The admin console is accessible to anyone with local access to the server on a particular port (see /etc/sysconfig/varnish). You could follow these simple measures to further secure this access. Although the first measure is enough to prevent any unauthorized access:
- Protect access to the console with a secret
a) Create a file called secret and add in it a unique secret (just like a password string): /etc/varnish/secret
b) Save the file and open /etc/sysconfig/varnish and insert a flag to the 'DAEMON_OPTS="-a :80' string just like this (add only the text in bold leaving all as is):
DAEMON_OPTS="-a :80 -S /etc/varnish/secret -T...
c) Save and restart varnish: service varnish restart
- Change the local administratin port number
a) Open file /etc/sysconfig/varnish
b) Replace the number "6082" in te DAEMON_OPTS line with an unused random port number (pick one unused number - it doesn't matter)
c) Save then restart varnish: service varnish restart