List of WooCommerce cookies to exlude from Varnish?

Is there a complete list of WooCommerce cookies to exclude from Varnish?

1 Like

Don’t quote me on this, but here is what I’ve found so far:


  • \?add-to-cart=
  • ^/(cart|my-account/*|checkout|wc-api/*|add-to-cart|addons|logout|lost-password|product/*|wp-admin|wp-login)


  • woocommerce_cart_hash
  • woocommerce_items_in_cart
  • wp_woocommerce_session_

For cookie, I just learned about this one for password reset loop


The ones you listed, should I enter them just like you have them listed?

Also, one of my URLs is: (.)/?f=(.) Does this one take care of the URLs that you listed?

Can someone share what your experience has been with Varnish and WC cookies as to what effects you saw that led you to exclude them?

1 Like

Strange things happen like when a user goes to reset their password, they keep getting directed to the lost password page, and the password never gets reset.

Jon Fuller has what I have.

Issues with woo: standard install with woo and varnish active (without exclusions) no one seemed to be able to use the site to checkout. When the exclusions were added everything worked fine (just as when varnish was disabled).

1 Like

Agree with Nick, you need to have the cookie exclusions for Woo to function properly.

1 Like

I am not seeing what you guys are seeing. Across all browsers I checked, my customers are able to reset password/complete transaction/add to cart/use wishlist/etc.

Old version of Varnish not supporting Woocommerce’s DONOTCACHEPAGE?

Hi, did you find a fix for this? anything of the above I try doesn’t fix it. Only disabling Varnish. Hope someone can’t help me!

I gave up on Varnish with Woocommerce. It would work fine for a few months, then stop working for no reason. Across many sites it just makes the upkeep too painful.

Fortunately with some caching, a CSS minimize plugin, and a CDN you can get fast-enough speeds. In fact you don’t really need the CDN if you only target one country, and the servers are located there.

This is what I have in my list of exclusions and it seems to be working ok with WP Fastest Cache, and Autoptimize and Cloudflare:

1 Like

So then, would it only be that list of 5 cookies on the store front end to exclude and all will be well?

I mentioned in the video I’d make a list in text format, but realized after watching it again, that I hadn’t done that part yet.

But… (here’s the bigger point) how to find all the cookies that are appropriate for YOUR site, simply go to

  1. Chrome Dev tools (right click and inspect)
  2. Go to the application tab
  3. Then click cookies

That way you can find any other cookies that are running in your specific WordPress environment.
:fist_right:t4: :boom: :fist_left:t4:

1 Like