Cache password protected content

  • Hi there,

    Let me begin just saying thanks for a great plugin.

    That said, my problem is trying to cache a password protected website. I know caching pages once a user has logged in is not security-wise, but what I have set up is just a plugin (Ben Huson’s password-protected) protecting my entire WP frontend.

    At first, Wp Super Cache didn’t cache anything (although everything seemed to be correct, config, paths, I could see that it even tried to cache the index, there was a file ‘index.html’ inside the cache folder).

    I then disabled the password protection and super-cache worked nice and fine. But then I re-enabled password protection and users got the cached version without being asked for the password.

    To sum it up:
    -Supercache doesn’t cache password protected pages (with a plugin, I haven’t tried with WP core password protection, but it would be a nightmare to protect everything this way).
    -If I create a cached version without password protection, and later enable it, the cached version doesn’t ask for a password

    Any roundabout, or it’s just not possible to cache password protected sites?

    Thanks
    Juan F. Vicente

Viewing 2 replies - 1 through 2 (of 2 total)

  • From the plugin description: “This plugin generates static html files from your dynamic WordPress blog. After a html file is generated your webserver will serve that file instead of processing the comparatively heavier and more expensive WordPress PHP scripts.

    WordPress password protection is implemented in PHP, which is being completely bypassed when caching is enabled.

    There are ways around this, but nothing that I can think of that doesn’t require custom programming (e.g. using JavaScript to retrieve the protected content).

    Edit: If your intention is to completely hide the website behind a login, you can just use basic http authentication instead of the plugin. That should work with WP Super Cache.

    Many hosting companies lets you setup http authentication via their control panel, or you can do it yourself by editing the .htaccess file.

    • This reply was modified 7 years, 7 months ago by trisager.
    Thread Starter Juanfrito

    (@juanfrito)

    Hi, trisager:

    Thanks for answering, and for the hint about http authentication, though I was trying to avoid that.

    Juan F. Vicente

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Cache password protected content’ is closed to new replies.