httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From SpliFF <>
Subject [users@httpd] Need help with tricky mod_cache configuration
Date Mon, 02 May 2011 04:46:51 GMT
I'm trying to configure mod_cache in Apache 2.2.17 to act as a transparent cache for an application
server but I have
some special requirements whose overall purpose is to cache "public" access but bypass the
cache when users are logged
in. I'm setting a cookie "NOCACHE=on" when the user logs in and checking for that cookie in
Apache. For this to work
clients must always revalidate with the cache (to send the cookies).

My requirements are:

* Clients should always revalidate with the cache but NOT the application server unless a
special cookie is set.
* If a page is in the Apache cache the cache should send 304, not the whole page.
* If user shift-refreshes the browser always revalidate with the application server.
* I can't use alternate domains, ssl or special paths or query strings for logged-in users
because my application isn't
designed that way.

I'm been experimenting with different headers and cache options but so far I haven't found
a solution that satisfies all
the requirements. Generally when I get one thing to work another breaks eg:

* The HTTP spec solution of using vary: Set-Cookie won't work because the application sets
session cookies and you can't
pick one cookie out of the string.
* Using 'CacheIgnoreCacheControl on' allows the cache to work with no-cache headers but prevents
shift-refresh from
hitting the application server.
* Setting max-age=0 or no-cache in headers with  'CacheIgnoreCacheControl off' causes the
page to not cache in Apache at
* Setting no-store with 'CacheStoreNoStore On' is pretty close but since the client wont store
the page the cache is
sending the whole response body every time (not 304).

My vhost config:

    # Expiry and cache-control

    # Set expires header
    ExpiresActive On
    ExpiresDefault "access plus 1 days"
    #ExpiresByType text/html "now"

    # Check for NOCACHE cookie sent by logged-in users and bypass the cache
    SetEnvIf Cookie "NOCACHE" no-cache
    Header set Cache-Control "no-cache" env=no-cache

    # Force all requests to re-validate so cookies are sent even when the browser has cached
the page
    Header append Cache-Control "must-revalidate"

    # Don't cache cookie headers
    CacheIgnoreHeaders Set-Cookie

    # Enable disk cache
    CacheEnable disk /
    CacheDisable /images
    CacheDisable /styles
    CacheDisable /scripts
    CacheDisable /base
    CacheDisable /users
    CacheDisable /admin
    CacheRoot /var/cache/apache2

    # Various attempts to treat this cache differently to downstream caches
    #CacheStoreNoStore On
    #CacheIgnoreCacheControl on
    #CacheIgnoreNoLastMod On

    # Forward uncached requests to the application server
    RewriteEngine On
    RewriteCond %{REQUEST_FILENAME} !/[^/:]+\.[^/:]{2,5}$
    RewriteRule (.*) /index.cfm$1 [PT,L]

Final thing, the Apache docs seem to use CacheStoreNo*Store* and CacheStoreNo*Cache* interchangeably.
Is this an alias
or a typo? Which is correct?

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message