diff --git a/test/api/unit/middlewares/cache.test.js b/test/api/unit/middlewares/cache.test.js
new file mode 100644
index 0000000000..6501054273
--- /dev/null
+++ b/test/api/unit/middlewares/cache.test.js
@@ -0,0 +1,31 @@
+import {
+  generateRes,
+  generateReq,
+  generateNext,
+} from '../../../helpers/api-unit.helper';
+import {
+  disableCache,
+} from '../../../../website/server/middlewares/cache';
+
+describe('cache middlewares', () => {
+  let res; let req; let
+    next;
+
+  beforeEach(() => {
+    req = generateReq();
+    res = generateRes();
+    next = generateNext();
+  });
+
+  describe('disableCache', () => {
+    it('sets the correct headers', () => {
+      disableCache(req, res, next);
+      expect(res.set).to.have.been.calledWith('Cache-Control', 'no-store');
+      expect(next).to.have.been.calledOnce;
+    });
+
+    xit('removes the etag header', () => {
+      // @TODO how to stub onHeaders
+    });
+  });
+});
diff --git a/website/server/controllers/top-level/payments/paypal.js b/website/server/controllers/top-level/payments/paypal.js
index 5885076a0f..84ff60d7ab 100644
--- a/website/server/controllers/top-level/payments/paypal.js
+++ b/website/server/controllers/top-level/payments/paypal.js
@@ -1,5 +1,6 @@
 /* eslint-disable camelcase */
 import paypalPayments from '../../../libs/payments/paypal';
+import logger from '../../../libs/logger';
 import shared from '../../../../common';
 import {
   authWithSession,
@@ -171,7 +172,9 @@ api.ipn = {
   async handler (req, res) {
     res.sendStatus(200);
 
-    await paypalPayments.ipn(req.body);
+    paypalPayments
+      .ipn(req.body)
+      .catch(err => logger.error(err));
   },
 };
 
diff --git a/website/server/libs/routes.js b/website/server/libs/routes.js
index 25541ce65e..f46ba997ed 100644
--- a/website/server/libs/routes.js
+++ b/website/server/libs/routes.js
@@ -33,8 +33,8 @@ export function readController (router, controller, overrides = []) {
 
     method = method.toLowerCase();
 
-    // all get routes with mandatory or optional authentication
-    if (method === 'get' && authMiddlewareIndex !== -1) {
+    // disable caching for all routes with mandatory or optional authentication
+    if (authMiddlewareIndex !== -1) {
       middlewares.unshift(disableCache);
     }
 
diff --git a/website/server/middlewares/cache.js b/website/server/middlewares/cache.js
index 3ed02dc2d5..4a80985950 100644
--- a/website/server/middlewares/cache.js
+++ b/website/server/middlewares/cache.js
@@ -4,7 +4,7 @@ export function disableCache (req, res, next) {
   res.header('Cache-Control', 'no-store');
 
   // Remove the etag header when caching is disabled
-  // Unfortunately it's not possible to prevent the creation right now
+  // @TODO Unfortunately it's not possible to prevent the creation right now
   // See this issue https://github.com/expressjs/express/issues/2472
   onHeaders(res, function removeEtag () {
     this.removeHeader('ETag');