Update:
It appears the message is sporadic. Sometimes the WF file is flagged, sometimes it’s not.
Can you run some PageSpeed tests with some of your customers’ websites to see if you can reproduce the same?
Thank you!
Hi @generosus, thank-you for sending that info over.
The team have taken a look and it seems the site is caching this request when it shouldn’t be. The wordfence_lh calls might be configurable to ignore from your site’s caching settings.
In this example, PageSpeed thinks wordfence_lh is retrieving a resource that should be cached, which is incorrect.
Thanks,
Peter.
Thanks, Peter. Great info.
Solution:
Following our previous message, we immediately performed the following:
- Speed Optimizer Plugin: We added the following URL to be excluded from caching: /?wordfence*
- Cloudflare: We created a new Cache Rule as noted here.
The above solved our issue. Hopefully, this will help others.
Cheers 🙂
Update:
Well, the issue is back. The above solution is not working. Yes, all checks performed.
Perhaps Team Wordfence can contact Team PageSpeed (via GitHub) to ensure they add an exclusion for the above file path.
Thank you!
Update:
Issue fixed. Again, we used the solution posted above except we changed the Cloudflare rule operator from “equals” to “contains“, cleared cached, then waited 1 hour for the change to propagate to the edge.
Cheers 🙂
Minor Correction:
These are the Cache Rules we used. Cloudflare’s Cache Rules engine no longer accepts Wild Cards (*).
Cheers 🙂
Optional Solution: (Best)
Add the following rule to your .htaccess file, then flush all cache:
<If "%{THE_REQUEST} =~ m#/?wordfence_lh=1&hid=#">
<IfModule mod_headers.c>
Header set Cache-Control "private"
</IfModule>
</If>
Cheers 🙂
