WP Rocket Says S2member is blocking cache?

hi
i contacted support of wp rocket and it says s2 is blocking cache

why does it do that and is there a way to solve this pls

Hi John.

This article here says: https://s2member.com/kb-article/is-s2member-compatible-with-caching-plugins/

s2Member has been thoroughly tested against all of the most popular caching plugins for WordPress. These include, but are not limited to: Comet Cache™, WP Super Cache, W3 Total Cache, and WP Rocket. When dynamic content is processed by s2Member, all of the appropriate runtime constants are defined by s2Member; i.e., the flags needed to keep it fully compatible with caching plugins for WordPress.

In this post Jason explains: https://github.com/wpsharks/s2member/issues/888

s2Member has built-in routines that will prevent any caching plugin from caching pages for logged-in users. This was in an effort to avoid caching plugin conflicts. Generally speaking, that’s still a good idea in my view.

if you introduce some of s2Member’s more dynamic shortcodes on a page, those will still prevent caching, no exceptions.

So for instance, if you add the [s2Member-Profile /] shortcode to a page it cannot be cached […] That’s s2Member flagging dynamic content that it considers uncacheable.

So if you used dynamic content with an s2 shortcode, that’d prevent caching, because the output could be different for different visitors. I recently helped a person whose site wasn’t being cached at all, and it turned out he was using a shortcode in his menu, so every page had it, and once that was removed caching happened again.

I hope that helps!

thanks
yes i saw that too
is there a way to disable the prevent caching function?

@johnjohn On no account would you want to disable it, because then you’d have your site confused as to which member was which, and the whole point of having a membership site would be lost.

While it seems to have become common practice for those with WordPress sites to seek to speed them up by using page caching, such caching is a really blunt instrument much more suitable for smaller, relatively simple sites. It’s not a particularly good fit for membership sites, especially since the amount of page caching that can be done reliably for those logged in is very limited.

A much better approach for membership sites is that of object caching. Unfortunately, s2Member’s design means that this approach cannot be taken all the way, so you can’t use something like Memcached. But you can still go quite a long way by using transients, and this approach will work even if you do have dynamic content on the page. But, more fundamental still is the fact that you need to make sure that your site isn’t running terribly wasteful code in the first place. You need to start from a sound base.

I suggest you start by installing the plugin Query Monitor and use it to tell you how many queries to the database are being made on each post, page, archive, etc. together with the time taken to load each one. (This is a much more useful figure than that produced by speed testing websites, where latency can be caused by many factors unconnected to the site concerned.) If you have a developer, show the results to him or her. Otherwise, feel free to post them here.

I use s2Member to hide certain content on pages from people who are not logged in. I also use WP Rocket.

Using the s2Member shortcode prevented the pages from being cached. So I installed the EzPHP plugin (also from WebSharks) and replaced the shortcode with the PHP equivalent. And now caching works.

By definition, it isn’t equivalent. Which shortcode did you replace?

I was originally using “[s2If current_user_can(access_s2member_level1)]” to show content only to logged in members with access to Level 1 or higher.

After installing EzPHP, I replaced the shortcode with “<?php if(!current_user_can("access_s2member_level1")): ?>” and everything started working fine with WP Rocket caching the pages.

Stephen, the code you have entered via EzPHP says the very opposite of the previous shortcode. You have effectively rendered s2Member irrelevant on those pages.

Lol… sorry, I answered too quickly and copied the wrong code from my web page. I’m an idiot.

The PHP code I used is “<?php if(current_user_can("access_s2member_level1")): ?>”

As I said, the code you are now using is not equivalent to the s2Member shortcode. There is a very good reason for that.

Unfortunately, what you have done is create a big security risk – and potentially a privacy risk too. Exactly what happens will depend on who is the first visitor to each page where this code runs (because page caching happens when a page is first visited). It will be problematic enough if the first such visitor has an s2Member role, but it could be completely disastrous for your site’s security if the first such visitor was you or another administrator.

Really? I use the code only to show a download link to the PDF version of an article. The link is only visible to members who are logged in and have access to Level 1 or higher. If a visitor is not logged in, or just a Level 0 subscriber, the link is not visible.

If I visit a page while logged in either as myself (administrator) or as a member, I see the link to download the PDF. If I then log out and visit the page again, the link is gone. Does that not mean it’s working as expected?

I just checked a page’s source code in my browser. When I’m not logged in, I’m seeing the WP Rocket cached version of the page. But if I log in, I see a page that is not cached. And then if I log back out, I’m back to seeing the cached version.

I also just cleared the WP Rocket cache, then immediately visited a page while logged in, and then logged out and viewed the page again. Everything seems fine. The cached version of the page is not showing the link to download the PDF even though I first visited the page while logged in as a member.

I have WP Rocket set up to not cache pages for logged-in users. Does that not mean that the pages will only be cached when an anonymous user visits them?

I hope so! Is there no way to tell whether the page is being cached when you visit it while logged in?

The problem here is that what you see on the front-end of your site is not necessarily a reliable guide to what is being cached. Page caching caches all the code on the page and, if the first visitor is logged in, such code may include nonces, cookies, and other tokens that identify that user and provide access credentials.

If someone else is then shown those credentials, you have a privacy leak right there. I don’t know where you are but, in the EU (and increasingly elsewhere too), that’s an immediate legal problem as well as a breach of your members’ trust. You also have provided a means for someone (or a bot) to obtain credentials that will enable them/it to access parts of your site which you want protected from them.

But I’m curious why you feel the need to hide the link from those not logged in. If the file is stored in the protected s2Member folder, it isn’t accessible to such visitors anyway. It sounds like you are going to a lot of trouble and risk to solve a problem that doesn’t exist.

If you view the page source in your browser, WP Rocket adds a line at the bottom saying that you’re viewing a cached version of the page. If the line isn’t there, you’re viewing a non-cached page.

What I do is I show the link to download the PDF only to logged-in members. For non-members, I show a separate link advertising the memberships to my site, which they can then click to learn more. And I’ve been using the PHP code to display the correct link based on whether or not the visitor is logged in.

I do understand what you’re saying about pages being cached based on the first visitor. But if WP Rocket is only caching pages when they are viewed by anonymous users, how could it be caching member information? I’m asking not because I’m disagreeing with you. I’m no expert in this stuff and if I’m doing something I should not be doing, I want to know. But I’m not sure how WP Rocket could be caching member-specific details when it only caches pages when viewed by anonymous users.

You would have to ask the WP Rocket devs how they deal with your scenario these days. I have seen all sorts of different implementations (and WP Rocket itself has had some serious problems with this in the past). I would never take the risk that they have it right, because all too often you only find out after something bad has happened. (The history of W3TC, for example, is littered with such episodes.)

I’m still not clear why you do what you do anyway. If the file is protected in an s2Member folder, then a visitor who is not logged in will be redirected to the MOP, and you can show them what you want there. That’s really the point of the MOP.

So what you’re saying, though, is that the problem with s2Member and page caching is not an issue specifically with WP Rocket. You’re saying that no caching should be used on a membership site, regardless of the caching plugin.

No PAGE caching, yes. Some other forms of caching – specifically transient caching – would be fine.

Full object caching, using Memcached or Redis, can also work with some membership sites, but not with s2Member (because of the way s2Member stores data in the options table in the database).

But so far as page caching is concerned, the issues I have been talking about are not specific to WP Rocket. As I said above, page caching is a really blunt instrument.