Cloudflare wordpress plugin cookie issue

When there is a wordpress_test_cookie set (default wordpress behavior) the cache is always bypassed. Which means that most of the pages are not being cached.

How to reproduce (with cookie):

curl 'https://maxroll.gg/' \

-H ‘authority: maxroll.gg’
-H ‘cache-control: max-age=0’
-H ‘dnt: 1’
-H ‘upgrade-insecure-requests: 1’
-H ‘user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36’
-H ‘accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9’
-H ‘sec-fetch-site: none’
-H ‘sec-fetch-mode: navigate’
-H ‘sec-fetch-user: ?1’
-H ‘sec-fetch-dest: document’
-H ‘accept-language: en-US,en;q=0.9’
-H ‘cookie: __cfduid=de5e64e12c67e377a42a50d3b61e7231f1614980043; borlabs-cookie=%7B%22consents%22%3A%7B%22essential%22%3A%5B%22borlabs-cookie%22%2C%22__cfduid%22%5D%2C%22statistics%22%3A%5B%22google-analytics%22%5D%7D%2C%22domainPath%22%3A%22maxroll.gg%2F%22%2C%22expires%22%3A%22Sat%2C%2005%20Mar%202022%2021%3A34%3A07%20GMT%22%2C%22uid%22%3A%228mbmmbhm-g2ki171u-tl1gy67s-ljeczbh4%22%2C%22version%22%3A%221%22%7D; wordpress_test_cookie=WP%20Cookie%20check; _ga=GA1.2.900591571.1614980051; _gid=GA1.2.1206455078.1614980051; _gat_gtag_UA_174810499_2=1’
–compressed

Without cookie (cached):

curl -vo /dev/null 'https://maxroll.gg/' \

-H ‘authority: maxroll.gg’
-H ‘cache-control: max-age=0’
-H ‘dnt: 1’
-H ‘upgrade-insecure-requests: 1’
-H ‘user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36’
-H ‘accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9’
-H ‘sec-fetch-site: none’
-H ‘sec-fetch-mode: navigate’
-H ‘sec-fetch-user: ?1’
-H ‘sec-fetch-dest: document’
-H ‘accept-language: en-US,en;q=0.9’
-H ‘cookie: __cfduid=de5e64e12c67e377a42a50d3b61e7231f1614980043; borlabs-cookie=%7B%22consents%22%3A%7B%22essential%22%3A%5B%22borlabs-cookie%22%2C%22__cfduid%22%5D%2C%22statistics%22%3A%5B%22google-analytics%22%5D%7D%2C%22domainPath%22%3A%22maxroll.gg%2F%22%2C%22expires%22%3A%22Sat%2C%2005%20Mar%202022%2021%3A34%3A07%20GMT%22%2C%22uid%22%3A%228mbmmbhm-g2ki171u-tl1gy67s-ljeczbh4%22%2C%22version%22%3A%221%22%7D; _ga=GA1.2.900591571.1614980051; _gid=GA1.2.1206455078.1614980051; _gat_gtag_UA_174810499_2=1’
–compressed

This is the first time I’ve heard of wordpress_test_cookie. A search shows it’s to see if your browser will accept cookies, but I’ve never seen it on any of my sites.

As far as I use WordPress, the test_cookie shows up when I am logged in.

Does it mean it caches your Website as you are logged in while you actually aren’t?
Or, it keeps the cached version of logged in instead of not being logged in?

Or maybe I am wrong due to “privacy & tracking & supercookies” from my recent update of Mozilla FireFox.

1 Like

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.