Nonces and Cache Lifespan

Nonces are security tokens in WordPress. They get printed into the HTML source code. 

Nonces can only be used once (hence “n once”), and they are only valid for a certain length of time: 12 hours by default, but developers can change that value.

On a cached page, the nonce can expire in the background while its ID is still present in the HTML source code of the page. If that happens, the HTML source is referencing an invalid nonce and things break.

This can affect all kinds of functionality, from form validation to the visual appearance of a post grid, and a lot more. In some rare cases it could even lead to a completely blank page on the front-end.

Set cache lifespan to 10 hours or less

After the cache gets cleared, the HTML gets regenerated and references a correct nonce again. Hence, when your WordPress setup (theme, plugins) operates with nonces, the only way to keep them updated on cached pages is to set your Cache lifespan option in WP Rocket to a value below 12 hours; 10 hours would be a starting point, but you may have go down to 8 or even less.

This will result in more frequent cache update activity on your server, and thus more preload processes if preload is activated. In case you notice any issues due to high server load, set a higher interval for preload.

Heads up: Cache Lifespan feature will not work on hosting platforms where WP Rocket caching is disabled, such as WP Engine, Kinsta, WordPress.com, etc. So this method won't work and you'll have to contact your host support. For the full list check Hosting Compatibility article.

Further reading:
Nonces: The Other Problem With WordPress Caching

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.