Allow SSL (secure HTTPS pages) to be cached

  • Resolved michaelnorth

    (@michaelnorth)


    9 years, 3 months ago

    Hi, I’ve read the docs, but still not clear on this setting.

    My entire site is running the HTTPS protocol. If I do NOT enable (select) “Allow SSL (secure HTTPS pages) to be cached”, does that mean that my entire will not be cached, and there will be no performance enhancement?

    If so, that’s not a good option for me, since the key reason I use Wordfence is for the Falcon caching.

    Conversely, if I do enable “Allow SSL (secure HTTPS pages) to be cached” to take advantage of Falcon caching, are you saying that a third-party could somehow see someone else’s previous shopping cart transaction? I’m not clear on what Falcon is caching. There’s nothing we’re trying to hide on the site itself . . . until someone enter’s their credit card info in the shopping cart.

    Please clarify how Wordfence works in these situations, and what is your best recommendation?

    https://www.ads-software.com/plugins/wordfence/

Viewing 5 replies - 1 through 5 (of 5 total)

  • Hi,

    Are you using WooCommerce for your shopping cart? It is compatible with Falcon and SSL. If not, let us know what you are using and we can look into it further.

    https://support.wordfence.com/support/solutions/articles/1000074182-is-wordfence-and-falcon-caching-engine-compatible-with-woocommerce

    Thanks!
    Brian

    Thread Starter michaelnorth

    (@michaelnorth)

    Hi Brian,

    We will be using WooCommerce on a different site soon, so it’s great to know it’s compatible with WordFence, but on this particular site, we’re using Give: https://givewp.com/

    Give is a plugin made specifically for donations, and seems to be very well crafted. It integrates with Authorize.net, Stipe, PayPal, etc. In our case, we’re using Give to help raise funds for a school.

    I’d hate to lose Falcon caching, so for now, I have enabled “Allow SSL (secure HTTPS pages) to be cached”.

    Update: just found your doc about caching. How can I implement wordfence::doNotCache() on any arbitrary WordPress page?

    Plugin Author WFMattR

    (@wfmattr)

    @michaelnorth:

    wordfence::doNotCache() can be used in theme templates, plugins, or other .php files, but if you just want to exclude certain pages, you can use “Cache Exclusions” on the Performance Setup page, on the Wordfence menu.

    Near the bottom of the Performance Setup page, just above the Cache Exclusions list, choose “URL Starts With” and enter the path to the page you don’t want to cache, such as “/donate/” in the text box, and click the “Add exclusion” button.

    You can add more than one exclusion if necessary, or change the type of matching like “URL contains”.

    If you also enable the option “Add hidden debugging data to the bottom of the HTML source of cached pages”, you can view the source of a page to see whether or not it is being cached. Make sure to test from a separate browser where you have not logged in to the site, since pages aren’t cached for logged-in users.

    Let us know if this helps, or if you have any other questions!

    -Matt R

    Thread Starter michaelnorth

    (@michaelnorth)

    Excluding pages using the native Cache Exclusions list worked perfectly. Thank you!

    Plugin Author WFMattR

    (@wfmattr)

    Great, thanks for confirming!

    -Matt R

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Allow SSL (secure HTTPS pages) to be cached’ is closed to new replies.

Tags