Xenforo issues with different styles shown for guests
- Thread starter Jon12345
- Start date
If guests see the wrong theme, something goes wrong with login cookie if a user logoff. If a user is logging off and login cookie still exists he gets the the theme from logged in user.
Have you manually defined these Rewrite Rules or are these rules defined by the plugin? They don't look okay for me. I would define these rules completely different.
Have you manually defined these Rewrite Rules or are these rules defined by the plugin? They don't look okay for me. I would define these rules completely different.
There are no settings to configure in the plugin. The Rewrite Rules are those recommended by litespeed.
See here: https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:cache:lscxf2
My focus is on guests, not members who logged in and then logged back out. Guests who have never been a member are getting dark pages.
Edit: I also have Redis and Cloudflare, if that makes any difference.
See here: https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:cache:lscxf2
My focus is on guests, not members who logged in and then logged back out. Guests who have never been a member are getting dark pages.
Edit: I also have Redis and Cloudflare, if that makes any difference.
Last edited:
Howdy @Jon12345 ,
It looks like you've pointed out a regression in our .htaccess rules. We should already be varying on style and language except at some point our rules were updated based on an older ruleset that did not contain these varies.
I'll be updating them shortly on our wiki and will make a post about the updated rules on the official forum.
Thanks,
-Michael
It looks like you've pointed out a regression in our .htaccess rules. We should already be varying on style and language except at some point our rules were updated based on an older ruleset that did not contain these varies.
I'll be updating them shortly on our wiki and will make a post about the updated rules on the official forum.
Thanks,
-Michael
I have updated our installation/configuration wiki page to include the new `.htaccess` rules
https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:cache:lscxf2#configuration
Thanks again for bringing this to our attention,
-Michael
https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:cache:lscxf2#configuration
Thanks again for bringing this to our attention,
-Michael
At this post, someone is saying it is still wrong: https://xenforo.com/community/threads/litespeed-cache-for-xf2-community.144025/page-7#post-1407190
It is still showing dark theme pages on my site to guests. In fact, nearly all pages are now dark theme, which is the opposite of what I want shown.
It is still showing dark theme pages on my site to guests. In fact, nearly all pages are now dark theme, which is the opposite of what I want shown.
Last edited:
To find the reason for this issue, do the following steps:
1.) Logoff from forum
2.) Remove all cookies from your browser and don't request your forum again until all steps are done.
3.) Add the following Rewrite Rule to you .htaccess where all other Litespeed Cache Rules are defined. You can remove this rule after test. This rule prevent file purge.php from beeing cached.
3.)Create a php file with name purge.php without any content.
4.) Paste the following header into this file:
5.) Upload this file to the root directory where your forum is installed.
6.) Run this file in your browser: www.domain.com/purge.php
7.) Open Dev tools in browser (F12) and open network TAB.
8.) Browse a couple of pages of your forum and check cache header of each requested page. Every page should have "miss" header.
9.) Check the cookies in dev tools. If there are cookies with xf_ prefix, post them (name of cookies) here
10.) Browse the same pages again and check cache header of each page. They all should have "hit" header.
11.) Login to your forum as user, not admin.
12.) Browse the same pages as before and check cache header. There should be no cache header. If there is a cache header, post it.
13.) Logged in as user check, if there a cookies with prefix xf_ post them here.
14.) Logoff and login as admin
15.) start with step 11.) and do the same steps as admin
16.) Logoff and check cookies again.
17.) Finished
If finished post your result with cookies. It is important to know which cookie is set at each user status.
1.) Logoff from forum
2.) Remove all cookies from your browser and don't request your forum again until all steps are done.
3.) Add the following Rewrite Rule to you .htaccess where all other Litespeed Cache Rules are defined. You can remove this rule after test. This rule prevent file purge.php from beeing cached.
Code:
RewriteCond %{REQUEST_URI} /(purge).php$
RewriteRule .* - [E=Cache-Control:no-cache]4.) Paste the following header into this file:
Code:
<?php
header("X-LiteSpeed-Purge: *");6.) Run this file in your browser: www.domain.com/purge.php
7.) Open Dev tools in browser (F12) and open network TAB.
8.) Browse a couple of pages of your forum and check cache header of each requested page. Every page should have "miss" header.
9.) Check the cookies in dev tools. If there are cookies with xf_ prefix, post them (name of cookies) here
10.) Browse the same pages again and check cache header of each page. They all should have "hit" header.
11.) Login to your forum as user, not admin.
12.) Browse the same pages as before and check cache header. There should be no cache header. If there is a cache header, post it.
13.) Logged in as user check, if there a cookies with prefix xf_ post them here.
14.) Logoff and login as admin
15.) start with step 11.) and do the same steps as admin
16.) Logoff and check cookies again.
17.) Finished
If finished post your result with cookies. It is important to know which cookie is set at each user status.
@serpent_driver Thanks for the suggestion, but isn't it up to litespeed themselves to provide a plugin that doesn't have bugs?
Before, I had the occasional dark page shown. Now, after the new plugin update, all my pages seem to be dark theme. As a result, my bounce rate has gone up, repeat visitors are down, ad revenue is down.
Are the litespeed crew still working on this?
Before, I had the occasional dark page shown. Now, after the new plugin update, all my pages seem to be dark theme. As a result, my bounce rate has gone up, repeat visitors are down, ad revenue is down.
Are the litespeed crew still working on this?
The big question is, who has developed this plugin? I don't know much about Litespeed cache plugin for Xenforo, so all I know is that this plugin has only rudimentary cache settings and has to be extended with functions like they are available in other Litespeed cache plugins. You should open a support ticket to get the right answers.
@serpent_driver
This cookie is never used for logged in users, and is actively deleted when changing styles when logged in or when logging out (the style info is stored in the backend somewhere for logged in users instead of a cookie). The cookie IS carried over when logging in, but is ignored for determining style when logged in.
Like-wise if the cookie was for some reason not removed, it would still work as intended as the cookie value would be used in determining the cache vary. So a "dark theme" stlye cookie surviving the login/logout process would result in a "dark theme" version of that page getting cached that would only ever be served to other guests who also have the "dark theme" style cookie value set.
I did notice a csrf complaint when trying to switch styles as a guest while on a page cached by another user - this has been added to my to-do to fix but will not have any affect on the issues talked about here.
Edit: Re-read your message a little more carefully, my bad
. Those cookies will definitely be removed during logoff.
This cookie is never used for logged in users, and is actively deleted when changing styles when logged in or when logging out (the style info is stored in the backend somewhere for logged in users instead of a cookie). The cookie IS carried over when logging in, but is ignored for determining style when logged in.
Like-wise if the cookie was for some reason not removed, it would still work as intended as the cookie value would be used in determining the cache vary. So a "dark theme" stlye cookie surviving the login/logout process would result in a "dark theme" version of that page getting cached that would only ever be served to other guests who also have the "dark theme" style cookie value set.
I did notice a csrf complaint when trying to switch styles as a guest while on a page cached by another user - this has been added to my to-do to fix but will not have any affect on the issues talked about here.
Edit: Re-read your message a little more carefully, my bad
. Those cookies will definitely be removed during logoff.
Last edited:
No worries at all! Your help is more than welcome, I am just passing along what I know as the lead developer and maintainer for this plugin
I always appreciate when members of our community jump in to help one another with issues as they often know best when it comes to actually using our software in the wild. I re-tested login/logout again based on your feedback just to be sure that I wasn't missing anything that could be the issue and luckily did not find anything strange.
As of now I suspect that everything is working as intended but will have to wait for further feedback from @Jon12345 to be sure.
If you are curious, this is the link to our Slack's XenForo channel where I provided more details on what/how I checked Jon's site.
Regards,
-Michael
I always appreciate when members of our community jump in to help one another with issues as they often know best when it comes to actually using our software in the wild. I re-tested login/logout again based on your feedback just to be sure that I wasn't missing anything that could be the issue and luckily did not find anything strange.
As of now I suspect that everything is working as intended but will have to wait for further feedback from @Jon12345 to be sure.
If you are curious, this is the link to our Slack's XenForo channel where I provided more details on what/how I checked Jon's site.
Regards,
-Michael