[Plugin: W3 Total Cache] HTTPS served same cache at HTTP

  • buncle

    (@buncle)


    13 years, 11 months ago

    I have set up W3TC and it has worked fantastically well at optimising my site, and I haven’t even finished minifying everything yet… However I have run into a pretty major problem.

    My e-commerce site now uses an SSL certificate, and I have the entire site working via https (i.e. when visiting via https, all links/content use https://), however when I enable W3TC pages cached via http will be served to subsequent visits via https, and vice versa.

    Is there any way around this? I suppose caching to two separate files sounds like the obvious solution. (I’m a competent coder, so I have no problem making changes to the php)

Viewing 7 replies - 1 through 7 (of 7 total)
  • Thread Starter buncle

    (@buncle)

    13 years, 11 months ago

    Just a quick update (for anyone with the same issue)…

    I would still like to find a solution to this, however to work around it for the time being, I am forcing all visitors to use https by using a mod_rewrite at the top of the .htaccess file (after ‘RewriteEngine on’), thusly:

    # BEGIN Enforce HTTPS
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# END Enforce HTTPS

    It isn’t a solution by any means, however it at least prevents users from being served an incorrect cache file (i.e. everyone caches/receives an https page).

    If anyone *does* know of a proper solution, please let me know.

    Frederick Townes

    (@fredericktownes)

    13 years, 11 months ago

    W3TC checks to see if a request has originated on port 443 or with protocol https. If yes, then any pages or minified files are returned using https. But if your pages contain other objects that are not handled by CDN functionality of W3TC or are otherwise not specified to use HTTPS you will have security warnings in most browsers.

    Thread Starter buncle

    (@buncle)

    13 years, 11 months ago

    Sorry, i think I need to clarify a little more…

    They do appear to be returned using https (i.e. they are not causing security warnings), however it is their content that is the same as the http pages.

    E.g.
    1. Clear cache
    2. Visit/cache page via http. (Notice that links/images use http:// urls)
    3. Visit page via https
    4. Notice that the page links/images use http:// urls instead of https:// (i.e. it has been served the same content as the cached http page)

    Does this make more sense?

    Thread Starter buncle

    (@buncle)

    13 years, 11 months ago

    Also, just to add, the reverse is also true. If I cache the page by visiting via https://, then visit the cached page using http all links/images are https:// urls (because it was cached via https).

    Frederick Townes

    (@fredericktownes)

    13 years, 11 months ago

    Improved handling of this case is in the next release.

    Thread Starter buncle

    (@buncle)

    13 years, 11 months ago

    Excellent, thanks.

    Can I also make a feature request…?

    Would it be possible to have different CDN settings for http and https? Since Amazon S3 supports https, but Cloudfront does not I’m having to use S3 for everything currently.

    That said, on reflection, this isn’t really W3TC’s fault… it is AWS’s. Why didn’t they provide https support from the beginning??

    Frederick Townes

    (@fredericktownes)

    13 years, 11 months ago

    Hmm, I’ll make a note of this. The implications are pretty vast.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘[Plugin: W3 Total Cache] HTTPS served same cache at HTTP’ is closed to new replies.