acatalept/blog

Cache control is a potentially hit-and-miss pursuit, but the most reliable and straightforward method I've found (that works for IE 6+ and Firefox), although it relies on access to your Apache server configuration, is simply setting Cache-Control headers manually.

For example, to prevent web browsers (or any intermediary such as a proxy) from caching dynamically generated content, such as from a PHP script, do the following: In httpd.conf, under your DocumentRoot configuration, add something like this:

DocumentRoot "g:/server/HTML/acatalept.com/root"

    
        Header Set Cache-Control "max-age=0, no-store"
    

The FilesMatch will apply only to the regex string specified (in this case, any PHP file). More importantly, the Header Set instruction sets a Cache-Control header with the value in quotes, resulting in the following response header being sent to the cilent:

Cache-Control: max-age=0, no-store

The max-age value causes content to expire immediately, and no-store causes content to never be stored (cached) under any conditions. Note that this is different in practice than the no-cache directive, which is slightly more lenient and designed to help enforce a working authentication mechanism. See the link at the top of this post for more details.