fix(shared-ols): never cache logged-in pages (disable tier private cache) #20

Merged
jknapp merged 1 commits from fix/shared-ols-no-logged-in-cache into trunk 2026-06-27 04:04:49 +00:00
+13 -6
View File
@@ -23,13 +23,20 @@ useIpInProxyHeader 1
## LSCache enabled at MODULE scope for the whole tier (dedicated cache volume, ## LSCache enabled at MODULE scope for the whole tier (dedicated cache volume,
## ephemeral across rebuilds; OLS auto-keys a per-vhost subdir under storagePath). ## ephemeral across rebuilds; OLS auto-keys a per-vhost subdir under storagePath).
## enableCache/enablePrivateCache ON here means the cache module is ACTIVE, but a ## PUBLIC (anonymous) caching ONLY: enableCache 1 + checkPublicCache 1 let OLS
## response is only cached if it's marked cacheable — the LiteSpeed Cache WP ## serve cacheable, non-logged-in responses marked by the LiteSpeed Cache WP
## plugin sets X-LiteSpeed-Cache-Control headers, and checkPublic/PrivateCache + ## plugin's X-LiteSpeed-Cache-Control headers (ignoreRespCacheCtrl=0 honors them).
## ignoreRespCacheCtrl=0 make OLS honor them. No plugin → nothing cached (safe). ##
## PRIVATE caching is intentionally OFF (enablePrivateCache 0 + checkPrivateCache 0).
## Logged-in / cookie-bearing pages must NEVER be cached at the tier. We previously
## left enablePrivateCache=1 assuming "no plugin -> nothing cached," but that was
## WRONG: with private storage + reqCookieCache on, OLS privately cached logged-in
## responses regardless of plugin, serving stale wp-admin (e.g. a "failed update"
## nag that persisted for the full privateExpireInSeconds TTL). Keeping private
## cache off guarantees logged-in pages are always served fresh.
module cache { module cache {
storagePath ${LSCACHE_ROOT} storagePath ${LSCACHE_ROOT}
checkPrivateCache 1 checkPrivateCache 0
checkPublicCache 1 checkPublicCache 1
maxCacheObjSize 10000000 maxCacheObjSize 10000000
maxStaleAge 200 maxStaleAge 200
@@ -39,6 +46,6 @@ module cache {
ignoreReqCacheCtrl 0 ignoreReqCacheCtrl 0
ignoreRespCacheCtrl 0 ignoreRespCacheCtrl 0
enableCache 1 enableCache 1
enablePrivateCache 1 enablePrivateCache 0
} }
## ---- end shared-ols server append ---- ## ---- end shared-ols server append ----