YSlow Cookie-free Domains – htaccess caching, mod_expires

Home Forums BulletProof Security Pro YSlow Cookie-free Domains – htaccess caching, mod_expires

This topic contains 12 replies, has 2 voices, and was last updated by Avatar of AITpro Admin AITpro Admin 8 months, 1 week ago.

Viewing 13 posts - 1 through 13 (of 13 total)
  • Author
    Posts
  • #2003 Facebook Google Twitter Email Stumbleupon Digg reddit pinterest Myspace Delicious LinkedIn tumblr
    Avatar of AITpro Admin
    AITpro Admin
    Keymaster

    Email Question:

    Hi Edward,

    How are you today? I have a question and this has not meen with the BPS but my website need to set cookies. Because some plugins used cookies.  I have read that you can set cookies mod_write in .htaccess file. I have tested with yslow under chrome browser, see the results below.  How can i resolved this? Or wich code i must use for this.  Can you help me? You are the expert about the .htaccess file  Is this the right way by the way to right code in the .htaccess file?  Greetings, Antoin  Grade F on Use cookie-free domains There are 54 components that are not cookie-free

     

    #2004 Facebook Google Twitter Email Stumbleupon Digg reddit pinterest Myspace Delicious LinkedIn tumblr
    Avatar of AITpro Admin
    AITpro Admin
    Keymaster
    #2032 Facebook Google Twitter Email Stumbleupon Digg reddit pinterest Myspace Delicious LinkedIn tumblr
    Avatar of Antoin Vink
    Antoin Vink
    Participant

    Hi, Thank you for the links, realy appreciate it.
    I saw this link: http://www.xpertdeveloper.com/2011/07/wordpress-cookie-free-domain/
    What is realy better .htaccess or wp-config.php
    But i don’t know how to apply this:

    define("WP_CONTENT_URL", "http://static.yourdomain.com");  
    define("COOKIE_DOMAIN", "www.yourdomain.com");

    Note: Please make sure that you have used “bloginfo(‘template_directory’)” to load your static content in theme files.

    #2036 Facebook Google Twitter Email Stumbleupon Digg reddit pinterest Myspace Delicious LinkedIn tumblr
    Avatar of AITpro Admin
    AITpro Admin
    Keymaster

    Personally I use htaccess code as much as possible to accomplish whatever I need to accomplish so I would personally go the htaccess code route. The primary reason for this I can change things really quickly – add, remove and modify htaccess code as needed.  Adding a subdomain site is not as simple an issue as it seems at face value.  Creating a subdomain site will have an impact on your main site.  A subdomain site is treated as a separate domain.  Before you decide to create a subdomain site you should reseach the Pros and Cons of creating a subdomain site.

    Note:  I assume this is a typo / mistake – I believe that this will break your plugins that use this Constant because the wp-content folder is not included in URL path.  I could be wrong, but If you are considering going this route you should triple check this.

    define("WP_CONTENT_URL", "http://static.yourdomain.com"); 
    #2039 Facebook Google Twitter Email Stumbleupon Digg reddit pinterest Myspace Delicious LinkedIn tumblr
    Avatar of Antoin Vink
    Antoin Vink
    Participant

    Yeah, you have right. This sounds very logical!
    I will take the .htaccess route. I will read your links. Thanks for the great tips!

    #2053 Facebook Google Twitter Email Stumbleupon Digg reddit pinterest Myspace Delicious LinkedIn tumblr
    Avatar of Antoin Vink
    Antoin Vink
    Participant

    Hi,

    I have search about the mod_expires code, but there are many of them.
    On the first link what you give me you have three samples http://www.askapache.com/htaccess/speed-up-sites-with-htaccess-caching.html#mod_expires_Caching_EX-_1

    And this one i don’t know.
    Which code can i better use for my website Edward?
    So i can put it on my .htaccess file. This is very new for me.

    #2055 Facebook Google Twitter Email Stumbleupon Digg reddit pinterest Myspace Delicious LinkedIn tumblr
    Avatar of AITpro Admin
    AITpro Admin
    Keymaster

    EDIT:   Additional info added for WordPress sites:  http://forum.ait-pro.com/forums/topic/yslow-cookie-free-domains-htaccess-caching-mod_expires/#post-11479

    After looking at the whole cookie-free domain thing some more it appears that the only way to implement this would be to create a subdomain site.  I have never attempted to implement this so I really don’t have any answers for you regarding this quesition.  I had misinterpreted what the cookie-free domain method is supposed to accomplish and had assumed it was tied directly to caching, but I see that it is similar, but actually something different.  So unfortunately I cannot assist you with this since I know pretty much zero about this.

    Just FYI on the askapache caching methods:

    The askapache website shows you 2 ways that you can do caching with htaccess code to speed up your website and this is different then implementing a cookie-free domain.

    mod_expires
    and/or
    mod_headers

    You can use either or both together as you see for failsafe caching if one does not work on your particular Host.  What that means is that one mod may be ignored on your particular Host / Server while the other does work / is allowed.  Most likely both will work / are allowed since these are now very standardized mods.

    #2059 Facebook Google Twitter Email Stumbleupon Digg reddit pinterest Myspace Delicious LinkedIn tumblr
    Avatar of Antoin Vink
    Antoin Vink
    Participant

    Hi Sir,

    Thanks for your excellent explanation. Indeed, I think that domain is very different.
    Especially if you are using W3 Total Cache. Then mod_expires and mod_headers is much better for that.I can add these htaccess codes under category: B-Core———CUSTOM CODE BOTTOM: Add miscellaneous custom htaccess code hereONLY add validation code below htaccess or text commented out with a pound sign #———And add and save?Thanks for your timeGreetings!

    #2060 Facebook Google Twitter Email Stumbleupon Digg reddit pinterest Myspace Delicious LinkedIn tumblr
    Avatar of Antoin Vink
    Antoin Vink
    Participant

    This is a nice code for the Custom code: http://www.askapache.com/hacking/speed-site-caching-cache-control.html
    With both mod_expires + mod_headers
    Caching with .htaccess and Apache will take your website and your web skills to the next level. This is some technical and advanced methods condensed to simple htaccess code examples for you. But you must take the time to understand caching with cache-control and other headers and HTTP options before you implement on a production server.

    Caching with both mod_expires + mod_headers
    # Turn on Expires and set default to 0
    ExpiresActive On
    ExpiresDefault A0
    
    # Set up caching on media files for 1 year (forever?)
    <FilesMatch "\.(flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav)$">
    ExpiresDefault A29030400
    Header append Cache-Control "public"
    </FilesMatch>
    
    # Set up caching on media files for 1 week
    <FilesMatch "\.(gif|jpg|jpeg|png|swf)$">
    ExpiresDefault A604800
    Header append Cache-Control "public"
    </FilesMatch>
    
    # Set up 2 Hour caching on commonly updated files
    <FilesMatch "\.(xml|txt|html|js|css)$">
    ExpiresDefault A7200
    Header append Cache-Control "proxy-revalidate"
    </FilesMatch>
    
    # Force no caching for dynamic files
    <FilesMatch "\.(php|cgi|pl|htm)$">
    ExpiresActive Off
    Header set Cache-Control "private, no-cache, no-store, proxy-revalidate, no-transform"
    Header set Pragma "no-cache"
    </FilesMatch>
    #2061 Facebook Google Twitter Email Stumbleupon Digg reddit pinterest Myspace Delicious LinkedIn tumblr
    Avatar of AITpro Admin
    AITpro Admin
    Keymaster

    Hmm if you are already using W3TC then what you would want to combine your custom .htaccess code into the W3TC htaccess code and what you would need to do then is take all of the combined .htaccess code and add it to the text box.  If your site is using a php/php.ini handler then you would need to also add that php/php.ini handler code into the Custom Code Top text box under your combined caching .htaccess code.  htaccess caching code should come first in your root .htaccess file before any other .htaccess code in your Root .htaccess file.

    The disadvantage of doing this is if you redeploy W3TC then it will write new .htaccess code to your root .htaccess file and overwrite you combined custom code.  Since your custom code is saved permanently to BPS Pro Custom Code then you would need to add it back again by using the AutoMagic buttons and activating Root BulletProof Mode again.

     

    #2064 Facebook Google Twitter Email Stumbleupon Digg reddit pinterest Myspace Delicious LinkedIn tumblr
    Avatar of Antoin Vink
    Antoin Vink
    Participant

    I will try, thank you!If I can not get the custom code to add, can i ask you to help me?
    Like before to login.But I will try first.I will come back, and will reply in this topic again.

    #2065 Facebook Google Twitter Email Stumbleupon Digg reddit pinterest Myspace Delicious LinkedIn tumblr
    Avatar of AITpro Admin
    AITpro Admin
    Keymaster

    Sure after you have combined all your custom .htaccess code then so done some testing by using any one of the sites out there that allow you to check caching.  This site is a very good one below for checking everything related to caching and other stuff too.  It will tell you what is working and not working.  After you have done all this and if you are running into a problem then email me your code and I will see what might be wrong with it.

    http://www.webpagetest.org/

    #11479 Facebook Google Twitter Email Stumbleupon Digg reddit pinterest Myspace Delicious LinkedIn tumblr
    Avatar of AITpro Admin
    AITpro Admin
    Keymaster

    Since this post is ranking very high for no good reason I thought it would be nice to add some actual content that could be useful to someone.  This is specific to WordPress so if you do not have a WordPress site then the general concept applies, but of course the implementation is going to be different.  The only thing that concerns me about doing something like this is:  if you are using affiliate software that tracks cookies does this impact or negate that cookie tracking?  My assumption is this would be used for only image based stuff, but if you are using some sort of affiliate software/plugin on your site you should do extensive sandbox testing before implementing something like this.

    http://www.askapache.com/htaccess/apache-speed-subdomains.html

    http://codex.wordpress.org/Editing_wp-config.php#Set_Cookie_Domain

    The domain set in the cookies for WordPress can be specified for those with unusual domain setups. One reason is if subdomains are used to serve static content  . To prevent WordPress cookies from being sent with each request to static content on your subdomain you can set the cookie domain to your non-static domain only.

Viewing 13 posts - 1 through 13 (of 13 total)

You must be logged in to reply to this topic.