[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fooAgLadwxDtSFo4VtISHhEEMxgGrk6GswNs-2oDxA9E":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":132,"fingerprints":172},"nginx-proxy-cache-purge","Nginx Proxy Cache Purge","0.9.7","John Levandowski","https:\u002F\u002Fprofiles.wordpress.org\u002Fjlevandowski\u002F","\u003Cp>Purges the nginx proxy cache when you publish or update a post or page.  The cache will be purged for the:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Page or post you published or updated\u003C\u002Fli>\n\u003Cli>Front page of your site\u003C\u002Fli>\n\u003Cli>Posts page of your site (if enabled)\u003C\u002Fli>\n\u003Cli>Feed of your site\u003C\u002Fli>\n\u003Cli>Comments feed of your site\u003C\u002Fli>\n\u003C\u002Ful>\n","Purges the nginx proxy cache when you publish or update a post or page.",10,5974,0,"2018-03-30T15:08:00.000Z","3.0.5","3.0.1","",[19,20,21,22],"cache","nginx","proxy","purge","http:\u002F\u002Fwpselect.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnginx-proxy-cache-purge.0.9.7.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"jlevandowski",1,30,84,"2026-04-03T18:05:02.215Z",[36,57,72,93,112],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":54,"download_link":55,"security_score":56,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"varnish-http-purge","Proxy Cache Purge","5.7.0","Danila Vershinin","https:\u002F\u002Fprofiles.wordpress.org\u002Fdvershinin\u002F","\u003Cp>\u003Cstrong>This plugin \u003Cem>does not\u003C\u002Fem> install nor configure a cache proxy. It acts as an interface with such services.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>One common method of caching content for websites is via the use of reverse proxy caching. Common examples of this are \u003Ca href=\"https:\u002F\u002Fwww.varnish-cache.org\u002F\" rel=\"nofollow ugc\">Varnish\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.nginx.org\u002F\" rel=\"nofollow ugc\">NGINX\u003C\u002Fa>. These systems allow a website to update content and have the visitor’s experience cached without the need for complex plugins storing the files locally and using up a user’s disk space.\u003C\u002Fp>\n\u003Cp>A reverse proxy cache is installed in front of a server and reviews requests. If the page being requested is already cached, it delivers the cached content. Otherwise it generates the page and the cache on demand.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>The Proxy Cache Purge plugin sends a request to delete (aka flush) the cached data of a page or post every time it’s modified.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>How It Works\u003C\u002Fh4>\n\u003Cp>When content on a site is updated by WordPress, the plugin reaches out to the proxy cache service with the URL of the page, requesting the cache be deleted.\u003C\u002Fp>\n\u003Cp>Not all pages are deleted from the cache on every change. For example, when a post, page, or custom post type is edited, or a new comment is added, \u003Cem>only\u003C\u002Fem> the following pages will purge:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The front page\u003C\u002Fli>\n\u003Cli>The post\u002Fpage edited\u003C\u002Fli>\n\u003Cli>Any categories, tags, and\u002For custom taxonomies associated with the page\u003C\u002Fli>\n\u003Cli>Related feeds\u003C\u002Fli>\n\u003Cli>Associated JSON API pages\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In addition, your \u003Cem>entire\u003C\u002Fem> cache will be deleted on the following actions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Changing themes\u003C\u002Fli>\n\u003Cli>Pressing the \u003Cstrong>Empty Cache\u003C\u002Fstrong> button on the toolbar\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Plugins can hook into the purge actions as well, to filter their own events to trigger a purge.\u003C\u002Fp>\n\u003Cp>On a multisite network using subfolders, only \u003Cstrong>network admins\u003C\u002Fstrong> can purge the main site.\u003C\u002Fp>\n\u003Ch4>Development Mode\u003C\u002Fh4>\n\u003Cp>If you’re working on a site and need to turn off caching in one of two ways:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Add \u003Ccode>define( 'VHP_DEVMODE', true );\u003C\u002Fcode> to your \u003Ccode>wp-config.php\u003C\u002Fcode> file\u003C\u002Fli>\n\u003Cli>Go to Proxy Cache -> Settings and enable Debug Mode for 24 hours at a time\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>That will break cache on page loads. It is \u003Cem>not\u003C\u002Fem> recommended for production!\u003C\u002Fp>\n\u003Ch4>Cache Tags (BETA)\u003C\u002Fh4>\n\u003Cp>As of version 5.4.0, Proxy Cache Purge includes an \u003Cstrong>optional Cache Tags \u002F Surrogate Keys purge mode\u003C\u002Fstrong>. This feature is marked as \u003Cstrong>BETA\u003C\u002Fstrong> and is disabled by default.\u003C\u002Fp>\n\u003Cp>When enabled, the plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Adds cache-tag headers to WordPress responses (for example, tagging pages by post ID, post type, taxonomy terms, author, and archives).\u003C\u002Fli>\n\u003Cli>Uses tag-based purges instead of individual URL purges when content is updated, which can reduce purge traffic and improve consistency on complex sites.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Requirements:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A proxy cache that supports Cache Tags \u002F Surrogate Keys and advertises this via standard \u003Ccode>Surrogate-Capability\u003C\u002Fcode> headers (for example, \u003Ccode>Surrogate-Capability: vhp=\"Surrogate\u002F1.0 tags\u002F1\"\u003C\u002Fcode>).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>How to enable:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Go to \u003Cstrong>Proxy Cache \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Purge Method\u003C\u002Fstrong> and check \u003Cstrong>“Use Cache Tags (Surrogate Keys)”\u003C\u002Fstrong>. The checkbox is only enabled when your cache tells WordPress it supports tags (or when you explicitly enable it via a define).\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Alternatively, you can force-enable or force-disable detection via \u003Ccode>wp-config.php\u003C\u002Fcode>:\u003C\u002Fp>\n\u003Cp>define( ‘VHP_VARNISH_TAGS’, true );  \u002F\u002F Force treat cache as tag-capable\u003Cbr \u002F>\ndefine( ‘VHP_VARNISH_TAGS’, false ); \u002F\u002F Force treat cache as not tag-capable\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Because this feature depends on your cache configuration, it is recommended that you test it carefully in staging before enabling it on production.\u003C\u002Fp>\n\u003Ch4>Background Purging with WP-Cron\u003C\u002Fh4>\n\u003Cp>On busy sites, sending many PURGE requests directly from admin requests can slow things down. When you define \u003Ccode>DISABLE_WP_CRON\u003C\u002Fcode> as \u003Ccode>true\u003C\u002Fcode> in \u003Ccode>wp-config.php\u003C\u002Fcode> (because you are running a real system cron that calls \u003Ccode>wp-cron.php\u003C\u002Fcode>), Proxy Cache Purge automatically switches to an asynchronous mode:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Purge requests (both URL-based and tag-based, when Cache Tags are enabled) are collected into a small per-site queue.\u003C\u002Fli>\n\u003Cli>The queue is processed by WP-Cron in the background, keeping your admin and content-editing actions responsive even when many URLs or tags must be invalidated.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Object-cache purges (the “Purge Database Cache” option) remain synchronous and are not affected by this behaviour. The Proxy Cache settings page and Site Health integration expose basic queue status so you can verify that background purging is healthy; if the queue appears large or very old, check that your system cron is correctly invoking WordPress cron.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important: Cron Frequency and Cache Freshness\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>When using background purging, the frequency of your system cron determines how quickly cache invalidations are processed. The longer the interval between cron runs, the longer visitors may see stale content after updates.\u003C\u002Fp>\n\u003Cp>For minimal stale content, run your system cron every minute:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>* * * * * \u002Fusr\u002Fbin\u002Fphp \u002Fvar\u002Fwww\u002Fhtml\u002Fwp-cron.php\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If you can tolerate slightly longer delays, every 2-5 minutes is also acceptable. However, running cron less frequently (e.g., every 15 minutes) means cache purges may be delayed by that amount after content changes.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> Scheduled posts are handled specially. When a scheduled post is published via WP-Cron, the cache is purged synchronously within the same cron run, ensuring immediate cache invalidation without waiting for the next cron execution.\u003C\u002Fp>\n\u003Cp>For detailed instructions on setting up a proper Linux-based WordPress cron, see: \u003Ca href=\"https:\u002F\u002Fwww.getpagespeed.com\u002Fweb-apps\u002Fwordpress\u002Fwordpress-cron-optimization\" rel=\"nofollow ugc\">WordPress Cron Optimization\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Disabling Background Purging\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you have \u003Ccode>DISABLE_WP_CRON\u003C\u002Fcode> defined but do not want background purging (for example, on low-traffic sites where immediate purges are preferred), you can force-disable cron-based purging by adding this to your \u003Ccode>wp-config.php\u003C\u002Fcode>:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'VHP_DISABLE_CRON_PURGING', true );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>With this constant set, all cache purges will execute immediately during the request, regardless of the \u003Ccode>DISABLE_WP_CRON\u003C\u002Fcode> setting.\u003C\u002Fp>\n\u003Ch3>WP-CLI\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Purge\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Purge commands let you empty the cache.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp varnish purge\u003C\u002Fcode> – Flush the entire site cache (equivalent to clicking “Empty Cache” in admin)\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge --all\u003C\u002Fcode> – Explicitly flush the entire site cache\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge \u003Curl>\u003C\u002Fcode> – Flush cache for a specific URL and all content below it (wildcard)\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge \u003Curl> --url-only\u003C\u002Fcode> – Flush cache for only the exact URL specified (no wildcard)\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge --tag=\u003Ctag>\u003C\u002Fcode> – Flush cache by tag (requires Cache Tags mode to be enabled)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Examples:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp varnish purge\u003C\u002Fcode> – Purge entire site\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge --all\u003C\u002Fcode> – Same as above, more explicit\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge https:\u002F\u002Fexample.com\u002Fhello-world\u002F\u003C\u002Fcode> – Purge this URL and everything below it\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge https:\u002F\u002Fexample.com\u002Fhello-world\u002F --url-only\u003C\u002Fcode> – Purge only this exact URL\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge https:\u002F\u002Fexample.com\u002Fwp-content\u002Fthemes\u002F --wildcard\u003C\u002Fcode> – Purge all theme files\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge --tag=p-123\u003C\u002Fcode> – Purge all pages tagged with post ID 123\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge --tag=pt-post\u003C\u002Fcode> – Purge all cached pages of post type “post”\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Debug\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Debugging can help you figure out why your cache isn’t working as well as it could. The default is for your home page, but you can pass any URL on your domain.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp varnish debug [\u003Curl>]\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Available parameters:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>[--include-headers]\u003C\u002Fcode> —  Include headers in debug check output\u003C\u002Fli>\n\u003Cli>\u003Ccode>[--include-grep]\u003C\u002Fcode> — Grep active theme and plugin directories for common issues\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>DevMode\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Development mode allows you to disable the cache, temporarily.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp varnish devmode [\u003Cactivate|deactivate|toggle>]\u003C\u002Fcode> – Change development mode state\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Async purge queue (cron-mode)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>When you define \u003Ccode>DISABLE_WP_CRON\u003C\u002Fcode> as \u003Ccode>true\u003C\u002Fcode> and run a real system cron for WordPress, Proxy Cache Purge can move heavy purge work into a small background queue that is processed by WP‑Cron.\u003C\u002Fp>\n\u003Cp>You can inspect and manage that queue via WP‑CLI:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp varnish queue status\u003C\u002Fcode> – show whether cron-mode is active, if a full purge is queued, counts of queued URLs\u002Ftags, and the last queue run time.\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish queue process\u003C\u002Fcode> – process any items currently in the queue (useful to run after deploys or cache‑sensitive operations).\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish queue clear\u003C\u002Fcode> – clear the queue without sending any PURGE requests.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These commands do not replace your normal WordPress cron (you still need a cron entry that calls \u003Ccode>wp cron event run --due-now\u003C\u002Fcode> or hits \u003Ccode>wp-cron.php\u003C\u002Fcode>), but they give you a simple operational handle when using cron‑mode.\u003C\u002Fp>\n\u003Ch4>Understanding Purge Behavior\u003C\u002Fh4>\n\u003Cp>There are different types of cache purges, and they behave differently:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Manual Purges (Admin Bar)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>“Purge Cache (All Pages)”\u003C\u002Fstrong> – Sends a single regex purge request to invalidate the entire cache. Always executes immediately.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>“Purge Cache (this page)”\u003C\u002Fstrong> – Purges only the exact URL you’re viewing. Always executes immediately.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Manual purges are always immediate, even when background cron-mode is enabled. This is intentional: when you click a button, you expect immediate results.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Automatic Purges (Post Save\u002FUpdate)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>When you save or update a post, the plugin automatically purges:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The post’s URL\u003C\u002Fli>\n\u003Cli>The homepage\u003C\u002Fli>\n\u003Cli>Category archive pages\u003C\u002Fli>\n\u003Cli>Tag archive pages\u003C\u002Fli>\n\u003Cli>Author archive page\u003C\u002Fli>\n\u003Cli>Date-based archives\u003C\u002Fli>\n\u003Cli>RSS feeds\u003C\u002Fli>\n\u003Cli>Related REST API endpoints\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This can be 20-50+ URLs depending on your site structure. When cron-mode is enabled, these automatic purges are queued and processed in the background to avoid slowing down the post editor.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Difference\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>  Action\u003Cbr \u002F>\n  URLs Purged\u003Cbr \u002F>\n  Uses Cron Queue?\u003C\u002Fp>\n\u003Cp>  “Purge Cache (All Pages)”\u003Cbr \u002F>\n  1 (regex)\u003Cbr \u002F>\n  No – always immediate\u003C\u002Fp>\n\u003Cp>  “Purge Cache (this page)”\u003Cbr \u002F>\n  1\u003Cbr \u002F>\n  No – always immediate\u003C\u002Fp>\n\u003Cp>  Post save\u002Fupdate\u003Cbr \u002F>\n  20-50+\u003Cbr \u002F>\n  Yes (if cron-mode enabled)\u003C\u002Fp>\n\u003Cp>If you need to immediately purge all URLs related to a specific post (not just the post URL), save the post – the automatic purge will handle all related URLs.\u003C\u002Fp>\n","Automatically empty proxy cached content when your site is modified.",40000,2164070,88,26,"2026-03-13T00:00:00.000Z","6.3.8","5.0","5.6",[19,20,21,22,53],"varnish","https:\u002F\u002Fgithub.com\u002Fdvershinin\u002Fvarnish-http-purge","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvarnish-http-purge.5.7.0.zip",100,{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":56,"downloaded":65,"rating":13,"num_ratings":13,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":17,"download_link":71,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"webglobe-purge-cache","Webglobe Purge Cache","1.2","Webglobe.sk","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebglobe-yegon\u002F","\u003Cp>Automatic cache purge when the content is updated. Works only with specialized hosting plans from Webglobe.\u003C\u002Fp>\n","Automatic cache purge when the content is updated. Works only with specialized hosting plans from Webglobe.",796,"2024-02-19T11:39:00.000Z","6.4.8","6.0","7.2",[19,20,21,22,58],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwebglobe-purge-cache.zip",{"slug":73,"name":74,"version":75,"author":76,"author_profile":77,"description":78,"short_description":79,"active_installs":80,"downloaded":81,"rating":46,"num_ratings":82,"last_updated":83,"tested_up_to":84,"requires_at_least":85,"requires_php":17,"tags":86,"homepage":91,"download_link":92,"security_score":56,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"nginx-helper","Nginx Helper","2.3.5","rtCamp","https:\u002F\u002Fprofiles.wordpress.org\u002Frtcamp\u002F","\u003Col>\n\u003Cli>Removes \u003Ccode>index.php\u003C\u002Fcode> from permalinks when using WordPress with nginx.\u003C\u002Fli>\n\u003Cli>Adds support for purging redis-cache when used as full-page cache created using \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fopenresty\u002Fsrcache-nginx-module#caching-with-redis\" rel=\"nofollow ugc\">nginx-srcache-module\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Adds support for nginx fastcgi_cache_purge & proxy_cache_purge directive from \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FFRiCKLE\u002Fngx_cache_purge\" title=\"ngx_cache_purge module\" rel=\"nofollow ugc\">module\u003C\u002Fa>. Provides settings so you can customize purging rules.\u003C\u002Fli>\n\u003Cli>Adds support for nginx \u003Ccode>map{..}\u003C\u002Fcode> on a WordPress-multisite network installation. Using it, Nginx can serve PHP file uploads even if PHP\u002FMySQL crashes. Please check the tutorial list below for related Nginx configurations.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Tutorials\u003C\u002Fh4>\n\u003Cp>You will need to follow one or more tutorials below to get desired functionality:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Feasyengine.io\u002Fwordpress-nginx\u002Ftutorials\u002Fmultisite\u002Fstatic-files-handling\u002F\" rel=\"nofollow ugc\">Nginx Map + WordPress-Multisite + Static Files Handling\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Feasyengine.io\u002Fwordpress-nginx\u002Ftutorials\u002Fsingle-site\u002Ffastcgi-cache-with-purging\u002F\" rel=\"nofollow ugc\">Nginx + WordPress + fastcgi_purge_cache\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Feasyengine.io\u002Fwordpress-nginx\u002Ftutorials\u002Fmultisite\u002Fsubdirectories\u002Ffastcgi-cache-with-purging\u002F\" rel=\"nofollow ugc\">Nginx + WordPress-Multisite (Subdirectories) + fastcgi_purge_cache\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Feasyengine.io\u002Fwordpress-nginx\u002Ftutorials\u002Fmultisite\u002Fsubdomains\u002Ffastcgi-cache-with-purging\u002F\" rel=\"nofollow ugc\">Nginx + WordPress-Multisite (Subdomains\u002Fdomain-mapping) + fastcgi_purge_cache\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Feasyengine.io\u002Fwordpress-nginx\u002Ftutorials\u002F\" rel=\"nofollow ugc\">Other WordPress-Nginx Tutorials\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Cleans nginx's fastcgi\u002Fproxy cache or redis-cache whenever a post is edited\u002Fpublished. Also does a few more things.",100000,6119694,31,"2025-08-21T06:49:00.000Z","6.8.5","3.0",[87,88,20,89,90],"cache-purge","fastcgi","permalinks","redis-cache","https:\u002F\u002Frtcamp.com\u002Fnginx-helper\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnginx-helper.2.3.5.zip",{"slug":94,"name":95,"version":96,"author":97,"author_profile":98,"description":99,"short_description":100,"active_installs":101,"downloaded":102,"rating":103,"num_ratings":104,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":17,"tags":108,"homepage":110,"download_link":111,"security_score":103,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"nginx-cache","Nginx Cache","1.0.7","Till Krüss","https:\u002F\u002Fprofiles.wordpress.org\u002Ftillkruess\u002F","\u003Cp>Purge the \u003Ca href=\"http:\u002F\u002Fnginx.org\" rel=\"nofollow ugc\">Nginx\u003C\u002Fa> cache (FastCGI, Proxy, uWSGI) automatically when content changes or manually within WordPress.\u003C\u002Fp>\n\u003Cp>Requirements:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFilesystem_API\" rel=\"nofollow ugc\">Filesystem API\u003C\u002Fa> needs to function without asking for credentials.\u003C\u002Fli>\n\u003Cli>Nginx and PHP need to run under the same user, or PHP’s user needs write access to Nginx’s cache path.\u003C\u002Fli>\n\u003C\u002Ful>\n","Purge the Nginx cache (FastCGI, Proxy, uWSGI) automatically when content changes or manually within WordPress.",10000,307696,92,23,"2024-11-26T20:26:00.000Z","6.7.5","3.1",[19,88,109,20,22],"flush","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnginx-cache\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnginx-cache.1.0.7.zip",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":120,"downloaded":121,"rating":56,"num_ratings":122,"last_updated":123,"tested_up_to":84,"requires_at_least":124,"requires_php":125,"tags":126,"homepage":128,"download_link":129,"security_score":130,"vuln_count":31,"unpatched_count":13,"last_vuln_date":131,"fetched_at":27},"hestia-nginx-cache","Hestia Nginx Cache","2.4.3","Juni","https:\u002F\u002Fprofiles.wordpress.org\u002Fjakobbouchard\u002F","\u003Cp>\u003Cstrong>Important\u003C\u002Fstrong>: Hestia 1.6.12 fixes an issue where purging the cache could make the website unavailable, resulting in a 502 error. If you aren’t using this version, please upgrade!\u003C\u002Fp>\n\u003Cp>This plugin automatically purges the Nginx cache after you make a website change such as updating a post or changing your theme.\u003C\u002Fp>\n\u003Cp>You also have the ability to manually purge the cache using a button in the WordPress admin bar.\u003C\u002Fp>\n","Purged the Nginx cache automatically after making website changes. Uses the new HestiaCP API, released in 1.6.0.",1000,14525,9,"2025-06-25T22:48:00.000Z","4.8","5.4",[19,109,127,20,22],"hestia","https:\u002F\u002Fgithub.com\u002Fimjuniper\u002Fhestia-nginx-cache","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhestia-nginx-cache.2.4.3.zip",99,"2024-12-30 00:00:00",{"attackSurface":133,"codeSignals":149,"taintFlows":159,"riskAssessment":160,"analyzedAt":171},{"hooks":134,"ajaxHandlers":145,"restRoutes":146,"shortcodes":147,"cronEvents":148,"entryPointCount":13,"unprotectedCount":13},[135,141],{"type":136,"name":137,"callback":138,"file":139,"line":140},"action","edit_post","wpselect_cache","nginx-proxy-cache-purge.php",55,{"type":136,"name":142,"callback":143,"file":139,"line":144},"wp_footer","wpselect_footer",68,[],[],[],[],{"dangerousFunctions":150,"sqlUsage":151,"outputEscaping":153,"fileOperations":13,"externalRequests":31,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":158},[],{"prepared":13,"raw":13,"locations":152},[],{"escaped":13,"rawEcho":31,"locations":154},[155],{"file":139,"line":156,"context":157},65,"raw output",[],[],{"summary":161,"deductions":162},"The nginx-proxy-cache-purge plugin v0.9.7 demonstrates a generally good security posture based on the provided static analysis.  The absence of identified dangerous functions, SQL injection vulnerabilities (all queries use prepared statements), and file operations is a significant strength.  The zero-known CVEs and lack of any recorded vulnerabilities in its history suggest a mature and well-maintained codebase.\n\nHowever, there are critical areas for concern. The most significant finding is that 100% of the single identified output is not properly escaped. This presents a direct risk of Cross-Site Scripting (XSS) vulnerabilities if user-controlled input is ever reflected directly in the output. Additionally, the lack of nonce checks and capability checks on any identified entry points (though the attack surface is zero) means that if any entry points were to be introduced in the future without proper authorization, they would be immediately exploitable. The single external HTTP request also warrants careful review for potential vulnerabilities if it handles untrusted data.\n\nOverall, while the plugin has a clean vulnerability history and avoids many common pitfalls, the unescaped output is a serious flaw that needs immediate attention. The lack of authorization checks on potential future entry points is a less immediate but still important risk. Addressing the unescaped output should be the top priority.",[163,166,169],{"reason":164,"points":165},"Output not properly escaped",8,{"reason":167,"points":168},"No nonce checks on entry points",5,{"reason":170,"points":168},"No capability checks on entry points","2026-03-17T00:52:49.377Z",{"wat":173,"direct":178},{"assetPaths":174,"generatorPatterns":175,"scriptPaths":176,"versionParams":177},[],[],[],[],{"cssClasses":179,"htmlComments":180,"htmlAttributes":182,"restEndpoints":183,"jsGlobals":184,"shortcodeOutput":185},[],[181],"\u003C!-- Page created in ",[],[],[],[]]