With StackPath, it is possible to bypass cache based on a Cookie and/or Cookie and value.
When the cookie filter is matched, caching is disabled and the request will pass through the CDN to the origin as a no-cache no-store response.
Use Cases
E-Commerce sites:
E-Commerce sites are dynamic in nature and many pages are dynamically updated based on user actions, new products are being added, and prices change frequently which means the site will display differently based on if a user is signed into the site versus a guest. (for example, logged-in users have their account details displayed which we don’t want to cache).
Bypassing CDN cache for these types of pages will ensure users receive the most updated content. By using this feature, the CDN will not cache personal information or specific shopping cart details, etc.
Using the “Bypass Cache on Cookie” is a simple solution that does not require any development time. Most of these sites will have a specific cookie that can be used to create the relevant rules.
WordPress sites:
StackPath excludes the *wp-admin* URL from caching by default, but some sites use custom URL's (which can be anything from /admin to /abc123..).
Bypassing cache for these ensures the WordPress admin bar is only displayed for administrative users and not regular users.
Wordpress uses different cookies to identify admin logged in users such as:
- On login, WordPress uses the wordpress_[hash] cookie to store authentication details (limited to the /wp-admin/ area).
- After login, WordPress sets the wordpress_logged_in_[hash] cookie. This indicates when you’re logged in and who you are.
There are many other examples for the need to customize the caching behavior and bypass cache, using the “bypass cache on cookie” EdgeRule will reduce complexity and can be implemented and deployed in less than a minute.
Using EdgeRules to bypass cache on Cookie
- Navigate to Sites > CDN site > EdgeRules. Select Add Delivery Rule.
- Create the following rule:
IF Cookie Matches wp*=1
THEN Bypass Cache
The value can take the following form, multiple cookies can be separated by “,”
<name_pattern> - trigger if name found
Value |
Description |
Match Examples |
Non-Matching Examples |
* |
match if any cookies exist |
Cookie: foo=bar |
<no cookies at all> |
wp* |
match any cookies with a name starting with "wp" |
Cookie: wp-value=1; id=123 |
Cookie: foo=bar |
wp*,dv* |
match any cookies with a name starting with "wp" or "dv" |
Cookie: dv=1; id=123 Cookie: wp=1; id=123
|
Cookie: fake-wp-value=1; id=123 <no cookies at all> |
!<name_pattern> - trigger if name not found
Value |
Description |
Match Examples |
Non-Matching Examples |
!* |
match if no cookies exist |
<no cookies at all>
|
Cookie: foo=bar |
!wp* |
match when there is no cookie with a name starting with "wp"
|
Cookie: fake-wp-value=1; id=123 <no cookies at all> |
Cookie: type=foo; wp-value=123; id=123
|
!wp*,!dv* |
match when there are no cookies with a name starting with "wp" and "dv"
|
Cookie: fake-wp-value=1; id=123 <no cookies at all>
|
Cookie: wp-value=1; id=123 Cookie: dva=1; id=123
|
<name_pattern>=<value_pattern> - match only if name found AND value matches
Value |
Description |
Match Examples |
Non-Matching Examples |
wp=1
|
Match if the cookie name is wp and value is 1 |
Cookie: wp=1 |
Cookie: wp=2 Cookie: fake-wp=1 |
wp*=1
|
match any cookies with a name starting with "wp" and with a value of 1
|
Cookie: wp-value=1; id=123 Cookie: wp-any=1; id=123
|
Cookie: wp-value=2; id=123 Cookie: wp-any=text; id=123 <no cookies at all>
|
wp*=1,wp*=2
|
match any cookies with a name starting with "wp" and with a value of 1 or 2
|
Cookie: wp-value=2; id=123 Cookie: wp-other=1; id=123
|
Cookie: wp-value=3; id=123 <no cookies at all>
|
wp*=1,dv*=2
|
match any cookies with a name starting with "wp" with a value of 1 or cookies with a name starting with "dv" with value 2
|
Cookie: wp-value=2; id=123 Cookie: dva=1; id=123
|
Cookie: wp-value=3; id=123 <no cookies at all>
|
<name_pattern>!=<value_pattern> - match if name found AND value doesn't match
Value |
Description |
Match Examples |
Non-Matching Examples |
wp*!=1
|
match any cookies with a name starting with "wp" and with value not equal to 1 (must contain a cookie with a name starting with "wp" to match) |
Cookie: wp-value=123; id=123
|
Cookie: wp-value=1; id=123 Cookie: id=123 <no cookies at all>
|
wp*!=1,wp*!=2
|
match any cookies with a name starting with "wp" and with value not equal to 1 or 2 (must contain a cookie with a name starting with "wp" to match)
|
Cookie: wp-value=123; id=123
|
Cookie: wp-value=1; id=123 Cookie: id=123 <no cookies at all>
|
wp*!=1,dv*!=2
|
match when contains cookies with a name starting with "wp" and with value not 1 and cookies with name starting with "dv" and value not 2 (must contain cookies with name starting with "wp" and "dv" to match)
|
Cookie: wp-value=123; dv=other; id=123
|
Cookie: wp-value=3; id=123 Cookie: wp=3 <no cookies at all>
|
!<name_pattern>=<value_pattern> - match if name not found OR name found and value doesn't match
Value |
Description |
Match Examples |
Non-Matching Examples |
!wp*=1
|
match any cookies with a name starting with "wp" and with value not equal to 1
|
Cookie: wp-value=123; id=123 Cookie: id=123 <no cookies at all>
|
Cookie: wp-value=1; id=123
|
!wp*=1,!dv*=2
|
match when contains cookies with a name starting with "wp" do not have value 1 and cookies with a name starting with "dv" do not have value 2
|
Cookie: wp-value=123; id=123 Cookie: id=123 <no cookies at all> Cookie: wp-value=2; id=123 Cookie: dva=2; id=123
|
|
Bypass Cache via the API
To learn more about getting started with the StackPath API, check out our guides and interactive reference.
The same bypass-cache EdgeRules can be created via the API. Below is an example EdgeRule for a WordPress and Woocommerce site.
Create Custom EdgeRule on Scope
METHOD: POST
Endpoint: https://gateway.stackpath.com/cdn/v1/stacks/{stack_id}/sites/{site_id}/scopes/{scope_id}/rules
Request Body:
{
"name":"bypass wordpress cache",
"slug":"bypass-wordpress-cache",
"configuration": {
"bypassCache": [
{
"enabled":true,
"methodFilter":"*",
"pathFilter":"*",
"headerFilter":"*",
"cookieFilter":"wp-*,wordpress*,comment_*,woocommerce_*"
}
]
}
}
The purpose of the above rule is to bypass the cache when common WordPress cookies are present:
- wp-*: Matches all cookies which begin with "wp-", e.g. wp-settings
- wordpress*: Matches all cookies which begin with "wordpress", e.g. wordpress_logged_in
- comment_*: Matches all cookies which begin with "comment_", e.g. comment_author_email
- woocommerce_*: Matches all cookies which begin with "woocommerce", e.g. woocommerce_items_in_cart
Test EdgeRule
You can test this rule by running a curl/request against your site to test:
curl -ILk https://domain.com/path_to_static_file.css -A "Chrome"
curl -ILk https://domain.com/path_to_static_file.css -A "Chrome" -H "cookie:woocommerce_items_in_cart=1"
The first example curl should return an x-hw header ending in .c
, indicating that the asset was cached. You may need to run it a second time if the asset is not in cache for your first request.
The second example curl should return an x-hw header ending in .p
, indicating that the asset was proxied.
If any questions arise or any assistance can be further provided, feel free to drop us a line at hi@stackpath.com or open up a chat with our 24/7 live support, we'll be happy to help you out.