Cookie getting sent with Wordpress header from Cloudflare on every response

every-tuesday · April 4, 2023, 4:27pm

As of April first, my graphql caching layer has stopped caching (Stellate) and their support team is saying that wordpress is setting a cookie on the headers and it can’t cache the graphql response because of that, the only thing I see on the response when I inspect it is this:

Is there some option where I can turn this off for my submain in the dashboard?

Thanks

cbrandt · April 4, 2023, 6:17pm

Hi,

This cookie is documented as related to Rate Limiting Rules. You should be able to redefine your Rate Limiting Rule to exclude your subdomain by visiting Dashboard > Security > WAF > Rate Limiting Rules. Or perhaps create a Firewall Rule (or a WAF Exception) to bypass RL for whatever criteria you see fit.