Hello @edizionicurci
Thank you for reaching out and I am happy to help!
The general rule is that you should not cache the pages for logged-in users, simply because of the reason you mentioned. Once cached, the pages will show for the next visitor as cached. This may lead to the sharing of some sensitive information.
You cannot have separate cached pages from logged-in users and non-logged-in users. And even if that is available, you should have a separate cache based on the user to avoid sharing some sensitive/account details. This means, more caching, and more server resource consumption. Not to mention that the separate user caching would have to be based on the data that the user provides, and we cannot collect this data due to the GDPR rules.
However, W3 Total Cache is an advanced plugin for a reason, and you can achieve what you need, but this means some specific configuration.
As a guideline, you should disable caching for logged-in users and only allow caching for subscribers/customers (If this is the user role). Next, Browser Caching is a big NO in this case, so you should modify the Browser Cache for the HTML and set the expires headers to not cache and no-store. This will also impact non-logged-in users.
And of course, any pages with sensitive information like checkout, cart, or account should be excluded from the cache.
The login/logout is also something that should remain dynamic, so this depends on the plugin you are using for this. and you can use Page Fragment Caching, and wrap the PHP code for the login/logout with the mfunc to exclude that part of the page from being cached. Alternatively, you may use AJAX call for login/logout.
I hope I explained this and let me know if you have any other questions.
Thanks!
Hi Marko,
Thanks for your prompt reply.
We disabled the cached for logged-in users (first parameter) and enabled it for the subscribers (second parameter). It works now, even with browser cache enabled, but with “Set expires headers” disabled for all the sections of the “Browser cache” options.
This produces a slight slow down for every user. Please advise if there is a way to recoup this gap. It otherwise works well.
Many thanks,
Samuele Pellizzari
Edizioni Curci S.r.l.
Hello @edizionicurci
Thank you for your feedback.
You should keep Set expires headers” enabled for the HTML section in the Performance>Browser Cache to avoid problems with the logged-in cache in the user’s browsers.
As I’ve mentioned in the previous post, this comes with a slight cost and not complete caching.
I hope this helps!
Thanks!
Hi Marko,
It works with your option enabled in the HTML section.
Thanks a lot!
Hey @edizionicurci
You are most welcome!
We would really appreciate it if you could take a minute and post a review here. This will help us to continue offering a top-notch product to users.
Thanks!
