Varnish with Basic auth returns 401

The problem you're facing is that your backend also requires Basic Authentication. When your health check probe is polling the backend, it returns a HTTP/1.1 401 Unauthorized because you didn't provide the authorization header.

We can fix this by sending a custom request header in your backend probe.

Here's the VCL code:

backend default {
    .host = "127.0.0.1";
    .port = "8080";
    .first_byte_timeout = 600s;
    .probe = {
        .request =
            "HEAD /health_check.php HTTP/1.1"
            "Authorization: Basic ZGV2OmRldg="
            "Host: localhost"
            "Connection: close"
            "User-Agent: Varnish Health Probe";
        .timeout = 2s;
        .interval = 5s;
        .window = 10;
        .threshold = 5;
   }
}

As you can see, we're sending the following HTTP request to your backend:

HEAD /health_check.php HTTP/1.1
Authorization: Basic ZGV2OmRldg=
Host: localhost
Connection: close
User-Agent: Varnish Health Probe

We're performing a HEAD call rather than a GET, because we don't care about the payload, we only care about the status code.

I'm also assuming Basic ZGV2OmRldg= is the right authorization value that is required by your backend.

The final assumption I'm making is that your backend will successfully respond to a request that has the Host: localhost header.

See https://www.varnish-software.com/developers/tutorials/vcl-backend-probe-basic-authentication/ for a tutorial that matches your use case.