Web cache poisoning is an attack on the caching system of a browser, serving stale or outdated content to the user. It is the act of injecting malicious code into data that’s delivered over the Internet by an advertising network and tricking it into displaying a false error message or misspelling. This can happen when hackers use their bots to request many graphic images from one website while injecting poisoned HTML code that causes errors in your web page.

Working:

Web cache poisoning is an attack on the caching system of a browser, serving stale or outdated content to the user.  It is the act of injecting malicious code into data that’s delivered over the Internet by an advertising network and tricking it into displaying a false error message or misspelling.  This can happen when hackers use their bots to request many graphic images from one website while injecting poisoned HTML code that causes errors in your web page.

Example:

If the server needs to send new responses to individual HTTP requests individually, it can overload the server, causing delay issues, especially during busy hours, and degrading the user experience. Caching is primarily a means of reducing such problems. The cache is between the server and the user and typically stores (caches) the response to a particular request for a set period of time. Then, when another user  sends an equivalent request, the cache provides the user with a copy of the cached response directly, without backend intervention. This reduces the number of duplicate requests that the server has to handle and significantly reduces the load on the server.

Reason for Web Cache Poisoning:

Web cache poisoning happens when a website does not use a secure method for showing cached results, or if it does use secure methods, but for some reason a link to an image that appears to be cached and then does not appear after a certain period of time. It may also happen when the content of a web page changes and web browsers are unable to detect the change in content, so they continue to serve up their old cached version of the web page instead of the new one.

Prevention from Caching Poisoning:

You can prevent your website becoming vulnerable to web cache poisoning by following these simple steps:

• Always make sure that your site is well optimized so that caching results in pages load faster, and not error messages when people are refreshing or trying to access your page. Also make sure that you have images on your site which are well optimized for performance.
• When you change the content of your pages, make sure to remove any cached versions.
• Never use the same image over and over again in your blog posts, as this will make it easier for web cache poisoning to work on your site.
• Use a caching plugin that is made available by WordPress, so that if someone gets an error accessing your website, they will be able to see an older version of the page that you’ve made available through a cached version. This can also be helpful when trying to fix issues with browser caching on your blog posts or website without having to worry about visitors seeing broken images, or old content from previous versions of your pages.

Countermeasures:

• A lot of web servers are vulnerable to cache poisoning attacks due to mishandling of content type and inability to take into account the length of a cached response. 
• For a successful cache poisoning attack, the attacker must be able to send HTTP requests with a forged user-agent header field. 
• To prevent this from happening, you should enable client side validation on your website, so that your site verifies that the request is coming from a browser that it trusts. 
• Content-Type headers alone have proved inadequate in preventing cache poisoning attacks.