cache enabler not support short link? *HSTS

Cache Enabler doesn’t remove any response headers, including any HSTS header (e.g. Strict-Transport-Security response header).

To fix the issue you’re experiencing just make sure any desired HSTS header is being set by your server itself and not a plugin because if it’s being done through a plugin it may be occurring after the advanced-cache.php drop-in, which means it would not be set as once a page is delivered nothing occurs afterwards.

I did it with nginx:
https://ibb.co/hWjBnJQ

is like cache enabler past over nginx… maybe i need nginx will pass PHP?
Like cache enabler?

Another speculation, i think can cause the issue is a dynamic cache with nginx, this is the file:
https://github.com/engintron/engintron/blob/master/nginx/proxy_params_dynamic

you can look on that is not long, maybe you see what i need to bypass for cache
enabler. ( everything is built-in, only needs to add the path, you be able to see it in a sec )

this how is look at the c-panel:
https://ibb.co/n3fSzHD

This is very wired he gets the header HSTS responds but not show the link when the caching enabler active.
again, when cache enabler active i get the respond of HSTS but i did not get the
short link. ( is can cause an SEO issue with google search console )

google not see a link because the cache enabler does not show the short link.
the crawler doesn’t know really the URL of the website.

This is the short link ( the website now without cache enabler:
https://ibb.co/VDxFzRT

maybe by passing the Jason. file with cache enabler?

Hope you can help me, i very much want to use the cache enabler i think is an amazing plugin with autoptimize.

don’t want to give up on cache enabler, but HSTS is important.
i must make a cache enabler get the short link and work with nginx perfectly.

• This reply was modified 4 years, 3 months ago by Nadav Levi.
• This reply was modified 4 years, 3 months ago by Nadav Levi.

@coreyk
i look here:
https://www.ads-software.com/support/topic/warning-no-domain-bizp45-link-support/

this before 3 years but i see someone complained the plugin maybe not support short link?
he has the same problem i have but with another type of short link (JSON)

you sure the plugin compile get the short link of the HSTS?
Again i did it with Nginx and i detailed everything in my last message if you can look.

Please help me ??

The HTTP Strict Transport Security (HSTS) response header, Strict-Transport-Security, is not the same as the Link response header shown in the screenshot you’ve provided. These are completely different response headers that are unrelated. Please review these response headers in great detail to get an understanding on what they mean and how they differ.

The review you’ve referenced is not related to what you’re discussing as that is referring to linking to a post with the applicable shortlink (e.g. https://www.example.com/?p=158 redirects to https://www.example.com/some-post/). This is now supported so that review is no longer applicable to the current version of Cache Enabler:

curl -s -D - -o /dev/null https://www.example.com/?p=158
HTTP/2 301
server: nginx/1.17.10
date: Thu, 24 Dec 2020 17:12:42 GMT
content-type: text/html; charset=UTF-8
location: https://www.example.com/some-post/
x-powered-by: PHP/7.4.8
x-pingback: https://www.example.com/xmlrpc.php
x-redirect-by: WordPress

curl -s -D - -o /dev/null https://www.example.com/some-post/
HTTP/2 200
server: nginx/1.17.10
date: Thu, 24 Dec 2020 17:13:23 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.8
x-cache-handler: cache-enabler-engine

Yes, the Link response header value may contain a shortlink, but that is not what that referenced review was discussing. When that review was written I believe the shortlink wouldn’t redirect, but am uncertain as I’m not going to replicate the issue for the sake of this reply as it’s not applicable.

I may have misunderstood what you were referring to in your first response due to the lack of clarity and misused terms, however, my same response still applies. We don’t modify any response headers other than currently adding the X-Cache-Handler response header. That means if a plugin, or even the WordPress core itself, adds any response headers after the advanced-cache.php drop-in they won’t be added as once a cached page is delivered the response is completed. As far as I’m aware WordPress would set any Link response headers, like what you’ve underlined, in the send_headers hook. This comes much later than when Cache Enabler delivers the cached page, so yes the Link response header(s) set by WordPress won’t be on the cached page delivered by Cache Enabler. (If the advanced configuration is implemented WordPress itself is completely bypassed.) We have no plans to deliver a cached page later because we purposely do it as early as we are able because it dramatically increases the speed of a cached page being delivered.

What you’ve underlined in your screenshot is simply for WordPress REST API discovery. Again, this is not related to HSTS. This is a value set by WordPress in the Link response header (wp-includes/rest-api.php). As far as I’m aware, it’s not necessary unless you have a client that needs to discover this through the response headers. (This is also set in the HTML itself if a client parses the HTML instead.) As for the Link response header values that come afterwards those serve no purpose other than providing a shorter link to redirect to the actual post. That means in most cases the default Link response header(s) set by WordPress are not required, which is why you’re the first that I know of that has brought this topic up.

All of the above still means that for any desired response header to be set on a cached page being delivered by Cache Enabler can be set in your server configuration file. This is in your complete control.

I did the advanced configuration:
https://www.keycdn.com/support/wordpress-cache-enabler-plugin#advanced-configuration

is didn’t help…
try putting it inside the backend intense inside nginx, is not working.

and this is very related to HSTS this is his API secure short link, from HSTS Respond.
WHEN YOU REMOVE HSTS HEADER the secure short link is gone as well, and the link comeback be normal (https://locksmithunit.com)

the link i show you is HSTS is a security short link that comes from the HSTS header…
when i remove the header you did not get the short link… (you get a regular link)

the short link is a kind of security measure from the HSTS.
( “mod_secure” do it short link as well, but don’t worry, we not work with “mod_secure” i work with Wordfence inside WordPress himself, is more efficient.)

as you said the plugin chooses the cache without the short link.
Google crawler must read some links.

With your cache plugin don’t have the link at all…
is can cause SEO issues.

you must compile the plugin for dynamic cache with nginx and HSTS short link.

really i surprise you tell me HSTS doesn’t provide a secure short link…
you need to check it more i sure you will understand you wrong.

i remove the cache enabler for now until will be an answer and a solution for the short link. thank you for your time i appreciate that.

hope you will fix it, you have an amazing plugin, only need improve support
of another new stuff like HSTS short link ( part from the response)
and web images.

hope for fixes in the future, thank you again,

Regards,
Nadav Levi Yahel
Locksmith Unit