htaccess caching code – Speed Boost Cache Code

Home Forums BulletProof Security Pro htaccess caching code – Speed Boost Cache Code

Tagged: , , , ,

Viewing 5 posts - 31 through 35 (of 35 total)
1 2 3
  • Author
    Posts
  • January 13, 2021 at 4:38 pm #39864
    Living Miracles
    Participant

    Hello,

    I’m working with an SEO consultant who is using Moz Pro to scan/crawl our websites. At first, our sites were blocking their crawlers (their user agents are called “rogerbot” and “dotbot”). However, I was never able to find anything showing up in the security log that could point to exactly what needed to be whitelisted.

    I did some experimentation in our .htaccess file and used this third-party tool (suggested by Moz Pro) for testing. Ultimately, I discovered that removing a small portion of the “Speed Boost Cache Code” seemed to resolve the issue (i.e., in the third-party tool, I would get a “200 OK” response vs. a “403 Forbidden” response).

    Essentially, the change I made was to remove private, no-cache, no-store, from this line:

    Header set Cache-Control "private, no-cache, no-store, proxy-revalidate, no-transform"

    So, it ended up looking like this:

    Header set Cache-Control "proxy-revalidate, no-transform"

    After confirming that this change worked, I reverted the code back (as well as tried various combinations of things) and was able to re-confirm that the change did seem to resolve the issue. However, this has left me with a few questions:

    1. Does this change (i.e., removing those few words from the line of code) make sense to you in terms of why it would solve this particular issue?
    2. Could there be any significant negative impact from this change that we should be aware of?
    3. Is there a better, more “standard” way that you would advise for handling the issue?

    Any advice is greatly appreciated.

    January 13, 2021 at 6:28 pm #39865
    AITpro Admin
    Keymaster

    This section of the BPS Speed Boost Cache Code below only affects these file types: .php, .cgi, .pl, .htm and .xml.
    Here is a help link to Cache-Control HTTP header directives > https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control
    Not sure what you tested or any other factors. So I can’t provide any sort of answers. In general this entire section of caching code is not critical. So modifying to get it to work is ok.

    <FilesMatch "\.(php|cgi|pl|htm|xml)$">
Header set Cache-Control "private, no-cache, no-store, proxy-revalidate, no-transform"
Header set Pragma "no-cache"
</FilesMatch>

    Here is a simpler explanation of what these directives do:
    https://stackoverflow.com/questions/4480304/how-to-set-http-headers-for-cache-control

    HTTP 1.1. Allowed values = PUBLIC | PRIVATE | NO-CACHE | NO-STORE.

    Public – may be cached in public shared caches.
    Private – may only be cached in private cache.
    No-Cache – may not be cached.
    No-Store – may be cached but not archived.

    The directive CACHE-CONTROL:NO-CACHE indicates cached information should not be used and instead requests should be forwarded to the origin server. This directive has the same semantics as the PRAGMA:NO-CACHE.

    Clients SHOULD include both PRAGMA: NO-CACHE and CACHE-CONTROL: NO-CACHE when a no-cache request is sent to a server not known to be HTTP/1.1 compliant. Also see EXPIRES.

    Note: It may be better to specify cache commands in HTTP than in META statements, where they can influence more than the browser, but proxies and other intermediaries that may cache information.

    May 23, 2023 at 10:45 pm #42822
    ibiza
    Participant

    Hi, we have this code implemented in all our websites since years ago, but WordPress keeps saying at Admin > Tools:

    “Page caching improves the speed and performance of your site by saving and serving static pages instead of calling a page each time a user visits it.

    Page caching is detected by looking for an active page caching plugin, as well as making three requests to the parent page and looking for one or more of the following HTTP client caching response headers:

    cache-control, expires, age, last-modified, etag, x-cache-enabled, x-cache-disabled, x-srcache-store-status, x-srcache-fetch-status.”

    Do you know why it keeps saying that, if we have that code included at BPS? And if is there any fix for this?

    Thank you!

    May 24, 2023 at 3:57 am #42823
    AITpro Admin
    Keymaster

    Page caching is different than Browser caching. Page caching plugins create a copy of your dynamic WordPress website pages and convert them into a static page.  Browser caching code is basically commands (directives) that tell your Browser to cache or not cache things.

    May 24, 2023 at 7:23 am #42824
    ibiza
    Participant

    Thank you for the information 🙂

  • Author
    Posts
Viewing 5 posts - 31 through 35 (of 35 total)
1 2 3
  • You must be logged in to reply to this topic.