Blog

Frederick Townes

31bf6f36-3701-11e4-8034-feeb6e355a50

Frederick is a widely published blogger covering various topics including: internet marketing, social media, web hosting and web design and development. His passions are diverse covering the breadth of topics above, but for the last two years his focus has really been on social web applications and sites. A native of Milwaukee, Wisconsin, Frederick is a graduate of Boston University where he studied Computer Science and Mathematics. Founded in 2003, W3 EDGE is among many web-based businesses started by Frederick. Some of which can be found in the work section of this site.

All topics by Frederick Townes

W3 Total Cache v0.9.5.2

Thanks for using W3 Total Cache! Our journey to enable great user experiences in WordPress continues with today’s release. As will any minor release, the focus has been on improved security and interoperability / compatibility. With this release we’ve added two security fixes to ensure that your hosting environment is more secure, improved reliability of the plugin itself, and increased the responses of the WordPress administration panel.

As always thanks to all of our supporters, including those who are active in the forums helping end users.

W3 Total Cache v0.9.5.1

Thanks to everyone that provided bug reports and helped to troubleshoot issues in the forums for other users. As the changelog will show, many of the most glaring issues have been resolved, which hopefully will reveal the next set of high priority concerns users are facing. I hope everyone tests out this release in a staging environment or sandbox before moving to a production environment.

A word to those who’s support of the project takes the form of code:

Looking forward, we’ll be re-visiting our plans for making the github repository public, making our tests available and sharing the roadmap for those who are interested in helping us accelerate it.

Thanks for your support and for using W3 Total Cache!

W3 Total Cache v0.9.5

As always, security is very important to us. A few folks from the community came forward and called those issues to our attention and helped us test those fixes. Specifically, SecuPress team for testing the various security fixes: Security Token ByPass, Arbitrary File Upload, Arbitrary File Download, Arbitrary PHP Eval and the XSS vector. Thanks to those that continue to be supportive in their efforts and kind words.

This release has some cosmetic bugs in the latest version of WordPress, but our test suite shows that core functionality is working as intended. Having said that, I’m sure there are other bugs and bumps in the upgrade process – we’d love to learn about those, so we can push a follow-up release. Thanks in advance for reporting any issues you find. Hopefully, you find them in a staging area and not in your production site.

There are a couple of highlights for this build aside from the security fixes including new functionality for Pro subscribers, new caching engines, new extensions, new integrations and increased interoperability. Please check out the changelog for specifics.

Thanks for using W3 Total Cache!

Website Performance on the Edge with W3 Total Cache

For those of you that have been bothered or concerned with the notion of upgrading W3 Total Cache because new features have been problematic for you, we understand your concerns and we’re grateful to those that take the time to reach out about their challenges. As you may know, no amount of testing or known process allows us to identify issues that may occur on your site before hand due to all of the various hosting environments, plugins and themes that exist in eco-system.

So, to begin to address challenges nonetheless, the next release of W3 Total Cache includes two key new features that will allow us to iterate faster, provide maintenance updates which are not expected break your installation (because they don’t relate to features) and also make you aware of security or best practice updates so that you can keep your site as up-to-date as WordPress itself.

Version 0.9.4 (among numerous new features and fixes includes the following key improvements):

  1. Maintenance Updates Now each release will notify you of the changes that have occurred to the default settings since the last update and also make it easy for you to identify best practices that will help you make your site or application faster. The notifications can be ignored or automatically applied to your settings in just a click.
  2. Edge Mode WordPress is used in countless ways, environments and alongside of various software including plugins, themes and even drop-ins. For that reason, rather than continue to fail to maintain a developer network to help us go beyond our automated testing suite (and continuous integration practices), we are rolling out edge mode.The key is that in the new update you will be prompted to opt-in to edge mode that will allow you to test features that have not yet been tested in a large enough % of the user-base. This provides us the ability to use the typical WordPress workflow to provide updates more frequently for maintenance and also allows us to allow testers and early adopters to benefit from new features immediately as well.We anticipate that this change will allow us to make at least one release per month, but will be targeting one release per week.

    Again, those who have opted into edge mode would be able to preview features that are not available to users who have opted-out (the default setting).

    Pro subscribers will not be opted into the edge mode; however there will be Pro features available in edge mode periodically.

We hope that these changes will create a much better user experience and allow us to more aggressively further our mission to empower publishers and application developers to focus on their content and business rather than on web performance optimization.

Announcing W3 Total Cache Pro

Several weeks ago we silently launched version 0.9.3, a very exciting release for us. As we get closer to a final release of the popular web performance optimization (WPO) framework, we’re finally able start employing the best practices our colleagues like Joost de Valk and Pippin Williamson (among others) have championed for some time.

But before we get into that, let’s take a look at the highlights:

  • Fragment Caching Social layer, personalization and e-commerce etc are common elements of highly dynamic web sites. That means that caching entire pages to improve user experience and performance is not a solution. Fragment Caching bridges the gap between no caching at all and the “ideal,” full page caching. By extending the WordPress Transient API, W3TC allows developers to bring both horizontal and vertical scale to bear without doing anything differently.
  • Extension Framework As mentioned above, extensions / add-ons represent a great opportunity to both de-bloat projects that solve many problems or address many use cases. It also allows for innovation as 3rd parties can make contributions without having to be a core project developer to contribute or solve their problems while maintaining the control they need. We’re excited for you to try this first iteration of our extension framework, and documentation can be found (for now) inside the plugin’s FAQ.
  • Genesis Framework Extension Among the most popular theme clubs in the market and part of a highly valuable suite of publishing solutions is the Genesis Framework. Our work in the website optimization industry for the past 11+ years allows us to know great products and communities when we see them, and that is why we chose to work with CopyBlogger Media to enhance the performance of the framework.The extension is included in the W3TC default distribution and requires an active Genesis theme as well as W3TC Pro. The extension leverages the fragment cache in order to do its magic, a solid example of the power of the new extension framework. Once enabled, a given page request will be served 30-60% faster (and will be even faster as we move forward).

    Working with the Genesis team to get this extension into play has been fun, but we do expect to find some bugs along the way. Please let us know what you find so that we can promptly address. Meanwhile, we hope the value we’re offering helps you create engaging experiences for your readers / users. For Synthesis hosting customers, the upgrade is free and already running on your site(s).

For those interested in upgrading to the Pro version, simply use the upgrade button to obtain a license key valid for a single WordPress installation. To have a professional from the team tune your site for performance, simply make a purchase from the support tab of the plugin itself.

To learn more about how fragment caching helps “origin optimization” (optimizing your site for the cache miss and other use cases), check out the white paper we co-authored with our friends at CopyBlogger Media!

We have a lot more planned for the Pro version of W3TC, so please stay tuned or share your ideas with us as we move forward.

Security & W3 Total Cache 0.9.2.4

We take security quite seriously even though our focus is on making it trivial to allow any publisher to maximize the performance they can extract from their hosting environment and WordPress itself.  Most recently we took a look at the steps that GoDaddy was taking in the shared hosting segment of the market.

In versions of W3 Total Cache prior to 0.9.2.5 vulnerability exists (CVE-2012-6077, CVE-2012-6078, CVE-2012-6079) if the following two cases are true:

  1. Directory listing and download of w3tc/dbcache/ directories is possible
  2. W3 Total Cache has database caching enabled and is set to use disk

This issue was resolved, irrespective of whether or not #1 was true in release 0.9.2.5 which offset the next release than some of you may have been testing to 0.9.2.6.

For those of you who feel they were affected, here are some remediation steps:

  • Empty and disable database caching until you upgrade W3TC
  • Audit your administrator accounts and change their passwords, potentially add HTTP Basic Authentication to /wp-login.php and /wp-admin/ if possible
  • Update your database credentials, name (and table name offset if possible)
  • Ensure that you have nightly backups of your site, if you’re not sure contact your web host

The 0.9.2.6 release expected within less than a week further expands on the initial approach to securing caching files to disk while using database caching and ameliorates issues caused with the previous patch.

One might ask, why not completely remove disk caching for the database from the W3TC framework? The problem is that our goal is to make it possible for users to take control of their performance needs, that means that if they have an environment where they’ve tested to find that reading cache files from disk provided lower execution times than not caching at all, that option should be available.

After years of scaling web sites, one thing we know for sure is that as your site grows, the techniques you use to scale it change. W3TC is ready to grow with you. With more than 140 features and fixes in the next release, the future is bright.

Security Alert for W3 Total Cache

On the heels of a post by Matt Mullenweg, I thought it best to also make a post here to put any confusion that may ensue to rest:

Suspicious activity in wordpress.org plugin was noticed and a few plugins were found to be compromised. Malicious code was added to these plugins creating backdoor access to the web server. You would only be affected if you downloaded an update of the plugin today.

Once we were notified of the issue, we made sure that the current stable release (0.9.2.2) was restored to normal in addition to releasing the current development version as (0.9.2.3) allowing users to get an upgrade notification in WordPress Admin.

Needless to say, if you haven’t already upgraded, we encourage you to do so straight away via the WordPress Admin’s plugins page, it just takes a minute. If you did not upgrade today, you site should be secure, however we encourage you to update so that your site can take advantage of the additional performance optimizations included with each release.

As many of you have learned from working with us, W3TC seeks to improve the search engine ranking, conversion rates and user experience of web sites for free. We welcome you to submit a bug submission form from the support tab of the plugin to help us identify issues in new features and old features as the performance framework is used in more and more cases.

As always, thanks for your understanding and participation.