WP Engine – Speed up code found on the web

Home Forums BulletProof Security Pro WP Engine – Speed up code found on the web

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #15974
    Krzysztof
    Participant

    Hello!

    I have found a piece of code here:¬†http://www.markdescande.com/speed-up-wp-engine/ – as I see there are a few things new compared to the code posted here. Any coments on this Ed? ūüôā Could we all benefit from it?

    <ifModule mod_php5.c>
    php_value zlib.output_compression on
    </ifModule>
    SetOutputFilter DEFLATE
    <IfModule mod_headers.c>
    Header set Connection keep-alive
    Header append Vary User-Agent env=!dont-vary
    </IfModule>
    
    <IfModule mod_expires.c>
    ExpiresActive on
    ExpiresDefault "access plus 14 days"
    Header set Cache-Control "public"
    </IfModule>
    
    <FilesMatch "\.(html|htm|xml|txt|xsl)$">
    Header set Cache-Control "max-age=7200, must-revalidate"
    </FilesMatch>
    
    <IfModule mod_mime.c>
    AddType application/x-javascript .js
    AddType text/css .css
    </IfModule>
    
    <IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/css application/x-javascript text/x-component text/html text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon application/javascript
    </IfModule>
    
    <IfModule mod_setenvif.c>
    SetEnvIfNoCase Request_URI \.(?:rar|zip)$ no-gzip dont-vary
    SetEnvIfNoCase Request_URI \.(?:avi|mov|mp4)$ no-gzip dont-vary
    SetEnvIfNoCase Request_URI \.mp3$ no-gzip dont-vary
    </IfModule>
    #15977
    AITpro Admin
    Keymaster

    Looks like pretty standard Browser cache code with maybe some WP Engine specific things added. ¬†The Speed Boost Cache code is pretty much the same thing. ¬†Browser caching code is very standardized so¬†there is nothing really magical about Browser caching code in general. ¬†ūüėČ

    #28655
    Zsolt Edelényi
    Participant

    I have found this code, and it seems to me, that many things are added to you Speed Boost Cache code. For example the keepalive, which is essential according to GTmetrix. Is there any security risk using both codes?

    #28657
    AITpro Admin
    Keymaster

    There is not any Browser caching htaccess code that has any vulnerabilities that I am aware of.  The only possible problem you would run into is that your particular server does not allow or cannot process some particular htaccess code and it would either be ignored or it could cause your website to crash.  If you add any htaccess code in your root htaccess file that causes your website to crash then you would delete your root htaccess file to get your site back up.  Then login to your site and remove/delete the htaccess code that does not work on your server.

    #28664
    rafaelmagic
    Participant

    That article is a little off..

    WP Engine has a reverse proxy sandwich, CDN and SSD.

    NGINX (port 80/443) ~~> Varnish Cache ~~> Apache

    Varnish Cache is already doing GZip Compression, caching images, normalizing requests. At Server HTTP Level which runs circles to any Php-level WordPress Caching Plugin.

    I believe WP Engines Apache is running Google PageSpeed Module which is also doing Gzip, combining, minifying css & java at server level to Google’s Best Practices and a bunch of other stuff that I don’t have time to write about. They have a multimillion infrastructure setup for WordPress Speed.

    Mark Descande .htaccess has a few flaws.

    Best practice is¬†NOT setting “Header set Cache-Control “public” as seen in his code.
    Header set Cache-Control “max-age=7200, must-revalidate” already assumes a Public available¬† cache.

    His line “Header append Vary User-Agent env=!dont-vary” is wrong in a Varnish setup. That is saying that you want different caches for ALL the different users agents and browser types. You will have hundreds of different caches for every variation of users agent, browser.

    A better line is:

    <IfModule mod_headers.c>
    <FilesMatch ".(js|css|xml|gz|html)$">
    Header append Vary: Accept-Encoding
    </FilesMatch>
    </IfModule>
    

    https://www.maxcdn.com/blog/accept-encoding-its-vary-important/

    In Varnish Cache, Cache-Control Headers will take precedence over the Expires Headers. Rather he should have better Cache-Control Headers that cover static files such as images. Leaving the Expires Headers is fine, but Cache Control Headers are best.

    If your on a SHARED HOST the Speed Bonus Code that is lined by BPS Pro is pretty good. If you have a Proxy Cache in front of your server I would use “Vary: Accept-Encoding” instead of “Vary: User-Agent”.

    If your trying to Speed Up your site, add the Speed Cache Bonus Code, better hosting that offers SSD, hosting that is as close to your home as possible reduce latency, CDN to reduce latency if your global. Combine CSS, Java to footer. However some, not ALL java can be combined, some will break.

    Choose a Light Theme, less images that are optimized and less css, will give you less requests and the site will load faster.

    If possible upgrade to a Managed VPS or Server so you could take advantage of Google PageSpeed Module, Varnish Cache and other Server Level tools.

Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.