15 years on The Web
miniBB ® miniBB®
miniBB Support Forums
 | Forums | Register | Reply | Search | Statistics | Manual |
Custom Tutorials and Modifications miniBB Support Forums / Custom Tutorials and Modifications /   

Proxy (cache) problems and how to solve them

Author Moony
#1 | Posted: 4 Apr 2008 11:27 
I travel a lot and very often work in Internet-cafes. In some places I noticed that pages are being cached in proxy-servers memory to minimize traffic. This make almost impossible to write to the forum, because after posting you see the older (saved) version of the page. This may also cause login problems.

There is a very easy way to solve this caching problem. You just have to add the following to your index.php file:

header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', FALSE);
header('Pragma: no-cache');

I have done this a few months ago and everything works fine.

Author tom322
Active Member
#2 | Posted: 4 Apr 2008 13:18 
Do you mean index.php or the header? Either way, it may depend on the particular web browser (some refresh info fast, others like Opera not).

Author Paul
Lead Developer
#3 | Posted: 5 Apr 2008 06:23 
If there is a server-cache, it doesn't depend on browser.

However this is a good suggestion and I might consider it while working on the updates, thanks.

Author Moony
#4 | Posted: 7 Apr 2008 12:24 | Edited by: Moony 
If there is a server-cache, it doesn't depend on browser.

Yes, I mean server-cache. In Kathmandu I had big problem: I logged in one internet-cafe and my password was cached in all internet cafes in the center of the town. Anybody could have admin rights on my website while I was logged in. So this is also a security issue.

Author Paul
Lead Developer
#5 | Posted: 7 Apr 2008 13:08 
I must say when you are in internet cafe, this is a security issue itself.

I don't know if it's related to miniBB in general ;-) Without storing password data on the client side it's impossible to keep login information.

Author Paul
Lead Developer
#6 | Posted: 8 Apr 2008 02:51 | Edited by: Paul 
Additionally I thought and I am not sure how it would be possible to grant admin access to everybody in the network even if you have entered admin's login credentials on one of the PCs in this network. When network uses cache, it caches just HTML pages, but all of your admin information is stored only on the PC where you have entered it. miniBB uses cookies - but even if it would use sessions, they are determined by a cookie, too. So all pages with admin panel links, for example, like "Delete" or "Lock topic" etc., would be cached, that's true, and all users in the network could see those pages. But there is nothing insecure as soon as they can't execute them. Because the only one cookie is stored on your PC, and only this cookie is taken into attention when authorizing.

Author tom322
Active Member
#7 | Posted: 19 Nov 2008 00:24 | Edited by: tom322 
I had it set up for a couple of months as a test and I conclude it's better not to use it because when you have addon that uses "javascript:history(-1)" the already entered text is lost after going back to the previous page. Plus if posting as a guest the username disappears, at least in IE..

Custom Tutorials and Modifications miniBB Support Forums / Custom Tutorials and Modifications / Proxy (cache) problems and how to solve them Top

Your Reply Click this icon to move up to the quoted message

 Short link for this topic:

You are welcome to post anonymously, by entering a nickname with no password (if the similar Username has not been taken yet), or by leaving both fields empty. If you have a forums account, you can also sign in from this page without posting a message, or sign in and post at once.

Before posting, make sure your message is compliant with our forum posting rules. If not, it may be locked or deleted with no explanation.
miniBB Support Forums Powered by Forum Software miniBB ® Features  Requirements  Demo  Download  Showcase  Gallery of Arts
Compiler  Premium Extensions  Premium Support  License  Contacts
Try the Captcha add-on: protect your miniBB-forums from the automated spam and flood.
Captcha Addon for miniBB