Page cache and SSL

  • PSASweb

    (@psasweb)


    9 years, 8 months ago

    My site is accessible via both http and https.

    If I enable Page Cache, the external script and link elements all point to either http or https regardless of whether the user is accessing the site using SSL.

    It appears that the links inside the HTML document are processed and cached based on the first request, e.g. if the first request is http://mydomain.com, the links inside the document will be http, if the first request is https://mydomain.com, the links will be https. Thus, when the document is retrieved from the disk cache, it will have the links based on what the protocol used by the first cache-generating request.

    The behavior is the same whether I used Disk or Disk Enhanced. Looking at the appropriate block in .htaccess, it seems like W3TC should generate different copies for SSL pages, but it doesn’t.

    Is there a workaround?

    https://wordpress.org/plugins/w3-total-cache/

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter PSASweb

    (@psasweb)

    9 years, 8 months ago

    OK, I see how it works. You’ve disabled w3_is_https() in inc/define.php.

    Weighing the probability of your implementing a proper MTM check vs. the number of people who are running sites with self-signed, expired, or otherwise compromised certs, wouldn’t it make sense to put the old logic back in and maybe put a warning in the config pages about how it doesn’t prevent MTM attacks?

    dariusirani

    (@dariusirani)

    9 years, 8 months ago

    PSASweb,

    I’m having an issue where if someone clicks into an https area (i.e checkout or “my account”) and then clicks on a homepage link then the CSS doesn’t format the page correctly. The theme tech support said it’s because of a plugin that’s cashing the page so the CSS doesn’t work. How would I fix that?

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Page cache and SSL’ is closed to new replies.