Caching is good. Generally speaking that is. However when applied to a legacy system without regard to the actual system, well then it might lock your users out 🙂
Frankly I´m quite suprised we didn’t see worse scenarious.
We´ve got this site previously hosted under an apache web server running PHP with FastCGI. The other week it got changed to Litespeed instead. Our authentication is based (admittedly not in a good way) on the apache redirect using the following line:
Ok, what happens with this when caching gets enabled in Litespeed? 🙂 I think you can guess.. sometimes, something happens, other times not so much.
I wont go into the details of troubleshooting this since I actually didn’t, lucky enough the Hosts had some sharp minds actually knowing what they where doing so they quickly came up with a solution. Simply add this to the .htaccess to disable the Litespeed caching (note, the redirect thingy could be improved ie to be restricted to only php-files):
RewriteRule .* – [E=Cache-Control:no-cache]