Blog

Willie Jackson

Willie Jackson

Willie Jackson is an artist, engineer, marketer, and writer who leads the Performance team at W3 EDGE and supports users of W3 Total Cache. He has been featured in documentaries (I’m Fine, Thanks), on HTGV (House Hunters International Episode HHINT-5010H), and in print (Icarus Deception by Seth Godin, 2012). Willie writes semi-regularly on his eponymous blog about business and success through the eyes of a curious marketer. A graduate of Florida State University (Information Technology), Jackson currently lives in Jacksonville, FL.

All topics by Willie Jackson

W3 Total Cache Pro Activation Patch

We recently noticed an increase in the number of customers experiencing activation issues with W3 Total Cache Pro. For those of you who don’t know, this is how it works:

Once you upgrade from the Community (free) version of W3 Total Cache to the Pro version ($99/yr subscription), you’re assigned a license key that in most cases is automatically applied. In the event that activation isn’t automatic, you simply need to paste the license key (which is sent via email and displayed in your browser at the time of purchase) in the License field on the General Settings page and save settings.

A number of customers were unsuccessful in getting the Pro version activated despite following the steps above, and our investigation has revealed that a patch is required in order to complete the activation process if you’re among those affected.

Two things before I reveal the patch:

  1. We’re happy to implement this patch for you! Just email us at w3tc-team@w3-edge.com and let us know that you need help. We’ll provide you with a secure link so you can send us WP Admin and filesystem (SSH or FTP) access. Note that both required to implement and verify the patch, so please be sure you have both ready.
  2. This patch will be in the next release, so most people won’t have to worry about it. We don’t have an ETA we can give you for this release, but it will be available “soon” (smile).

Without further ado.

On line 117 of /w3-total-cache/lib/W3/Licensing.php, the following line:

network_admin_url('admin.php?page=w3tc_general&w3tc_licensing_check_key'))

needs to be replaced with:

wp_nonce_url(network_admin_url('admin.php?page=w3tc_general&w3tc_licensing_check_key'), 'w3tc'))

That’s it.

Please make a backup of this file before making changes if you attempt this on your own, and as always, thanks so much for using W3 Total Cache.

W3 Total Cache and HTTPS

As many of you know, Google has now announced HTTPS as a ranking signal.

In plain English this means that all things being equal, a site served over HTTPS will rank higher than a site served over HTTP. And don’t take “all things being equal” lightly, there are hundreds of factors that influence how well your site ranks (so there’s no need to drop everything and buy an SSL certificate). Regardless, security (as in the case with performance) is clearly a direction towards which the web is moving.

Configuring SSL is a pain, even when you know what you’re doing. The last thing we want here at W3 EDGE is to make it harder for you to run a secure website once you’ve gone through the trouble of implementing security measures.

There are a number of ways in which W3 Total Cache supports both performance and security, and we wanted to highlight a few of these capabilities below:

Page caching

  1. Caching of HTTPS pages: on the page cache settings page, you can “Cache SSL (https) requests” (uniquely) for improved performance.
  2. Page caching exceptions: Pages with customer-specific data (such as shopping cart pages and member profiles) should not be cached in most cases, and W3TC allows you to implement a page caching exception on the pages of your choice via the “Never cache the following pages” section of the page cache settings page. Usage: simply enter “cart/” to exclude that page or “cart/*” to exclude that page and all sub-pages. (Without the quotes, of course.)
  3. Pro tip: you can also use the define('DONOTCACHEPAGE', true); define statement in your functions.php file to specify a page or series of pages where page caching should be disabled. Navigate to Performance > FAQ in your Dashboard for more information.

Content Delivery Networks

  1. Disable CDN on SSL pages: We have a lot of customers who run ecommerce websites and secure transaction pages (/cart, etc.) with SSL. Many of these customers also integrate a Content Delivery Network on their site to improve performance, and this can break SSL pages if the CDN URLs are HTTP. W3TC has long since allowed you to disable CDN on HTTPS pages with a snippet of code, but this functionality is now fully exposed through the UI. Usage: On the CDN Settings page, simply select the “Disable CDN on SSL pages” checkbox under the Advanced section.
  2. SSL Support: W3TC also supports CDNs served over HTTPS.
  3. Pro tip: to maximize the use of W3TC and your CDN on sites with both HTTP and HTTPS pages, you can define both versions of your CDN hostnames in the “Replace site’s hostname with” fields of the CDN settings page in the following format: cdn.yourdomain.com,ssl-cdn.yourdomain.com. You can see Yoast’s configuration illustrated in his excellent post on WordPress and CDNs.

CloudFlare

CloudFlare is a product that many of our customers use for securing and accelerating their sites. You can actually use CloudFlare’s Pro plan ($20/mo as of the time of this post) to serve your site over SSL without needing to purchase and configure an SSL certificate.

The latest version of W3TC ships with a CloudFlare extension to facilitate the connection between your site and the CloudFlare services. This connector is not required for CloudFlare to function of course (CloudFlare works at the DNS level), but our connector exposes a number of useful functions that allow you to make changes right from W3TC.

Fun fact: CloudFlare was originally conceived as a security product that ended up having performance benefits as a result of how it functions.

Help!

I know, this stuff can be overwhelming if you don’t have an engineering degree or if you’re just wading into these waters. You can drop us a note or order professional configuration if you need help.

Heartbleed bug and W3 Total Cache

By now, you’ve no doubt read posts from all over the web about the Heartbleed Bug. If you’ve somehow missed the news, here’s a quick overview:

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).
The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.

Pretty scary stuff.

How it affects you

Here at W3 EDGE, and we use SSL to secure credit card transactions when customers purchase W3 Total Cache Pro license through the WordPress dashboard.

Upon learning of the bug, we upgraded OpenSSL on our servers to version 1.0.1g which was released on Monday and contains a patch for the Heartbleed bug. No action is required on your part, and you can continue using W3 Total Cache with confidence.

WPO & GoDaddy: How to configure W3 Total Cache and APC

APC is an opcode cache used by many sites to improve application performance. PHP is an interpreted language, and the scripts (such as the ones that comprise your WordPress site) are loaded, parsed, compiled into an opcode, and executed when called. This process can use an inordinate amount of resources on a busy site, especially one without caching, so we need to do what we can to optimize this process.

While installing APC on a dedicated server or VPS is a straightforward process, this post (the first in a series of Web Performance Optimization (WPO) posts for GoDaddy) outlines how to enable it on your GoDaddy shared web hosting account:

  1. Log into your GoDaddy account and navigate to your hosting dashboard
  2. Go to Tools > FTP File Manager
  3. Locate the php5.ini file and make a copy by clicking the checkbox, clicking on the “html” directory on the left, and entering php5.ini.backup.txt as the file name
  4. Look for a line mentioning apc.shm_size and if one doesn’t exist, add this: apc.shm_size = 64M
  5. Make sure lines beginning with zend_optimizer and zend_extension are preceded by a semicolon
  6. Save the file and then click the X in the top-right corner

And now we need to restart PHP:

  1. Navigate to your hosting dashboard again
  2. Click the “Launch” button that corresponds with the hosting account in question
  3. Under “Stats & Monitors” click “System Processes”
  4. Click “End Web” in the top
  5. This will restart the PHP process on your account and you should now be able to cache against APC in W3 Total Cache

Note that the optimal configuration depends on available memory, your theme, active plugins, and other factors. If you’d like help unlocking your site’s performance potential, place your order here and we’ll implement these best practices for you.

And if you’d like to be updated when products are updated or announced, be sure to sign up here.

W3 Total Cache v0.9.2.5 Released

We recently released a security update to W3 Total Cache that addresses a vulnerability that can be exploited on misconfigured servers when database caching to disk is enabled. All users are encouraged to update.

If you see the following error following the upgrade: Fatal error: Call to undefined function w3_is_dbcluster() in /path/to/wp-content/some-file.php

This likely means that you’ve had us configure W3 Total Cache on your site already, and you were running a newer version of the plugin already.

You’ll need to manually disable W3 Total Cache to restore access and reach out so we can get you sorted.

How to integrate a CDN with W3 Total Cache

The integration of a Content Delivery Network (CDN) into your website remains one of the easiest and most cost-effective ways to improve web performance. W3 Total Cache supports several CDN types (self-hosted, origin pull, and origin push) and makes the integration into WordPress simple.

In this post, I’ll show you how to integrate MaxCDN’s origin pull CDN product into W3TC. MaxCDN’s product remains one of the most commonly used CDNs in W3TC because it’s both affordable, simple to set up, and requires virtually no maintenance once integrated.

MaxCDN configuration steps

First, create MaxCDN account if you haven’t already. When you log in, click “Manage Zones” Then click “Create Pull Zone” Configure your new Pull Zone and then click “Create” Make a note of your CDN URL, which we’ll use in a moment

We could technically integrate our CDN now, but W3TC can communicate with the MaxCDN (allowing purge requests to be sent directly from WordPress) if we set up the API connection.

Click “my settings” in the top-right corner Click “API” in the sub-menu that appears You’ll notice that we don’t have any API Keys configured. Click “Add Key” Add a description if you’d like and then click “Save” Your API ID and Key will appear here, I’ve removed my Key from the screenshot

That’s all we need to do in MaxCDN right now. In the next section, we’ll configure W3 Total Cache using the pull zone we just created.

W3 Total Cache configuration steps:

Once logged into WordPress, navigate to the W3 Total Cache by clicking on the “Performance” tab towards the bottom of your Dashboard sidebar. From the General Setting page, ensure that CDN is disabled and select “NetDNA / MaxCDN” from dropdown menu Navigate to the CDN Settings. Enter your API ID and Key, your CDN URL, and click “Test NetDNA”

You should see “Test passed” in green if you’ve done everything correctly. Save your settings and then navigate back to the General Settings page. Enable the CDN by clicking the check box and saving your settings.

Power user tip #1: Configure a subdomain like cdn.yourdomain.com so we can get rid of long MaxCDN URL. W3 Total Cache lets you configure multiple CDN subdomains, so we’ll go ahead and configure a few.

Log back into MaxCDN and from the dashboard, click “Manage” next to the Pull Zone you created: Then click “Settings” right above the Zone Configuration You’re presented with an overview of your Pull Zone settings The section we want is labeled Custom Domains. Click “Edit” and enter your desired subdomains Click “Update” and then navigate to your DNS control panel. Create a CNAME entry for every subdomain that you entered in MaxCDN, and alias them to your MaxCDN URL Once DNS propagates, you can update W3TC with the subdomains and replace the long CDN URL with the new, custom ones

Power user tip #2: We can further improve page loads speeds by using a completely different domain for the CDN, ensuring that the domain is cookie-free. So if your site is www.domain.com, you could set domain.<strong>net</strong> as the domain to use with your CDN. Note: this assumes that you own domain.net and have access to its DNS control panel. That’s it! If you have any issues getting it working, drop us a line. If you’d like us to set this up for you, we’re happy to help.