Caching issue with WordPress APO

My website ( uses a custom shortcode in the sidebar to display either a login form or the name if the logged in user. Verifying that a user is logged in is done by checking a $_SESSION variable.

The issue is that when I turn on WordPress IPO, the login widget displays not the name of the person who is logged in, but (apparently) the name of the last person who accessed the page. In other words, the entire content of the page, including the user’s name, appears to be cached and is being served up to the next user.

This is a display (caching) issue. The person’s name that is appearing is Not actually logged in to the other person’s account, it just looks that way.

What can I do to avoid this?

I can set a Rule to not cache the Account home page, but this won’t help because the sidebar appears on all pages in the website.

Much thanks, Jeff

By default with APO, the cache is bypassed for logged-in users when certain cookies are set.

If you’re not using those cookies and/or need to bypass the cache based upon different cookies, you can use a page rule with Bypass Cache on Cookie. Using such a page rule, you could specify additional bypass cookies. However, this requires a Business or Enterprise plan though.

Thanks for the cookie info.
Unfortunately, because the user’s login name is displayed on all pages, I’d have to have a bypass on virtually every page, which defeats the purpose of the cache. I may have to consider a design change to the website to take advantage of APO.

Looking at the response headers for your site, you’re using PHP sessions (i.e. PHPSESSID). As WordPress core doesn’t use PHP sessions, I’d assume something you’re using (i.e. plugin, theme) is. But, this may be something that’s beyond the scope of this particular forum though, as it’s not inherently a Cloudflare issue.

Yes, I’m using PHP sessions to store login and other information. But I agree, that is not likely part of the Cloudflare issue.
Thanks again for your comments.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.