Plugin Contributor
iSaumya
(@isaumya)
Hi @alx359,
WP nonces are used to provide a unique signature to ajax requests. So far we haven’t faced any issues with WP nonces whatsoever in all the sites we personally use across along with client sites. As the nonce access are mostly gets used in the WP Admin site which is not cached in any way.
Moreover once a page gets cached in Cloudflare CDN if it is a popular page, CF will cache it for 1 year unless you purge it so in that case fallback cache is not being used.
I would suggest you first use and see if you face any issue rather than just seeing what others are doing and compare it with our plugin. If you want you can always change the fallback cache TTL to whatever you want.
Thread Starter
alx359
(@alx359)
Thanks, your own real-world observations is what I was more interested in. The reference to other plugins was to show that nonces seem a bigger issue for some but not for others. Nonces can also used in forms in the frontend (e.g. Master Popups plugin does that by default), but I’ve switched that option off as a precaution.
Plugin Contributor
iSaumya
(@isaumya)
Hi @alx359,
Though I’ve personally haven’t used “Master Popups” but if any website which uses such a system can easily add 10 hours of TTL into the system. Again the default settings are what works for 99% of people’s website without any issue. But that doesn’t mean if you have some special situation in place, you don’t have to change the settings.
I would recommend you to try and test first to see what’s happening in reality in your website first. 🙂
