RevealTheme logo
Back to Blog

Most WordPress Caching Configurations Are Set Up Wrong

Most WordPress Caching Configurations Are Set Up Wrong
The RevealTheme Team

By

·

A WordPress caching plugin is one of the few things you can install that makes a site dramatically faster in about ninety seconds. It is also one of the few things that, misconfigured, will quietly corrupt a checkout, log the wrong person into an account, or serve a six-hour-old price to a customer. The uncomfortable truth is that most caching setups in the wild are wrong in ways the site owner never notices, because the person who configured the plugin is also the one person whose browser the cache is built around.

This is not a "turn on caching" guide. It is about the specific configuration mistakes that look fine on your screen and break for everyone else, and how to set the plugin up so that does not happen.

Why "it works for me" is the central trap

Page caching saves a fully rendered HTML snapshot of a URL and serves that snapshot to the next visitor instead of running PHP and MySQL again. The performance win is enormous: a cached page is served in 50-200ms of TTFB versus 600-1500ms for an uncached WordPress request. The danger is baked into the mechanism. The cache does not know who the snapshot was built for. If the snapshot captured your logged-in admin bar, your name, or your half-full cart, that is what the next anonymous visitor receives.

When you test your own site, you are almost always logged in, and every serious caching plugin bypasses the cache for logged-in users by default. So you never see the broken anonymous version. The single most useful habit you can build is to test in a fresh incognito window or a second browser where you have never logged in. That is the view 95% of your traffic gets.

The exclusion rules nobody sets until something breaks

The heart of a correct configuration is telling the plugin what it must never cache. Out of the box, plugins like WP Rocket, LiteSpeed Cache, FlyingPress, and W3 Total Cache ship sensible defaults for a blog, and incomplete ones for anything transactional.

Cookie-based bypass for logged-in and personalized state

Any page that differs per visitor must be excluded from the cache by cookie. The standard WordPress login cookie is wordpress_logged_in_*, and every reputable plugin already excludes it. The mistakes appear with custom cookies: a membership plugin that sets its own session cookie, a geo-pricing snippet, an A/B testing tool, or a "you have items saved" banner. If content changes based on a cookie the plugin does not know about, you must add that cookie name to the plugin's list of cache-rejecting cookies (WP Rocket: Advanced Rules → Never Cache (Cookies); LiteSpeed: Cache → Excludes → Do Not Cache Cookies). Skip this and the first visitor's personalized state is frozen into the cache for everyone.

WooCommerce: the pages that must stay dynamic

For stores, three URLs should never be page-cached: cart, checkout, and my-account. WooCommerce sets a woocommerce_items_in_cart and wp_woocommerce_session_* cookie, and a correctly integrated caching plugin treats a visitor carrying those cookies as "has a session, serve live." WP Rocket and LiteSpeed both ship dedicated WooCommerce handling that does this automatically — but only if you have not overridden it with an overly aggressive custom rule. The classic self-inflicted bug is caching the cart-fragments AJAX endpoint /?wc-ajax=get_refreshed_fragments, which freezes the mini-cart counter at whatever the first visitor saw. If your cart icon shows the wrong count, that endpoint is being cached.

Query strings and tracking parameters

Marketing links arrive with ?utm_source, ?fbclid, ?gclid tails. By default many setups treat each unique query string as a unique page and cache it separately, which shreds your hit rate — every ad click becomes a cache miss. Configure the plugin to ignore known tracking parameters so example.com/page and example.com/page?utm_source=fb share one cached entry. Conversely, do not blanket-ignore all query strings, because legitimate ones like ?s= search or ?p= previews genuinely need separate responses.

The expiry and purge mistakes

Two settings govern freshness, and both are commonly wrong in opposite directions.

  • Cache lifespan set too long with no auto-purge. A 30-day lifespan on a news or e-commerce site means stale prices and sold-out products linger. For active sites, a lifespan of a few hours to a day is saner, and the real safety net is event-based purging.
  • Incomplete purge on publish. When you update a post, the plugin should clear not just that URL but the home page, the relevant category and tag archives, and the RSS feed. Plenty of setups purge only the edited post, so your home page keeps showing the old excerpt. Verify your plugin's "purge related pages" or "smart purge" option is enabled.

If you run a CDN in front of the site (Cloudflare, Bunny, a host-level edge cache like Kinsta's or WP Engine's), there is a second cache layer that also needs to purge. A plugin that clears its own disk cache but cannot signal the CDN leaves stale HTML at the edge. Cloudflare's free tier does not cache HTML by default, which sidesteps this; but if you have enabled "Cache Everything" page rules or use APO, you must connect the plugin's CDN integration so purges propagate.

Optimization settings that masquerade as caching

Modern caching plugins bundle asset optimization — minification, concatenation, and "delay/defer JavaScript." These are where most caching plugins actually break a site visually, and the breakage, again, often hides from the logged-in admin.

  • Combine/minify JavaScript is the number-one cause of "my slider stopped working after I installed the plugin." Combining files in the wrong order or minifying already-minified code triggers console errors. With HTTP/2 and HTTP/3 nearly universal in 2026, the old benefit of combining files into one request has largely evaporated — leave JS combination off unless you measure a real gain.
  • Defer / delay JavaScript helps your Largest Contentful Paint and Total Blocking Time, but delaying a script the page needs immediately can break analytics, chat widgets, or above-the-fold interactivity. Add genuinely critical scripts to the exclusion list.
  • Lazy-loading the LCP image is a subtle own-goal. Your hero image is usually the LCP element; lazy-loading it adds a round-trip and pushes LCP up. Exclude the first/above-the-fold image from lazy-load.

The honest framing: caching fixes TTFB; optimization tries to fix render. Enable them one at a time, and re-test, so when something breaks you know which switch did it.

The redundancy mistakes

Two configuration errors come from stacking things that should not stack:

  • Page caching on a host that already does it. If you are on LiteSpeed hosting, SiteGround, Kinsta, WP Engine, or Cloudways, the server already runs a page cache (LiteSpeed Cache, SG Optimizer, or a managed Varnish/Nginx layer). Adding a second PHP-based page cache on top creates two layers that purge on different schedules and serve contradictory content. Use the plugin built for your host's stack, and disable the redundant one.
  • Object caching enabled in the plugin without the backend installed. Object caching (Redis or Memcached) stores database query results in memory and is excellent for dynamic, logged-in-heavy sites like WooCommerce and membership platforms — but the plugin toggle does nothing unless the host actually provides a Redis/Memcached server and the PHP extension. Flip it on without the backend and you get a silent no-op or, worse, errors. It complements page caching; it does not replace it.

A configuration you can trust

A defensible baseline for a real, transactional WordPress site looks like this: page caching on for anonymous visitors; cart, checkout, and account pages excluded; logged-in and custom personalization cookies set to bypass; tracking query parameters ignored; cache lifespan of a few hours with smart purge on publish; CDN integration connected so both layers clear together; object caching on only if Redis is actually running; and asset optimization enabled incrementally with the LCP image and critical scripts excluded.

Then verify like a visitor, not an admin. Open an incognito window and confirm the cart count, prices, and account state are correct. Run the URL through a tool like PageSpeed Insights and check that LCP is under 2.5s and CLS under 0.1. Add and remove an item to confirm the mini-cart updates. Caching is not a feature you switch on and forget — it is a contract about who sees which snapshot, and the configuration is where you write that contract down.