I’m using “cache everything” page rule and have set headers for .PHP files in .htaccess such that cache time is one week.
PHP files are being cached successfully by Cloudflare and I’m seeing HIT, as expected.
But for some pages (login, editing) I don’t want this, of course. So on the PHP pages I don’t want cached, I have added header directives like
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
On a different server, this overwrote the server settings (that were set up in WHM - no such facility on this server) and all worked properly. But on the current server I’m working on (where I have very little access to anything - only scripts and htaccess) it’s sending the header set in .htaccess and ignoring the no-cache header I’m setting in the script. So no user can log in - they just get the cached login form.
Any ideas to get around this? TIA