There are a few extra steps that are needed to ensure Varnish can cache SSL traffic for WordPress. Here they are:
1. Your htaccess rules must not have forced https redirect like this. Do NOT do the following nor install a https redirection plugin:
RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
Do this instead:
RewriteEngine On RewriteCond %{HTTPS} !=on RewriteCond %{HTTP:X-Forwarded-Proto} !https RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
2. Must have non-https URL (http:) in siteurl and home options in table wp_options ( or $table_prefix . options if not default) <code bash> +————-+——————————–+ | option_name | option_value | +————-+——————————–+ | siteurl | http://www.my-website/awesome | | home | http://www.my-website/awesome | +————-+——————————–+ </code> 3. wp-config.php must have this line at the very top: <code php> if ($_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https'){ $_SERVER['HTTPS']='on'; } </code>