Controlling Caching of HTTPS content


This article applies to:

  • WebMarshal 7.5.5 and above
  • Proxy caching

Question:

  • How do I control caching of HTTPS content?

Background:

WebMarshal 7.5.5 and above caches static files delivered over HTTPS by default.
  • This is a change from earlier versions that did not cache HTTPS content. This change reflects the reality that most reputable websites now use HTTPS for most content.
  • Static files generally include scripts, images, and other helper files that do not contain sensitive content.
  • HTTPS caching is only active for inspected HTTPS content. If your policy excludes a site from inspection, the content from the site will not be cached.

Procedure

To disable caching of HTTPS content:

  1. Add entries to the WebMarshal Proxy Configuration file (WMProxy.config.xml) on each processing server
    • The XFFEntry range should only include the load balancer IP addresses, not the client IP addresses
    • Most installations will have only one XFFEntry element, but you can include more than one XFFEntry element if necessary
    • Include quote marks but not braces
    <WebMarshal>
    <Proxy>
    <Config>

    <Cache allowHTTPSCaching="false" />
    </Config>
    </Proxy>
    </WebMarshal>
  2. Restart the WebMarshal Proxy service.

Note

  • WMProxy.config.xml will include other entries. Do not change the other entries.
  • The Cache element may exist and contain other attributes. Add the new attribute to the existing element.
  • XML files are case sensitive.
  • For general information about editing XML settings files, see article Q12705.

Last Modified 10/31/2023.
https://support.trustwave.com/kb/KnowledgebaseArticle21204.aspx