NT Gatekeeper: Disabling SSL-Secured Data Caching

My company's sales force frequently uses VPN technology on laptop computers to access Secure Sockets Layer (SSL)­secured Web content on our corporate intranet portal. By default, Microsoft Internet Explorer (IE) caches all Web content, whether that content is accessed using HTTP or HTTP Secure (HTTPS). How can I make sure that none of the SSL-secured Web data is cached on the laptop computers?

You must perform a registry hack in the user profile for every user. Add the DisableCachingOfSSLPages value of type REG_DWORD to the HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings registry subkey, and set the value to 1. The setting will be effective only after the user has performed a successful logoff/logon sequence.

Web page developers can also change the browser-caching behavior by instructing their Web pages to reply with specific HTTP headers (e.g., the Pragma: No-Cache header). To learn how to make this change, see the Microsoft article "HOWTO: Prevent Caching in Internet Explorer" (http://support.microsoft.com/?kbid=234067).

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.