This plugin SAVED me hours of work!

  • TMS

    (@themysticalsock)


    3 years, 10 months ago

    When using LiteSpeed’s own cache, it was caching results regardless of JWT Authentication. This was a security problem, because when using LiteSpeed’s API Cache, if a post (or CPT) was authenticated, then that Authentication was removed, the API request still returned data.

    I would have to flush the cache to make the data safe again. Obviously this is a huge issue for sensitive data.

    I started looking around for code that would create a custom REST Authentication plugin, that slowed everything down, and didn’t work, even after hours of research and trial & error.

    By disabling LiteSpeed’s API Cache and using this plugin I was able to ensure only Authenticated requests are processed, whilst still getting a great cache speed, it reduced my speed (for a single post request) from about 150ms to 50ms!

    In the settings I changed: Global cacheable request headers to
    Authentication,Authorization

    Overall, a great replacement for LiteSpeed’s own Cache, so far.

  • The topic ‘This plugin SAVED me hours of work!’ is closed to new replies.