Password-protected pages

I’m using Cloudflare with Wordpress, and the password-protected pages do not work properly: I enter the password and the login page is reloaded, requiring the password again.

I have read in several forums that I must use page rules for excluding some urls from cache, but I have a doubt.

The password-protected pages have this structure: [domain].com/[category]/[password-protected page], but I actually have this rule for caching the entire site: [domain].com/

  1. Cloudflare is the reason why the password-protected pages don’t work?
  2. How can I exclude password-protected pages from cache without affecting the entire site?

When you try to do a login, check the Network traffic under F12 Developer Tools to see if the page has been cached with CF-Cache-Status: HIT?

Hi erictung, thanks for answering. Effectively, the password-protected page has been cached with “cf-cache-status: HIT”. Is this the reason why the content doesn’t load? In that case, what should I do?

I have read that adding the cookie “wp-postpass*” to the whitelist of cookies could be a solution. How can I do that?

How did you set page caching? Are you using the APO feature, or did you create a Cache Everything Page Rule?

1 Like

Hi sdayman, thanks for answering. I’m not using APO, I actually have this page rule for caching the entire site: (asterisk)[domain].com/(asterisk), but before make a change I want to be sure that Cloudflare is the reason why the password-protected pages don’t work.

Could I make an exceptional rule for protected pages which not affects the entire site? Thanks.

Just create a page rule for login page with Cache Level = your current global Cache Level setting (most probably Standard)

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.