Cache-Control

  • Resolved newwper3

    (@newwper3)


    6 years, 3 months ago

    Hi,

    Does ninjafirewall affect cache-control?
    Because my caching rules in htaccess doesn’t work

Viewing 8 replies - 1 through 8 (of 8 total)
  • Plugin Author nintechnet

    (@nintechnet)

    Hi,

    Normally, it doesn’t because your .htaccess is processed before PHP (and NinjaFirewall).
    Can you post your rules here, and also give more details about how did you notice they don’t work.

    Thread Starter newwper3

    (@newwper3)

    Hi,

    ## EXPIRES CACHING ##
    <IfModule mod_expires.c>
    ExpiresActive on
    ExpiresDefault “access plus 1 day”
    ExpiresByType image/jpg “access plus 1 month”
    ExpiresByType image/jpeg “access plus 1 month”
    ExpiresByType image/gif “access plus 1 month”
    ExpiresByType image/png “access plus 1 month”
    ExpiresByType text/css “access plus 7 days”
    ExpiresByType application/pdf “access plus 7 days”
    ExpiresByType text/javascript “access plus 7 days”
    ExpiresByType application/x-shockwave-flash “access plus 7 days”
    ExpiresByType image/x-icon “access plus 1 month”
    ExpiresByType x-font/woff “access plus 1 month”
    </IfModule>
    ## EXPIRES HEADER CACHING ##

    Thread Starter newwper3

    (@newwper3)

    Hi,
    For example, I’m using Breeze as my cache plugin

    Before I install Ninjafirewall the website showing IMG1

    But after installing Ninjafirewall the Browser Cache does’t work anymore
    IMG2

    Plugin Author nintechnet

    (@nintechnet)

    Upgrade to the new NinjaFirewall version 3.6.7 which was released today and try your test again. There was a small issue in the 3.6.6 which may be the reason why you get those results.

    Thread Starter newwper3

    (@newwper3)

    Hi,

    The problem still exists ??

    Is Ninjafirewall does’t work with HTTP / HTML cache?

    Plugin Author nintechnet

    (@nintechnet)

    It works for me. This is what I get with and without NF when I use your rules:

    $ curl -I https://192.168.43.101/
HTTP/1.1 200 OK
Date: Thu, 02 Aug 2018 17:56:55 GMT
Server: Apache/2.4.25 (Debian)
Link: <https://192.168.43.101/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=2592000
Expires: Sat, 01 Sep 2018 17:56:55 GMT
Content-Type: text/html; charset=UTF-8

    Make sure to use a command line tool like curl or, if you test from a browser, either delete your cookies or restart your browser because as a WordPress admin, you still have a PHP session cookie (which was used when your were logged in) and that will fail the test.

    Thread Starter newwper3

    (@newwper3)

    I see.

    One more question.
    Is it possible to disable PHP session cookie, because if using Cloudflare cache everything rule, Cloudflare will cache login users pages and login cookies.

    Plugin Author nintechnet

    (@nintechnet)

    It is not possible to disable it because it is used to whitelist the admin as well as the access to the login page. But Cloudflare should not cache your admin dashboard, the login page and cookies, because that would be a security risk.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Cache-Control’ is closed to new replies.