Table of Contents
- CrowdSec Bouncer PHP Library
- Full Page Cache
- Varnish
- Magento 2.2
- Why
crowdsec/magento-symfony-cache?
This extension is mainly based on the CrowdSec Bouncer PHP library. It is an open source library whose code you can find here.
In Magento 2, the full page cache is implemented via a plugin on the front controller (vendor/magento/module-page-cache/Model/App/FrontController/BuiltinPlugin.php::aroundDispatch).
As we want to check IPs before this FPC process, we use also an aroundDispatch plugin, and we adjust the sortOrder so that
the CrowdSec_Bouncer plugin is called before the FPC plugin:
- In
vendor/crowdsec/magento2-module-bouncer/etc/frontend/di.xmlwe change thesortOrderof the Magento FPC plugin. - In
vendor/crowdsec/magento2-module-bouncer/etc/di.xmlwe declare our plugin with a lowersortOrder.
Note that our plugin acts on every Magento areas while the FPC plugin is just active on the frontend area.
This extension works with a Varnish cached Magento 2 instance but, as the cached content of page are delivered by Varnish itself, we adopt the following strategy :
-
If the first visit of a non cached page comes from a bad IP, we display the captcha or ban wall, but we do not add this content to the cache. See
vendor/crowdsec/magento2-module-bouncer/Model/Bouncer.php::sendResponse. -
If the first visit of a non cached page comes from a clean IP, we let it pass, so Magento will cache the content as usual. As a result, if a bad IP user visits this page after the clean IP one, he will see the cached content.
As Magento 2.2 is not compatible with PHP 7.2 until 2.2.9 and has reached end of support in 2019, we did not try to make this extension compatible with it.
The Magento 2 CrowdSec_Bouncer module depends on the
CrowdSec PHP library crowdsec/bouncer that comes with
symfony/cache as dependency (v5 or v6).
With Magento 2.4.4 and 2.4.5, a fresh installation on PHP 8 will lock a 3.0.0 version of psr/cache.
And it will also install a v2.2.11 version of web-token/jwt-framework that locks a v4.4.45 version of
symfony/http-kernel.
As a v5 version of symfony/cache required ^1.0|^2.0 version of psr/cache, and a v6 version of
symfony/cache conflicts with symfony/http-kernel <5.4, it is impossible to require any version of the
symfony/cache package.
That's why we needed to create a fork of symfony/cache that we called crowdsec/magento-symfony-cache.
The v1 version of crowdsec/magento-symfony-cache only requires some specific 5.x.y version of symfony/cache
and is only available for PHP < 8.0.2.
For PHP >= 8.0.2, we provide a compatible v2 version of
crowdsec/magento-symfony-cache.
The v2 version replaces the specified 5.x.y version of symfony/cache : we use a copy of 5.x.y files and
allow psr/cache 3.0. We also copy some 6.0.z files to have compatible PHP 8 method signatures.
Since Magento 2.4.6, it is possible to install symfony/cache without this dependency hell. That's why we provide
an alternative v3 version that is just a mirror of symfony/cache. Whenever it is possible, composer will pick up this version and just use the original symfony/cache package.