Title: Cookies that bypass cache
Author: WordPress VIP Documentation
Published: September 9, 2020
Last modified: November 19, 2025

---

 1. [Caching](https://docs.wpvip.com/caching/)
 2. [Page cache](https://docs.wpvip.com/caching/page-cache/)
 3. Cookies that bypass cache

#  Cookies that bypass cache

The [behavior of the page cache](https://docs.wpvip.com/caching/page-cache/) does
not vary for most cookies. For sites that personalize content based on a cookie 
that is not listed below, the response will be cached and served to the next user
regardless of whether they have that cookie with the same value or not.

A URL will be marked as `BYPASS` cache (the request and response will be considered
uncacheable) if the request has one of the following cookies:

 * A WordPress comment cookie
 * A WordPress test cookie
 * A WordPress post password cookie
 * A WordPress authentication cookie
 * A WooCommerce session cookie
 * A PHP session cookie
 * The VIP cache bypass cookie `vip-go-cb` set to the exact value of `1`

## The `vip-go-cb` cache bypass cookie 

**Caution**

Methods for bypassing the cache can be useful for sites with a paywall or as part
of A/B testing functionality. However any form of cache bypass should be used with
caution, as requests that bypass the cache will always be processed by [the origin servers](https://docs.wpvip.com/origin-servers/).

[`vip-go-cb`](https://docs.wpvip.com/caching/cookies/) is a VIP Platform cookie 
that can be used by WordPress or Node.js applications. The cookie allows incoming
requests with a value set to `1` to bypass the page cache. This method prevents 
personalized responses from being cached and served to other users.

 * Requests with the `vip-go-cb` cookie set to a value of `1` (it _must_ be a value
   of `1`) will always `BYPASS` the page cache. As a result, these requests will
   never be served a cached response, and the response to these requests will never
   be cached to be served to others.
 * On WordPress applications, requests from logged-in users will always `BYPASS`
   the cache; setting this cookie for logged-in WordPress users is not necessary.
   If users are logging in using a different mechanism, set the `vip-go-cb` cookie
   in addition to any other cookies or local storage data for a third-party login
   system. Be sure that these users will not have responses cached or see cached
   responses.

## Avoid negative performance impact

Setting cookies on pages or endpoints can negatively affect the stability of a site,
particularly if those pages or endpoints are not performant. Requests to URLs that
set a cookie or bypass the cache will result in SQL queries on the [origin server](https://docs.wpvip.com/infrastructure/origin-servers/).
This can have negative performance implications for a site, particularly during 
a high traffic event. A large volume of direct SQL queries can overload the primary
database and lead to an increase in responses with a `503` HTTP status code.

To improve the performance of server-generated pages or URLs that bypass the cache
due to cookie usage:

 * [Optimize WordPress database queries](https://docs.wpvip.com/optimize-core-queries-at-scale/)
   to improve the performance of these pages when they bypass the cache.
 * Use the [object cache](https://docs.wpvip.com/caching/object-cache/) as much 
   as possible to save data that may take significant time to query or generate,
   or that must be fetched remotely.
 * Move user-level interactions to client-side using JavaScript and fast AJAX requests
   whenever possible.
 * Avoid events that cause the cache to frequently expire, as doing so can cause
   a [cache stampede](https://en.wikipedia.org/wiki/Cache_stampede).
 * Refer to [Query Monitor](https://docs.wpvip.com/performance/query-monitor/), 
   [New Relic](https://docs.wpvip.com/performance/new-relic/), and other tools to
   identify and [analyze bottlenecks](https://docs.wpvip.com/performance/analyze-server-performance/).
 * Stagger the release of campaigns and cookie-related changes. Suddenly setting
   cookies for a large number of site visitors can cause an increase in requests
   to origin that may occur too quickly to be absorbed by autoscaling.

Last updated: November 19, 2025