Why Exclude Login Pages from Cache?
Login pages must be dynamic and personalized. Caching causes:
- Forms showing for logged-in users
- CSRF token mismatches
- Session issues
- Redirect problems
WP Super Cache Configuration
WP Super Cache → Advanced → Rejected URLs
Add these URLs (one per line):
/login/
/register/
/lost-password/
/my-account/W3 Total Cache Configuration
W3TC → Page Cache → Advanced
Never cache the following pages:
/login/*
/register/*
/lost-password/*WP Rocket Configuration
WP Rocket → Settings → File Optimization
Never Cache URLs:
/login/
/register/
Enable "User Cache" for logged-in usersCloudflare Configuration
Cloudflare Dashboard → Page Rules
Create rule for login page:
URL: yoursite.com/login/*
Setting: Cache Level → BypassServer-Level Caching
Nginx Configuration:
location ~* /(login|register|lost-password)/ {
set $skip_cache 1;
}Apache .htaccess:
# Disable caching for login pages
<IfModule mod_headers.c>
<FilesMatch "login|register">
Header set Cache-Control "no-cache, no-store, must-revalidate"
Header set Pragma "no-cache"
Header set Expires 0
</FilesMatch>
</IfModule>Testing Cache Exclusions
- Clear all caches completely
- Log out completely
- Visit login page in incognito window
- Check response headers (should show no-cache)
- Test login functionality