File based caching breaks password protected pages

  • Resolved Rick Bleakley

    (@rickblackdog)


    3 years ago

    I was able to resolve this issue by disabling file caching, but it appears enabling File Based Caching prevents users from being able to log in to protected pages. Upon entering the password the page reloads but still displays the password field.

Viewing 7 replies - 1 through 7 (of 7 total)
  • pinoooo

    (@pinoooo)

    I’ve been having the exact same problem for a few weeks now. Unfortunately, I haven’t had time to dig deeper into it yet. No major changes except turning on file based caching. Probably the same cause….

    Plugin Support Delyan Delov

    (@delyandelov)

    Hello @pinoooo and @rickblackdog,

    Thank you for bringing the case to our attention!

    I have managed to recreate the issue and it seems it only happens when the site is not properly configured to work through HTTPS.

    Could you please provide us with the exact URL you are having an issue with so we can investigate the case further?

    pinoooo

    (@pinoooo)

    Is it possible to send a PM? In some cases the password protected page will be accessible without a password. So I cannot post it in public.

    Plugin Support Dimitar Terziev

    (@dimitart)

    Hello,

    If you are Siteground customer, please open a ticket with us and provide your login details there.

    Otherwise, you can create and password protect a test page with simple login details (such as test/test) and provide us with a direct link to this page, so we can check it further.

    Best Regards,
    Dimitar Terziev

    Brandon Holcombe

    (@brandonhcreativemediacom)

    I was able to get a 100% workaround by excluding the URL from caching.

    Under Caching > Exclude URLs from Caching

    Of course, not ideal for cases of multiple protected pages.

    Correct, I got the same response from SG Support last March:

    The cause of the issue is that after authenticating on ABC.com/DEF, the website loads the page with the exact same URL and no ‘no-cache’ headers are passed. Thus, the page with the password prompt is simply served again, from the cache.

    In order to resolve the issue, we’ve excluded the URL from being cached by using the ‘Exclude URLs from Caching’ functionality of the SiteGround Optimizer plugin. You may need to flush your browser’s cache before testing the page on your end.

    Generally, pages that should not be cached are serving a ‘no-cache’ header, which our plugin honors and does not cache the page. Another part of the issue is that both the password-protection page and the content page it shows, are using the exact same URL, which is generally not a good practice. If you add such a header to the password-protected page, you can then enable the file-based caching for it, however, it will still not be cached due to the ‘no-cache’ header.

    Feel free to test out different password-protection plugins and features in order to find the one that best suits your needs.

    • This reply was modified 2 years, 9 months ago by pinoooo.

    I did not test it yet, but in new 7.1.3: ‘Improved Password Protected pages excluded from File-Based caching by default’

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘File based caching breaks password protected pages’ is closed to new replies.