Turn cache on and off with headers?

I'm experimenting using LS cache with Concrete5 CMS (C5).
I can get the current user in C5 and set the cache headers depending on whether they are logged in or not:

$u = new User();
if(!$u->isLoggedIn()) {
   header('X-LiteSpeed-Cache-Control: public, max-age=3600');
   header('X-LiteSpeed-Cache-Control: private, max-age=3600');
   echo "Not logged in";
else {
   header('X-LiteSpeed-Cache-Control: no-cache');
   echo "Logged in";
This works, I can see in the console that the cache is enabled, however it is always a miss.
I can confirm that LS cache will run and "hit" on the server because I have run it using htaccess rules without issue.
What else do I need to do to get the cache working using my method above?

Jon K

Staff member
Inside of .htaccess do you have `CacheLookup on` set? Even when using PHP to send headers you will still need to at least set that so the web server knows to look up the cache.
If you have any logged in users or set cookies for different views you will also need to set vary on cookie inside of the .htaccess.

You cannot have both public and private cache, if just regular users just set the public header and if they are logged in then set to no-cache or private cache.

If it still doesn't work you will need to enable server debug log and check to see if any issues or post it here.
Thanks for the tips Jon, really useful. Adding the CacheLookup on and removing the private cache line has fixed it, now seeing a hit.
I just looked up the vary and I think this is right RewriteRule .? - [E=Cache-Vary:CONCRETE5] so I'll try that too.


LiteSpeed Staff
it wont work, you should add both in one rewrite rule if need. better only using one though.
RewriteRule .? - [E=Cache-Vary:CONCRETE5,CONCRETE5_LOGIN]
Last edited by a moderator:
Next question!
I'm trying now to figure out how to use esi inline to do a hole punch.
I have the following code:
                           $page = Page::getCurrentPage();
                           $pageHandle = $page->getCollectionHandle();
                           if($pageHandle === "esi-test") {
                               header('X-LiteSpeed-Cache-Control: esi=on'); 
                           <esi:inline name="msm001" fetchable="yes" max-age="5" timeout="60">
                           <?php echo '<p>' . $_SERVER['HTTP_USER_AGENT'] . "\n\n" . '</p>';   ?>

This is probably wrong but I can't find many examples out there.
The browser is returning the following response headers:
X-Frame-Options: SAMEORIGIN
X-LiteSpeed-Cache-Control: esi=on
X-Powered-By: PHP/7.0.30
This seems to disable LS cache on the whole page?
Last edited by a moderator:


LiteSpeed Staff
Staff member
You have wrong understanding of hole punch. the punched hole in the main html should be replaced by <esi:include>, not inline tag. Please read ESI doc to understand inline vs. include.
When server receives esi=on header, it will parse the http response, and search for esi:include tag, if there is, will send a subrequest to backend using the esi include url. So you need to have separate logic to populate response for that ESI request, which is the "hole" content, then lsws will assemble them together and serve to client.
Thanks Lauren. This is what I have now:
Main page:
<?php header('X-LiteSpeed-Cache-Control: esi=on'); ?>
<esi:include src="esi_inc.php" />

header('X-LiteSpeed-Cache-Control: private, max-age=43200');
echo "Random number is:";
So it writes out a random number. If the page caches, there will be no number.
It is showing a random number on each page load, but the cache doesn't seem to be running at all.


LiteSpeed Staff
Staff member
Your code looks fine. In regular case the main page, can also have heade
X-LiteSpeed-Cache-Control public,max-age=43200,esi=on
you can also let it generate a random number in the main page.
why not work in your case, not sure. You need to turn on lsws debug log and check.
For your concrete5 integration, did you create a module to do that?
You can join our slack invitation and further discuss there.
Last edited by a moderator:
I still don't think the hole punch is working right. The server response time is slow and there is no cache header. Here is the test page:
Last edited by a moderator: