wp-rocket
wp-rocket copied to clipboard
wp-media
Cache recreated on each page load
When the site is using HTTPS but $_SERVER array values are wrongly set to HTTP and port 80 (it can happen with Cloudflare flexible SSL for example), the cache is recreated on each page load.
It happens because $cache_filepath points to the index.html file instead of index-https.html:
https://github.com/wp-media/wp-rocket/blob/281eb493f44e873a9685f379cec701e8ebcf3532/inc/classes/Buffer/class-cache.php#L93
When it's related to Cloudflare (haven't seen it happening on other proxies), setting values of the array in wp-config.php file resolves the problem:
if ( isset( $_SERVER["HTTP_X_FORWARDED_PROTO"] ) && $_SERVER["HTTP_X_FORWARDED_PROTO"] == "https" ) { $_SERVER["HTTPS"] = "on"; }
Steps to reproduce:
- On shared hosting environment create a site which uses HTTP
- Make sure that HTTPS (private_html directory) version is symlinked to the public_html directory. Then the HTTPS version will be pointing to the HTTP one
- Visit the not secured version of the page. or
- Add a certificate that will secure the route from browser to proxy, but not from proxy to the server (just like Cloudflare Flexible SSL) and visit the page.
- The cache should be created, refresh the page and confirm that the file was recreated.
Related tickets: https://secure.helpscout.net/conversation/1005343810/131288/ https://secure.helpscout.net/conversation/1019496418/134235?folderId=1213662
Another case, fixed with the wp-config modification above https://secure.helpscout.net/conversation/1046050894/139175?folderId=377611
@piotrbak If you remember, could you please add the Steps to reproduce section?
@GeekPress For Cloudflare it was resolved in our add on, I believe: https://github.com/wp-media/wp-rocket/blob/e40b824350a165cf52f2285a681d5b6796ed5555/inc/common/cloudflare-flexible-ssl.php#L107
From the dev team, it still needs to be fixed: https://wp-media.slack.com/archives/GUT7FLHF1/p1591822316013300?thread_ts=1591821922.012200&cid=GUT7FLHF1
When the initial cache file is created, is it using the index.html name, or the index-https.html name?
I'm failing to see how it can happen, all the methods reading and writing use the same method get_cache_path() to get the full path to the cache file, so they should all use the same value.
Another case (fixed per above): https://secure.helpscout.net/conversation/1221685493/179588/
https://secure.helpscout.net/conversation/1310206323/202680?folderId=2135277#thread-3783962460
@webtrainingwheels
Thank you for reporting this. 👆
In this case, HTTP_X_FORWARDED_PROTO was http despite them having https.
The issue was resolved by adding the following in the wp-config.php:
$_SERVER['HTTPS'] = 'on';
@Tabrisrp
When the initial cache file is created, is it using the index.html name, or the index-https.html name?
The initial file is index-https.html, but we are looking for index.html.
@arunbasillal This all seems to come from a misconfiguration on the server side, WP Rocket is behaving as expected based on the configuration provided.
I don't think we can do anything to fix this automatically, the issue is happening even before the plugin starts to do its work.
@Tabrisrp Thanks for your feedback.
Thinking out loud. Why do we need to add -https to the filename? Wouldn't the HTTP and HTTPS versions be the same in most (or all) cases? I am thinking a rework here could be tricky and risky, but in turn would avoid this problem. Band-aid of course.
Related: https://secure.helpscout.net/conversation/1428638992/240291/
Related: https://secure.helpscout.net/conversation/1674678557/303724/
new case https://secure.helpscout.net/conversation/1942637809/354472/
