d/varnish.list
• apt-get update
• apt-get install varnish

Change Varnish settings:

1. First change the default port.  Edit /etc/default/varnish:

vim /etc/default/varnish.

Find the uncommented line starting with “DAEMON_OPTS” and change *:6081 to *:80 so it will listen on the default HTTP port.

2. Rename default.vcl to something else, like  “debian-tutorials.vcl”.

3. Edit the file and paste the  following content:

## Redirect requests to Apache, running on port 8000 on localhost
backend apache {
        .host = "127.0.0.1";
        .port = "8000";
}
## Fetch
sub vcl_fetch {
		## Remove the X-Forwarded-For header if it exists.
        remove req.http.X-Forwarded-For;

		## insert the client IP address as X-Forwarded-For.
               ##This is the normal IP address of the user.
        set    req.http.X-Forwarded-For = req.http.rlnclientipaddr;
		## Added security, the "w00tw00t" attacks are pretty annoying so
                ##lets block it before it reaches our webserver
        if (req.url ~ "^/w00tw00t") {
                error 403 "Not permitted";
        }
		## Deliver the content
        return(deliver);
}

## Deliver
sub vcl_deliver {
		## We'll be hiding some headers added by Varnish.
                ##We want to make sure people are not seeing we're using Varnish.
               ## Since we're not caching (yet), why bother telling people we use it?
        remove resp.http.X-Varnish;
        remove resp.http.Via;
        remove resp.http.Age;

		## We'd like to hide the X-Powered-By headers.
               ##Nobody has to know we can run PHP and have version xyz of it.
        remove resp.http.X-Powered-By;
}

Change Apache settings:

1.Change the apache2 default port to listen on localhost:

vim /etc/apache2/ports.conf

and change the 80 port with 8000. You will have to edit your vhosts as well. 2. Install Apache module to make sure the IP address of the user ends up correct. Since Varnish is basically talking with Apache2, you would see 127.0.0.1 as visitor IP.

apt-get install libapache2-mod-rpaf

rpaf is for backend Apache servers what mod_proxy_add_forward is for frontend Apache servers. It does exactly the opposite of mod_proxy_add_forward written by Ask Bjorn Hansen.

Restart daemons:

/etc/init.d/apache2 restart

/etc/init.d/varnish restart

Tutorial adapted from howtofrge.com.