qtwrk
commented
3 months ago you mean something like this ?
by default it has a prefix based on md5sum of file path
but you can also define it in wp-config.php like
define('LSOC_PREFIX', 'ABC');Closed aonsyed closed 4 days ago
qtwrk
commented
3 months ago you mean something like this ?
by default it has a prefix based on md5sum of file path
but you can also define it in wp-config.php like
define('LSOC_PREFIX', 'ABC');
aonsyed
commented
3 months ago That's great, I hope it was documented somewhere. Thank you @qtwrk
timotei-litespeed
commented
1 month ago
Object Cache auth is generalized, either you have access or you don't have access which means if there is more than one site/user on a server, they can read the keys from all other sites on the same server.
There is no way to limit users to a specific database either
The way to mitigate this is to limit the keys users have access to, this can be done by ACL controls via Redis CLI etc limiting user to randomsaltvalue* , so each site gets a different prefix and users are basically locked to their own prefix, Till's redis cache plugin and other plugin do this with a prefix defined in wp-cache but it can be something in LS's Object cache settings.
But this would require LS Cache WP to support prefixes, either from UI settings and database or from a variable in wp config.