Public and private cache

#1
Hello,

I have a wordpress installed and im using last version of openlitespeed on ubuntu.

My problem is that i want to cache everything public ( that i made ) but wp-admin i want to cache private because admin bar and login informations appear at other people. Is there something else i need to cache private beside wp-admin folder? the problem is that No Cache URL do not work also htaccess mod rewrite to make wp-admin private cache dont work...

this do not work: RewriteRule /wp-admin - [E=Cache-Control:private]

this is the configuration of cache
enableCache 1
qsCache 0
reqCookieCache 1
respCookieCache 1
ignoreReqCacheCtrl 0
ignoreRespCacheCtrl 0
expireInSeconds 900
maxStaleAge 900
enablePrivateCache 0
privateExpireInSeconds 900
storagePath cachedata

Also how i can set Access-Control-Allow-Origin: * because i cannot use fonts from another domain if i dont set this.
 
Last edited:

lsfoo

Administrator
#2
Hi le_florin,

First, it looks like you want a public cache enabled globally. For that, your configuration should work at the server level.

Second, if you want /wp-admin to have a different set-up, you should create a vhost for /wp-admin specifically. Then, in the vhost config, you can configure the cache module again.

For wp-admin, you will want to change the following options:

qsCache 1
enablePrivateCache 1

enablePrivateCache will then make wp-admin cache privately, based on IP. From what I am told, all requests to the wp-admin directory will contain query strings. For this reason, you should have qsCache enabled as well.

As for your second issue, if this is related to CORS, please try this. The CORS request will send an OPTIONS request first in order to determine if the request is permitted, then it will try to get your fonts.

Please let me know how it goes!
Kevin
 
#3
Thank you for support,

First problem: i want to cache public entire website, but cache private wp-admin because users not logged in receive cache from users logged in. I dont understand your method.

Second: I receive this error again: Font from origin 'https://www' has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://www' is therefore not allowed access. This is without code motification. Is there a method without need to modify the code..?
 

lsfoo

Administrator
#4
Hi le_florin,

I would like to apologize, as my first explanation was partially incorrect.

What version of OLS are you using? 1.3.x or 1.4.x?

When you configured the cache module, did you configure it for the vhost level as well?

In order for the cache to work, you have to have the cache module configured at multiple levels (these are according to the web admin):
Server Configuration -> modules -> add and configure cache. Since this is the server level configuration, this should use the configuration you pasted above.
Virtual Hosts -> your vhost name -> modules -> add and configure cache. This is a vhost level configuration, so it should use the same configuration as the server level.
After you set up the vhosts configuration, you can then set up a context for wp-admin to use a private cache.
Virtual Hosts -> your vhost name -> modules -> Context - cache -> add context. Here you set up /wp-admin with the specific parameters I listed above.

We will revisit the second issue after this issue is fixed, as it could complicate things.

Depending on the version of OLS you are using, I will do a demo with the correct web admin if the above is unclear.

Cheers,
Kevin
 
#5
1.4.x i only configured at server level. I cannot find context cache thing.

Update: found it, actions view module. URI: /$VH_ROOT/html/wp-admin but i get same cache on non logged user as logged user
 
Last edited:

lsfoo

Administrator
#6
Hi le_florin,

First, try it with the same URI, but append a '/', /$VH_ROOT/html/wp-admin/

If that doesn't work, try /wp-admin/

Also, not sure if you added it, but you also need to add the different parameters.
 

lsfoo

Administrator
#8
Did you add these to the module parameters for the context based settings?

qsCache 1
enablePrivateCache 1
 

lsfoo

Administrator
#10
OK, that shouldn't be happening. Could you enable the debug log and test it logged in, then not logged in, and send us the relevant log files? We may need both the server error log as well as the vhost error log if it is separate.

If you'd rather not upload it to the forum, you can email it to me at kfwu at litespeedtech dot com
 
#12
As i can read from log, there is public cache instead of private: 2016-01-04 18:14:16.794 [DEBUG] [ip:7209:HTTP2-3#www:lsapi] [Module-Cache]save to public cachestore, uri:www/wp-admin/tools.php
 
#15
I implemented the change in cpp code for CORS.

How this php code should sound, i mean what should i write to replace the ALLOWED ORIGIN, ALLOWED HEADERS.

if($_SERVER['HTTP_ORIGIN'] == "ALLOWED ORIGIN")
{
header('Access-Control-Allow-Headers: ALLOWED HEADERS');
header('Access-Control-Allow-Methods: POST, GET, OPTIONS');
header('Access-Control-Allow-Origin: ALLOWED ORIGIN');
}
 

lsfoo

Administrator
#16
My apologies if that post was a bit confusing.

Basically, in the server code, we do not handle OPTIONS request methods. Originally, if we receive an OPTIONS request, we will return a 405.

This will immediately disable CORS, so in the server code, you will need to edit the following patch:
Code:
diff --git src/http/httpreq.cpp src/http/httpreq.cpp
index ee69358..84d1dc8 100644
--- src/http/httpreq.cpp
+++ src/http/httpreq.cpp
@@ -526,8 +526,8 @@ int HttpReq::parseMethod(const char *pCur, const char *pBEnd)
         (m_method >= HttpMethod::HTTP_METHOD_END))
         return SC_505;
-    if (m_method == HttpMethod::HTTP_OPTIONS)
-        return SC_405;
+//     if (m_method == HttpMethod::HTTP_OPTIONS)
+//         return SC_405;
     pCur += HttpMethod::getLen(m_method);
     if ((*pCur != ' ') && (*pCur != '\t'))
That should allow OPTIONS requests to go through. Next, you need the request headers to actually be sent.

Adding this rewrite rule will redirect all requests with the OPTIONS http method to a file called options.php
Code:
RewriteCond %{REQUEST_METHOD} =OPTIONS
  RewriteRule    "^(.*)$"  "/options.php" [PT]
Lastly, you need to create an options.php file. That's where the if statement you pasted above goes.
Code:
<?php
  if($_SERVER['HTTP_ORIGIN'] == "ALLOWED ORIGIN")
  {
    header('Access-Control-Allow-Headers: ALLOWED HEADERS');
    header('Access-Control-Allow-Methods: POST, GET, OPTIONS');
    header('Access-Control-Allow-Origin: ALLOWED ORIGIN');
  }
?>
The ALLOWED ORIGINS parts is the origin URL you want to allow a CORS request from, so it should be a http://www.example.com sort of thing.
The ALLOWED HEADERS part should be any specific headers that you require for the request to complete.

This was the resource I used, you may find this helpful.
 
#17
This is the code in httpreq.cpp after modify
Code:
int HttpReq::parseMethod(const char *pCur, const char *pBEnd)
{

    if ((m_method = HttpMethod::parse2(pCur)) == 0)
        return SC_400;

    if (m_method == HttpMethod::HTTP_HEAD)
        m_iNoRespBody = 1;

    if ((m_method < HttpMethod::HTTP_OPTIONS) ||
        (m_method >= HttpMethod::HTTP_METHOD_END))
        return SC_505;

  //  if (m_method == HttpMethod::HTTP_OPTIONS)
  //      return SC_405;

    pCur += HttpMethod::getLen(m_method);
    if ((*pCur != ' ') && (*pCur != '\t'))
        return SC_400;
    return 0;
}
I used HEADERS:

DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

But did not work.

I even used simple php like that... It shows header if you access the php file... but not at server level.( rewrite rule applied )

<?php
header('Access-Control-Allow-Origin: *');
?>

log:

2016-01-04 20:34:50.256 [INFO] [ip:15887:HTTP2-3#www] [REWRITE] Rule: Match '/wp-content/themes/th/images/icons/font.ttf' with pattern '^(.*)$', result: 2
2016-01-04 20:34:50.256 [INFO] [ip:15887:HTTP2-3#www] [REWRITE] Cond: Compare 'GET' with pattern 'OPTIONS', result: -8

but same problem
 
Last edited:

lsfoo

Administrator
#18
I will send you an email, I would like to access the page you are trying to get working to see what the request looks like.
 
Top