[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$faDKJCKWgBNRmwYl2GJAjyt2xYSpx77fDirIGpaMXSfM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":64,"crawl_stats":37,"alternatives":69,"analysis":174,"fingerprints":308},"tnc-toolbox","TNC Toolbox: Web Performance","2.1.2","Merlot Digital (by TNC)","https:\u002F\u002Fprofiles.wordpress.org\u002Fleopardhost\u002F","\u003Cp>TNC Toolbox aims to enhance your WordPress experience with NGINX-on-cPanel (ea-nginx).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Built for our Managed Server clients, we’ve open-sourced it so others can enjoy it too!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>With a heavy focus on the Apache + NGINX as Reverse Caching Proxy web stack, the plugin aims to help with Website Management, Performance and Security.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>❤️ \u003Cstrong>FOSS by \u003Ca href=\"https:\u002F\u002Ftnc.works\" rel=\"nofollow ugc\">The Network Crew Pty Ltd\u003C\u002Fa> (TNC) for \u003Ca href=\"https:\u002F\u002Fmerlot.digital\" rel=\"nofollow ugc\">Merlot Digital\u003C\u002Fa> & the world.\u003C\u002Fstrong> ❤️\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>Functionality\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>At the moment, TNC Toolbox:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Allows you to enable, disable and purge the NGINX User Cache\u003C\u002Fli>\n\u003Cli>Purges the NGINX Cache magically on post\u002Fpage publish\u002Fupdate!\u003C\u002Fli>\n\u003Cli>Also purges the Cache when the WP Core is successfully updated\u003C\u002Fli>\n\u003Cli>Lets you know if the plugin is activated but not yet configured\u003C\u002Fli>\n\u003Cli>Only allows Admins to enable\u002Fdisable caching & edit configs\u003C\u002Fli>\n\u003Cli>Shows you the status of cP UAPI via disk usage info\u003C\u002Fli>\n\u003Cli>Purge when any ACF config options are saved\u003C\u002Fli>\n\u003Cli>Supports scheduled post publishing!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Eager for even more capabilities?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>We plan to add further features as clients & the community request it.\u003C\u002Fp>\n\u003Cp>\u003Cem>Please let us know your ideas on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FThe-Network-Crew\u002FTNC-Toolbox-for-WordPress\u002F\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> – we’d love to hear from you!\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch3>Caching Deployments\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Caching ideals:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Don’t forget, ea-NGINX (reverse proxy caching) is meant to be 2nd-level\u003Cbr \u002F>\n– ie. Make sure your WP site also has on-site caching, like WP Super Cache\u003Cbr \u002F>\n– You can go further with caching, and should: like browser-caching assets!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>3-layer Cache:\u003C\u002Fstrong>\u003Cbr \u002F>\n1. NGINX Caching Proxy (ahead of Apache)\u003Cbr \u002F>\n2. WP Super Cache, WP Rocket, etc on-site\u003Cbr \u002F>\n3. htaccess\u002Fetc rules for Browser Caching\u003C\u002Fp>\n\u003Cp>\u003Cstrong>This way, you can ensure maximum efficiency!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The key is to purge when stale, so properly configuring your WP Plugin Cache is critical to ensuring that you don’t end up with cache misses due to stale data that could’ve\u002Fshould’ve been purged by garbage collection, preloading, etc, rule-sets.\u003C\u002Fp>\n\u003Ch3>Updating from v1 to v2.x.x\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>On every website running the plugin, check that:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Website is reporting v2.x.x plugin version.\u003C\u002Fli>\n\u003Cli>Plugin has been activated post-update. *\u003C\u002Fli>\n\u003Cli>Config exists in the plugin settings.\u003C\u002Fli>\n\u003Cli>API status checker reports OK.\u003C\u002Fli>\n\u003Cli>\u002Fwp-content\u002Ftnc-toolbox-config\u002F folder is gone.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cem>(* Change to main plugin file name may result in deactivation)\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch3>Verifying cP+WHM Logs\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>If you’d like to ensure actions are firing properly at a deeper level:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>WHM > Tweak Settings > Logging > Enable cPanel API Log > On\u003C\u002Fli>\n\u003Cli>WHM > Terminal > \u003Ccode>tail -f \u002Fusr\u002Flocal\u002Fcpanel\u002Flogs\u002Fapi_log\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>WordPress > Update a Post\u002FPage, or explicitly Purge\u003C\u002Fli>\n\u003Cli>WHM > Terminal > You should see the action fire!\u003C\u002Fli>\n\u003Cli>WHM > Terminal > Ctrl+C to close the tail\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Note: To do this, you require \u003Ccode>root\u003C\u002Fcode> access to the Server.\u003C\u002Fp>\n","Designed for ea-NGINX (Cache\u002FProxy) on cPanel+WHM. Made to help you fly online! 🚀",1000,27896,100,4,"2026-01-13T08:07:00.000Z","6.9.4","",[19,20,21,22,23],"automatic-purge","cache-purge","freeware","nginx","web-performance","https:\u002F\u002Fmerlot.digital","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftnc-toolbox.2.1.2.zip",93,2,0,"2025-11-29 00:00:00","2026-03-15T15:16:48.613Z",[32,48],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2025-66108","tnc-toolbox-web-performance-missing-authorization","TNC Toolbox: Web Performance \u003C= 2.0.4 - Missing Authorization","The TNC Toolbox: Web Performance plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 2.0.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform an unauthorized action.",null,"\u003C=2.0.4","2.0.5","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2025-12-11 16:51:44",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa8db1624-e391-4b74-ad15-668b700b367d?source=api-prod",13,{"id":49,"url_slug":50,"title":51,"description":52,"plugin_slug":4,"theme_slug":37,"affected_versions":53,"patched_in_version":54,"severity":55,"cvss_score":56,"cvss_vector":57,"vuln_type":58,"published_date":59,"updated_date":60,"references":61,"days_to_patch":63},"CVE-2025-12539","tnc-toolbox-web-performance-unauthenticated-sensitive-information-exposure-to-privilege-escalationcpanel-account-takeove","TNC Toolbox: Web Performance \u003C= 1.4.2 - Unauthenticated Sensitive Information Exposure to Privilege Escalation\u002FcPanel Account Takeover","The TNC Toolbox: Web Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.2. This is due to the plugin storing cPanel API credentials (hostname, username, and API key) in files within the web-accessible wp-content directory without adequate protection in the \"Tnc_Wp_Toolbox_Settings::save_settings\" function. This makes it possible for unauthenticated attackers to retrieve these credentials and use them to interact with the cPanel API, which can lead to arbitrary file uploads, remote code execution, and full compromise of the hosting environment.","\u003C=1.4.2","2.0.0","critical",10,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:C\u002FC:H\u002FI:H\u002FA:H","Insecure Storage of Sensitive Information","2025-11-10 22:27:47","2025-11-11 11:03:44",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F2eaa5a5c-c11f-40d0-be69-c3ec8029a819?source=api-prod",1,{"slug":65,"display_name":7,"profile_url":8,"plugin_count":63,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":66,"trust_score":67,"computed_at":68},"leopardhost",7,95,"2026-04-03T18:38:34.683Z",[70,91,115,137,156],{"slug":71,"name":72,"version":73,"author":74,"author_profile":75,"description":76,"short_description":77,"active_installs":78,"downloaded":79,"rating":80,"num_ratings":81,"last_updated":82,"tested_up_to":83,"requires_at_least":84,"requires_php":17,"tags":85,"homepage":89,"download_link":90,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"nginx-helper","Nginx Helper","2.3.5","rtCamp","https:\u002F\u002Fprofiles.wordpress.org\u002Frtcamp\u002F","\u003Col>\n\u003Cli>Removes \u003Ccode>index.php\u003C\u002Fcode> from permalinks when using WordPress with nginx.\u003C\u002Fli>\n\u003Cli>Adds support for purging redis-cache when used as full-page cache created using \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fopenresty\u002Fsrcache-nginx-module#caching-with-redis\" rel=\"nofollow ugc\">nginx-srcache-module\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Adds support for nginx fastcgi_cache_purge & proxy_cache_purge directive from \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FFRiCKLE\u002Fngx_cache_purge\" title=\"ngx_cache_purge module\" rel=\"nofollow ugc\">module\u003C\u002Fa>. Provides settings so you can customize purging rules.\u003C\u002Fli>\n\u003Cli>Adds support for nginx \u003Ccode>map{..}\u003C\u002Fcode> on a WordPress-multisite network installation. Using it, Nginx can serve PHP file uploads even if PHP\u002FMySQL crashes. Please check the tutorial list below for related Nginx configurations.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Tutorials\u003C\u002Fh4>\n\u003Cp>You will need to follow one or more tutorials below to get desired functionality:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Feasyengine.io\u002Fwordpress-nginx\u002Ftutorials\u002Fmultisite\u002Fstatic-files-handling\u002F\" rel=\"nofollow ugc\">Nginx Map + WordPress-Multisite + Static Files Handling\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Feasyengine.io\u002Fwordpress-nginx\u002Ftutorials\u002Fsingle-site\u002Ffastcgi-cache-with-purging\u002F\" rel=\"nofollow ugc\">Nginx + WordPress + fastcgi_purge_cache\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Feasyengine.io\u002Fwordpress-nginx\u002Ftutorials\u002Fmultisite\u002Fsubdirectories\u002Ffastcgi-cache-with-purging\u002F\" rel=\"nofollow ugc\">Nginx + WordPress-Multisite (Subdirectories) + fastcgi_purge_cache\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Feasyengine.io\u002Fwordpress-nginx\u002Ftutorials\u002Fmultisite\u002Fsubdomains\u002Ffastcgi-cache-with-purging\u002F\" rel=\"nofollow ugc\">Nginx + WordPress-Multisite (Subdomains\u002Fdomain-mapping) + fastcgi_purge_cache\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Feasyengine.io\u002Fwordpress-nginx\u002Ftutorials\u002F\" rel=\"nofollow ugc\">Other WordPress-Nginx Tutorials\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Cleans nginx's fastcgi\u002Fproxy cache or redis-cache whenever a post is edited\u002Fpublished. Also does a few more things.",100000,6119694,88,31,"2025-08-21T06:49:00.000Z","6.8.5","3.0",[20,86,22,87,88],"fastcgi","permalinks","redis-cache","https:\u002F\u002Frtcamp.com\u002Fnginx-helper\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnginx-helper.2.3.5.zip",{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":99,"downloaded":100,"rating":101,"num_ratings":102,"last_updated":103,"tested_up_to":16,"requires_at_least":104,"requires_php":105,"tags":106,"homepage":111,"download_link":112,"security_score":113,"vuln_count":27,"unpatched_count":28,"last_vuln_date":114,"fetched_at":30},"sg-cachepress","Speed Optimizer – The All-In-One Performance-Boosting Plugin","7.7.7","SiteGround","https:\u002F\u002Fprofiles.wordpress.org\u002Fsiteground\u002F","\u003Cp>\u003Cstrong>The award-winning Speed Optimizer plugin is a free WordPress performance-boosting solution to improve user experience, increase conversion rates and drive more traffic. Achieve better SEO rankings, improve Core Web Vitals and enhance your Google Page Speed Score.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Developed by the WordPress speed experts at SiteGround, our free plugin is actively used and trusted by more than 2 million website owners. It’s specially designed to be easy to use, allowing users of all skill levels to make complex speed optimizations, such as minifying HTML, CSS and JavaScript, image compression and lazy loading, in a few clicks.\u003C\u002Fp>\n\u003Cp>Install our caching plugin now to dramatically improve your WordPress website performance on any hosting platform.\u003C\u002Fp>\n\u003Ch4>Essential Speed-boosting Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Powerful Caching\u003C\u002Fstrong> for up to 20% faster website.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Frontend Optimizations\u003C\u002Fstrong> to minify JS, HTML and CSS, reducing wait time due to the number of scripts and characters in your code \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Media Optimizations\u003C\u002Fstrong> by up to 85% image size compression without sacrificing quality\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Environment Optimizations\u003C\u002Fstrong> to optimize usage and efficiency of your WordPress site resources\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Speed Test\u003C\u002Fstrong> & tips to get on-demand optimization tips to help your site get even faster\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Don’t let a slow website compromise your online success. Join the millions of satisfied website owners and see the difference with the free Speed Optimizer plugin.\u003C\u002Fp>\n\u003Ch4>AWARDS:\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.templatemonster.com\u002Fawards\u002Fwinners-2022\u002F\" rel=\"nofollow ugc\">Monster Awards 2022\u003C\u002Fa>: Best WordPress Optimization Plugin 🥈\u003C\u002Fp>\n\u003Ch4>Plugin Video\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F8grmZSkStak?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Plugin Tutorial\u003C\u002Fh4>\n\u003Cp>To gain in-depth knowledge about our plugin and its functionalities, check our \u003Ca href=\"https:\u002F\u002Fwww.siteground.com\u002Ftutorials\u002Fwordpress\u002Fsg-optimizer\u002F\" rel=\"nofollow ugc\">Speed Optimizer Tutorial\u003C\u002Fa>. It provides detailed information on how to optimize each aspect of your site and maximizes your website performance and cache.\u003C\u002Fp>\n\u003Ch3>CACHING\u003C\u002Fh3>\n\u003Cp>The Caching page gives you full control of your website’s cache, allowing you to enhance its performance significantly. Take advantage of the powerful caching options available to boost your page speed:\u003C\u002Fp>\n\u003Ch4>DYNAMIC CACHING:\u003C\u002Fh4>\n\u003Cp>By enabling Dynamic Caching, all non-static resources of your website are intelligently cached, eliminating the need for repetitive database queries and enhancing page loading speed and TTFB (time to first byte). This default feature is available exclusively for SiteGround servers, ensuring optimal performance.\u003C\u002Fp>\n\u003Ch4>FILE-BASED CACHING:\u003C\u002Fh4>\n\u003Cp>By activating file-based caching, your website generates and stores static HTML versions, ensuring faster loading times and an improved user experience. This efficient caching method stores the cached files conveniently in the browser’s memory, allowing future visitors to access your site swiftly and seamlessly.\u003C\u002Fp>\n\u003Ch4>MEMCACHED:\u003C\u002Fh4>\n\u003Cp>Unleash the power of object caching for your WordPress website. Memcached revolutionizes website performance by storing frequently executed queries to your databases and reusing them for lightning-fast website results. This powerful feature is exclusively available in the SiteGround environment.\u003C\u002Fp>\n\u003Ch4>CACHING SETTINGS:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic Cache Purge:\u003C\u002Fstrong> ensure the cache is cleared whenever necessary\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Manual Cache Purge:\u003C\u002Fstrong> purge cache manually if you are editing new material and do not have automatic purge activated.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Browser-specific Caching:\u003C\u002Fstrong> generate caching separately for different browsers\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Exclude Post Types from Caching:\u003C\u002Fstrong> exclude specific post types from being cached\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Exclude URLs from Caching:\u003C\u002Fstrong> exclude specific URLs or utilize wildcards to exclude any sub-pages of a designated “parent-page.”\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Test URL Caching Status:\u003C\u002Fstrong> verify if dynamic caching is actively running on specific URLs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>ENVIRONMENT OPTIMIZATIONS\u003C\u002Fh3>\n\u003Cp>Optimize and fine-tune your site’s environment for optimal website performance:\u003C\u002Fp>\n\u003Ch4>HTTPS Enforce:\u003C\u002Fh4>\n\u003Cp>Ensure a secure browsing experience for your visitors by effortlessly enabling HTTPS for your site. Say goodbye to insecure content errors and build trust with your audience.\u003C\u002Fp>\n\u003Ch4>Scheduled Database Maintenance:\u003C\u002Fh4>\n\u003Cp>Take control of your database by activating the Database Optimization feature. This functionality removes unnecessary items and optimizes your database tables, leading to improved efficiency and website performance. If you’re using the InnoDB storage engine, table optimisation is automatically handled by the engine itself.\u003C\u002Fp>\n\u003Ch4>Heartbeat Control:\u003C\u002Fh4>\n\u003Cp>Manage the frequency of the WP Heartbeat for different areas of your website. By default, the WordPress Heartbeat API checks for scheduled tasks every 15 seconds on post edit pages and every 60 seconds on the dashboard and front end. With Heartbeat Control, you can adjust the frequency of these checks or even disable them entirely, providing you with greater control over resource allocation.\u003C\u002Fp>\n\u003Ch3>FRONTEND OPTIMIZATIONS\u003C\u002Fh3>\n\u003Cp>Enhance and fine-tune the performance of your website’s front end by minifying JS, HTML and CSS:\u003C\u002Fp>\n\u003Ch4>CSS Tab:\u003C\u002Fh4>\n\u003Cp>Minify CSS files, activate or deactivate CSS combinations to reduce server requests, and even preload combined CSS for optimized performance. Additionally, you can exclude specific styles from being combined or minified, giving you complete control over your CSS optimization.\u003C\u002Fp>\n\u003Ch4>JavaScript Tab:\u003C\u002Fh4>\n\u003Cp>Activate or deactivate Minify JavaScript Files to reduce script sizes and lower the number of server requests. You can also defer render-blocking JavaScript to expedite the initial page speed. Furthermore, you have the ability to exclude specific scripts from various optimisation processes, providing flexibility in optimizing your JavaScript resources.\u003C\u002Fp>\n\u003Ch4>General Tab:\u003C\u002Fh4>\n\u003Cp>Further optimization options include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Web Fonts Optimization:\u003C\u002Fstrong> Enhance the loading of Google fonts by adding a preconnect link in your head tag. This informs the browser to establish a connection to Google’s font repository as quickly as possible. Additionally, all other local fonts will be preloaded, resulting in faster caching and rendering. When combined with CSS Combination, we also modify the font-display property to improve rendering speed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fonts Preloading:\u003C\u002Fstrong> With locally hosted fonts being preloaded, you’re allowing browsers to cache and render them at an accelerated pace.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove Query Strings from Static Resources:\u003C\u002Fstrong> Improve caching efficiency by removing query strings from static resources, optimizing their caching capabilities.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable Emojis:\u003C\u002Fstrong> Prevent WordPress from detecting and generating emojis on your pages by disabling emojis support. This helps boost your page speed and improve your website performance.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>DNS Pre-fetch for External Domains:\u003C\u002Fstrong> Enabling the DNS Pre-fetch for a domain will resolve it before resources from it get requested making those resources load faster.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>MEDIA OPTIMIZATIONS\u003C\u002Fh3>\n\u003Cp>Optimize your website media by reducing image size by up to 85% times while maintaining top-notch quality.\u003C\u002Fp>\n\u003Ch4>Image Compression:\u003C\u002Fh4>\n\u003Cp>Effortlessly compress images to resize your existing images and reduce the space they occupy on your server. The dimensions of the images will remain unchanged, allowing for optimized storage. Fine-tune the compression level and choose whether to create backups of the original images. Please note that image compression feature is exclusive to the SiteGround Environment.\u003C\u002Fp>\n\u003Ch4>WebP Images:\u003C\u002Fh4>\n\u003Cp>Leverage the power of WebP, a cutting-edge image format supported by modern browsers, to significantly reduce the size of your images and skyrocket your page speed. If a browser doesn’t support WebP, the original images will be loaded.\u003C\u002Fp>\n\u003Ch4>Lazy Load Media:\u003C\u002Fh4>\n\u003Cp>Take control of your website’s asset loading with the ability to enable or disable Lazy Load for various assets. You can exclude specific assets such as iframes, videos, thumbnails, widgets, and shortcodes from the dropdown menu. Additionally, you have the option to exclude specific images from the Lazy Load by adding their respective class in the dedicated tab.\u003C\u002Fp>\n\u003Ch4>Maximum Image Width:\u003C\u002Fh4>\n\u003Cp>If you frequently upload large images to your website, you can enable the Maximum Image Width option that automatically resizes existing and future images whose width exceeds 2560 pixels. By optimizing image sizes, you can enhance your website performance and reduce bandwidth usage.\u003Cbr \u002F>\nYou can customize your media optimisation to your specific needs using the filters, we’ve designed for this purpose.\u003C\u002Fp>\n\u003Ch3>SPEED TEST\u003C\u002Fh3>\n\u003Cp>Evaluate the optimization level of your website with Speed Optimizer’s Speed test tool. Our website performance check utilizes the robust capabilities of Google PageSpeed to provide comprehensive insights into your site’s optimization. By conducting the speed test, you will receive detailed results highlighting areas that can be further optimized for enhanced performance. These insights will empower you to fine-tune your website and unlock its maximum potential and increase conversions.\u003C\u002Fp>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cp>In order to work correctly, this plugin requires that your server meets the following criteria:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress 4.7\u003C\u002Fli>\n\u003Cli>PHP 7.0+\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Our plugin uses a cookie in order to function properly. It does not store personal data and is used solely for the needs of our caching system.\u003C\u002Fp>\n\u003Ch3>Data Collection\u003C\u002Fh3>\n\u003Cp>Collection of technical data is optional and is \u003Ca href=\"https:\u002F\u002Fwww.siteground.com\u002Fkb\u002Fwhat-information-wp-plugins-collect\" rel=\"nofollow ugc\">listed here\u003C\u002Fa>. This data is collected only for technical analysis, improvements and the possibility to contact the plugin user in case urgent issues need to be fixed (for example a critical security release that needs to be communicated to site owners). The plugin user can manage their preferences within the WP admin to control the collection of technical data. We advise opting in for this data collection, as it can enhance the plugin’s performance. You may find more information on data collection in our \u003Ca href=\"https:\u002F\u002Fwww.siteground.com\u002Fviewtos\u002Fsiteground_plugins_privacy_notice\" rel=\"nofollow ugc\">Plugins Privacy Notice\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Photo credits to Anna Shvets https:\u002F\u002Fwww.pexels.com\u002F@shvetsa\u003C\u002Fp>\n","Boost your website performance and page speed, and increase conversions with powerful caching, frontend, media, and environment optimizations.",1000000,95449563,84,628,"2026-02-16T11:58:00.000Z","4.7","7.0",[107,22,108,109,110],"caching","performance","siteground","speed","https:\u002F\u002Fsiteground.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsg-cachepress.7.7.7.zip",96,"2024-04-15 00:00:00",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":123,"downloaded":124,"rating":80,"num_ratings":125,"last_updated":126,"tested_up_to":127,"requires_at_least":128,"requires_php":129,"tags":130,"homepage":135,"download_link":136,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"varnish-http-purge","Proxy Cache Purge","5.7.0","Danila Vershinin","https:\u002F\u002Fprofiles.wordpress.org\u002Fdvershinin\u002F","\u003Cp>\u003Cstrong>This plugin \u003Cem>does not\u003C\u002Fem> install nor configure a cache proxy. It acts as an interface with such services.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>One common method of caching content for websites is via the use of reverse proxy caching. Common examples of this are \u003Ca href=\"https:\u002F\u002Fwww.varnish-cache.org\u002F\" rel=\"nofollow ugc\">Varnish\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.nginx.org\u002F\" rel=\"nofollow ugc\">NGINX\u003C\u002Fa>. These systems allow a website to update content and have the visitor’s experience cached without the need for complex plugins storing the files locally and using up a user’s disk space.\u003C\u002Fp>\n\u003Cp>A reverse proxy cache is installed in front of a server and reviews requests. If the page being requested is already cached, it delivers the cached content. Otherwise it generates the page and the cache on demand.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>The Proxy Cache Purge plugin sends a request to delete (aka flush) the cached data of a page or post every time it’s modified.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>How It Works\u003C\u002Fh4>\n\u003Cp>When content on a site is updated by WordPress, the plugin reaches out to the proxy cache service with the URL of the page, requesting the cache be deleted.\u003C\u002Fp>\n\u003Cp>Not all pages are deleted from the cache on every change. For example, when a post, page, or custom post type is edited, or a new comment is added, \u003Cem>only\u003C\u002Fem> the following pages will purge:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The front page\u003C\u002Fli>\n\u003Cli>The post\u002Fpage edited\u003C\u002Fli>\n\u003Cli>Any categories, tags, and\u002For custom taxonomies associated with the page\u003C\u002Fli>\n\u003Cli>Related feeds\u003C\u002Fli>\n\u003Cli>Associated JSON API pages\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In addition, your \u003Cem>entire\u003C\u002Fem> cache will be deleted on the following actions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Changing themes\u003C\u002Fli>\n\u003Cli>Pressing the \u003Cstrong>Empty Cache\u003C\u002Fstrong> button on the toolbar\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Plugins can hook into the purge actions as well, to filter their own events to trigger a purge.\u003C\u002Fp>\n\u003Cp>On a multisite network using subfolders, only \u003Cstrong>network admins\u003C\u002Fstrong> can purge the main site.\u003C\u002Fp>\n\u003Ch4>Development Mode\u003C\u002Fh4>\n\u003Cp>If you’re working on a site and need to turn off caching in one of two ways:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Add \u003Ccode>define( 'VHP_DEVMODE', true );\u003C\u002Fcode> to your \u003Ccode>wp-config.php\u003C\u002Fcode> file\u003C\u002Fli>\n\u003Cli>Go to Proxy Cache -> Settings and enable Debug Mode for 24 hours at a time\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>That will break cache on page loads. It is \u003Cem>not\u003C\u002Fem> recommended for production!\u003C\u002Fp>\n\u003Ch4>Cache Tags (BETA)\u003C\u002Fh4>\n\u003Cp>As of version 5.4.0, Proxy Cache Purge includes an \u003Cstrong>optional Cache Tags \u002F Surrogate Keys purge mode\u003C\u002Fstrong>. This feature is marked as \u003Cstrong>BETA\u003C\u002Fstrong> and is disabled by default.\u003C\u002Fp>\n\u003Cp>When enabled, the plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Adds cache-tag headers to WordPress responses (for example, tagging pages by post ID, post type, taxonomy terms, author, and archives).\u003C\u002Fli>\n\u003Cli>Uses tag-based purges instead of individual URL purges when content is updated, which can reduce purge traffic and improve consistency on complex sites.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Requirements:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A proxy cache that supports Cache Tags \u002F Surrogate Keys and advertises this via standard \u003Ccode>Surrogate-Capability\u003C\u002Fcode> headers (for example, \u003Ccode>Surrogate-Capability: vhp=\"Surrogate\u002F1.0 tags\u002F1\"\u003C\u002Fcode>).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>How to enable:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Go to \u003Cstrong>Proxy Cache \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Purge Method\u003C\u002Fstrong> and check \u003Cstrong>“Use Cache Tags (Surrogate Keys)”\u003C\u002Fstrong>. The checkbox is only enabled when your cache tells WordPress it supports tags (or when you explicitly enable it via a define).\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Alternatively, you can force-enable or force-disable detection via \u003Ccode>wp-config.php\u003C\u002Fcode>:\u003C\u002Fp>\n\u003Cp>define( ‘VHP_VARNISH_TAGS’, true );  \u002F\u002F Force treat cache as tag-capable\u003Cbr \u002F>\ndefine( ‘VHP_VARNISH_TAGS’, false ); \u002F\u002F Force treat cache as not tag-capable\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Because this feature depends on your cache configuration, it is recommended that you test it carefully in staging before enabling it on production.\u003C\u002Fp>\n\u003Ch4>Background Purging with WP-Cron\u003C\u002Fh4>\n\u003Cp>On busy sites, sending many PURGE requests directly from admin requests can slow things down. When you define \u003Ccode>DISABLE_WP_CRON\u003C\u002Fcode> as \u003Ccode>true\u003C\u002Fcode> in \u003Ccode>wp-config.php\u003C\u002Fcode> (because you are running a real system cron that calls \u003Ccode>wp-cron.php\u003C\u002Fcode>), Proxy Cache Purge automatically switches to an asynchronous mode:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Purge requests (both URL-based and tag-based, when Cache Tags are enabled) are collected into a small per-site queue.\u003C\u002Fli>\n\u003Cli>The queue is processed by WP-Cron in the background, keeping your admin and content-editing actions responsive even when many URLs or tags must be invalidated.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Object-cache purges (the “Purge Database Cache” option) remain synchronous and are not affected by this behaviour. The Proxy Cache settings page and Site Health integration expose basic queue status so you can verify that background purging is healthy; if the queue appears large or very old, check that your system cron is correctly invoking WordPress cron.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important: Cron Frequency and Cache Freshness\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>When using background purging, the frequency of your system cron determines how quickly cache invalidations are processed. The longer the interval between cron runs, the longer visitors may see stale content after updates.\u003C\u002Fp>\n\u003Cp>For minimal stale content, run your system cron every minute:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>* * * * * \u002Fusr\u002Fbin\u002Fphp \u002Fvar\u002Fwww\u002Fhtml\u002Fwp-cron.php\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If you can tolerate slightly longer delays, every 2-5 minutes is also acceptable. However, running cron less frequently (e.g., every 15 minutes) means cache purges may be delayed by that amount after content changes.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> Scheduled posts are handled specially. When a scheduled post is published via WP-Cron, the cache is purged synchronously within the same cron run, ensuring immediate cache invalidation without waiting for the next cron execution.\u003C\u002Fp>\n\u003Cp>For detailed instructions on setting up a proper Linux-based WordPress cron, see: \u003Ca href=\"https:\u002F\u002Fwww.getpagespeed.com\u002Fweb-apps\u002Fwordpress\u002Fwordpress-cron-optimization\" rel=\"nofollow ugc\">WordPress Cron Optimization\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Disabling Background Purging\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you have \u003Ccode>DISABLE_WP_CRON\u003C\u002Fcode> defined but do not want background purging (for example, on low-traffic sites where immediate purges are preferred), you can force-disable cron-based purging by adding this to your \u003Ccode>wp-config.php\u003C\u002Fcode>:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define( 'VHP_DISABLE_CRON_PURGING', true );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>With this constant set, all cache purges will execute immediately during the request, regardless of the \u003Ccode>DISABLE_WP_CRON\u003C\u002Fcode> setting.\u003C\u002Fp>\n\u003Ch3>WP-CLI\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Purge\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Purge commands let you empty the cache.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp varnish purge\u003C\u002Fcode> – Flush the entire site cache (equivalent to clicking “Empty Cache” in admin)\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge --all\u003C\u002Fcode> – Explicitly flush the entire site cache\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge \u003Curl>\u003C\u002Fcode> – Flush cache for a specific URL and all content below it (wildcard)\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge \u003Curl> --url-only\u003C\u002Fcode> – Flush cache for only the exact URL specified (no wildcard)\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge --tag=\u003Ctag>\u003C\u002Fcode> – Flush cache by tag (requires Cache Tags mode to be enabled)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Examples:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp varnish purge\u003C\u002Fcode> – Purge entire site\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge --all\u003C\u002Fcode> – Same as above, more explicit\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge https:\u002F\u002Fexample.com\u002Fhello-world\u002F\u003C\u002Fcode> – Purge this URL and everything below it\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge https:\u002F\u002Fexample.com\u002Fhello-world\u002F --url-only\u003C\u002Fcode> – Purge only this exact URL\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge https:\u002F\u002Fexample.com\u002Fwp-content\u002Fthemes\u002F --wildcard\u003C\u002Fcode> – Purge all theme files\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge --tag=p-123\u003C\u002Fcode> – Purge all pages tagged with post ID 123\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish purge --tag=pt-post\u003C\u002Fcode> – Purge all cached pages of post type “post”\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Debug\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Debugging can help you figure out why your cache isn’t working as well as it could. The default is for your home page, but you can pass any URL on your domain.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp varnish debug [\u003Curl>]\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Available parameters:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>[--include-headers]\u003C\u002Fcode> —  Include headers in debug check output\u003C\u002Fli>\n\u003Cli>\u003Ccode>[--include-grep]\u003C\u002Fcode> — Grep active theme and plugin directories for common issues\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>DevMode\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Development mode allows you to disable the cache, temporarily.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp varnish devmode [\u003Cactivate|deactivate|toggle>]\u003C\u002Fcode> – Change development mode state\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Async purge queue (cron-mode)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>When you define \u003Ccode>DISABLE_WP_CRON\u003C\u002Fcode> as \u003Ccode>true\u003C\u002Fcode> and run a real system cron for WordPress, Proxy Cache Purge can move heavy purge work into a small background queue that is processed by WP‑Cron.\u003C\u002Fp>\n\u003Cp>You can inspect and manage that queue via WP‑CLI:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>wp varnish queue status\u003C\u002Fcode> – show whether cron-mode is active, if a full purge is queued, counts of queued URLs\u002Ftags, and the last queue run time.\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish queue process\u003C\u002Fcode> – process any items currently in the queue (useful to run after deploys or cache‑sensitive operations).\u003C\u002Fli>\n\u003Cli>\u003Ccode>wp varnish queue clear\u003C\u002Fcode> – clear the queue without sending any PURGE requests.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These commands do not replace your normal WordPress cron (you still need a cron entry that calls \u003Ccode>wp cron event run --due-now\u003C\u002Fcode> or hits \u003Ccode>wp-cron.php\u003C\u002Fcode>), but they give you a simple operational handle when using cron‑mode.\u003C\u002Fp>\n\u003Ch4>Understanding Purge Behavior\u003C\u002Fh4>\n\u003Cp>There are different types of cache purges, and they behave differently:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Manual Purges (Admin Bar)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>“Purge Cache (All Pages)”\u003C\u002Fstrong> – Sends a single regex purge request to invalidate the entire cache. Always executes immediately.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>“Purge Cache (this page)”\u003C\u002Fstrong> – Purges only the exact URL you’re viewing. Always executes immediately.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Manual purges are always immediate, even when background cron-mode is enabled. This is intentional: when you click a button, you expect immediate results.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Automatic Purges (Post Save\u002FUpdate)\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>When you save or update a post, the plugin automatically purges:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The post’s URL\u003C\u002Fli>\n\u003Cli>The homepage\u003C\u002Fli>\n\u003Cli>Category archive pages\u003C\u002Fli>\n\u003Cli>Tag archive pages\u003C\u002Fli>\n\u003Cli>Author archive page\u003C\u002Fli>\n\u003Cli>Date-based archives\u003C\u002Fli>\n\u003Cli>RSS feeds\u003C\u002Fli>\n\u003Cli>Related REST API endpoints\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This can be 20-50+ URLs depending on your site structure. When cron-mode is enabled, these automatic purges are queued and processed in the background to avoid slowing down the post editor.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Difference\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>  Action\u003Cbr \u002F>\n  URLs Purged\u003Cbr \u002F>\n  Uses Cron Queue?\u003C\u002Fp>\n\u003Cp>  “Purge Cache (All Pages)”\u003Cbr \u002F>\n  1 (regex)\u003Cbr \u002F>\n  No – always immediate\u003C\u002Fp>\n\u003Cp>  “Purge Cache (this page)”\u003Cbr \u002F>\n  1\u003Cbr \u002F>\n  No – always immediate\u003C\u002Fp>\n\u003Cp>  Post save\u002Fupdate\u003Cbr \u002F>\n  20-50+\u003Cbr \u002F>\n  Yes (if cron-mode enabled)\u003C\u002Fp>\n\u003Cp>If you need to immediately purge all URLs related to a specific post (not just the post URL), save the post – the automatic purge will handle all related URLs.\u003C\u002Fp>\n","Automatically empty proxy cached content when your site is modified.",40000,2164070,26,"2026-03-13T00:00:00.000Z","6.3.8","5.0","5.6",[131,22,132,133,134],"cache","proxy","purge","varnish","https:\u002F\u002Fgithub.com\u002Fdvershinin\u002Fvarnish-http-purge","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvarnish-http-purge.5.7.0.zip",{"slug":138,"name":139,"version":140,"author":141,"author_profile":142,"description":143,"short_description":144,"active_installs":145,"downloaded":146,"rating":147,"num_ratings":148,"last_updated":149,"tested_up_to":150,"requires_at_least":151,"requires_php":17,"tags":152,"homepage":154,"download_link":155,"security_score":147,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"nginx-cache","Nginx Cache","1.0.7","Till Krüss","https:\u002F\u002Fprofiles.wordpress.org\u002Ftillkruess\u002F","\u003Cp>Purge the \u003Ca href=\"http:\u002F\u002Fnginx.org\" rel=\"nofollow ugc\">Nginx\u003C\u002Fa> cache (FastCGI, Proxy, uWSGI) automatically when content changes or manually within WordPress.\u003C\u002Fp>\n\u003Cp>Requirements:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFilesystem_API\" rel=\"nofollow ugc\">Filesystem API\u003C\u002Fa> needs to function without asking for credentials.\u003C\u002Fli>\n\u003Cli>Nginx and PHP need to run under the same user, or PHP’s user needs write access to Nginx’s cache path.\u003C\u002Fli>\n\u003C\u002Ful>\n","Purge the Nginx cache (FastCGI, Proxy, uWSGI) automatically when content changes or manually within WordPress.",10000,307696,92,23,"2024-11-26T20:26:00.000Z","6.7.5","3.1",[131,86,153,22,133],"flush","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnginx-cache\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnginx-cache.1.0.7.zip",{"slug":157,"name":158,"version":159,"author":160,"author_profile":161,"description":162,"short_description":163,"active_installs":164,"downloaded":165,"rating":13,"num_ratings":166,"last_updated":167,"tested_up_to":83,"requires_at_least":128,"requires_php":105,"tags":168,"homepage":170,"download_link":171,"security_score":172,"vuln_count":63,"unpatched_count":28,"last_vuln_date":173,"fetched_at":30},"lwscache","LWSCache","2.9","Aurélien LWS","https:\u002F\u002Fprofiles.wordpress.org\u002Faurelienlws\u002F","\u003Cp>This plugin, created by \u003Ca href=\"https:\u002F\u002Fwww.lws.fr\" rel=\"nofollow ugc\">LWS\u003C\u002Fa> help to automatically \u003Cstrong>manage your LWSCache purge when you edit your pages, post, messages…\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>It provide a way to \u003Cstrong>purge all your LWSCache\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>This plugin works only on servers using the LWSCache system. This cache is pre-installed with Classic shared \u003Ca href=\"https:\u002F\u002Fwww.lws.fr\u002Fhebergement_web.php\" rel=\"nofollow ugc\">web hosting\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.lws.fr\u002Fhebergement_wordpress.php\" rel=\"nofollow ugc\">WordPress hosting\u003C\u002Fa> and soon \u003Ca href=\"https:\u002F\u002Fwww.lws.fr\u002Fhebergement-cpanel.php\" rel=\"nofollow ugc\">cPanel hosting\u003C\u002Fa> from LWS.\u003C\u002Fp>\n\u003Cp>The loading speed of your site is crucial to its success. The more visitors your site has, the more RAM and CPU memory the system uses. The page is loaded slowly. So you need a cache system to avoid reloading the page when it is not necessary.\u003C\u002Fp>\n\u003Cp>In addition, the site’s page load speed is used in Google’s ranking algorithm. So caching plugins that can improve load times will \u003Cstrong>improve your SEO ranking\u003C\u002Fstrong>.  Low rankings, and therefore insufficient exposure, often do not allow you to make a living from your website. The loading time of most websites is less than three seconds. Beyond that, many users have already left the page.\u003C\u002Fp>\n\u003Cp>The LWS Cache tool is a system designed and developed by LWS. It \u003Cstrong>optimize the loading performance of your website\u003C\u002Fstrong> through the use of advanced caching mechanisms, configured at the server level. The tool uses the technologies provided by NGINX.\u003C\u002Fp>\n\u003Ch4>Functioning\u003C\u002Fh4>\n\u003Cp>When LWS Cache is enabled, a cache server is introduced between the visitor and the web server.\u003Cbr \u002F>\nThe aim is to reduce the number of script executions required. For that it keeps the result of the execution in memory for future requests requiring the same response. This means that the same script is no longer executed several times to achieve the same result.\u003C\u002Fp>\n\u003Cp>Thus, we eliminate the waiting time of the script execution on the page loading time. At the same time, we save the resources used during the script execution.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>The visitor requests the page from the web server\u003C\u002Fstrong>. Example: index.php. LWS Cache checks if the page has already been generated and stored in the cache\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>If yes\u003C\u002Fstrong>, the page is returned directly to the visitor without the need to access the web service and without executing the script\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If not\u003C\u002Fstrong>, the page is requested to be generated on the web service as a result of the script execution (PHP, NodeJS, Perl, Ruby, …).\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Once the page is generated, \u003Cstrong>LWS Cache determines if the page can be cached\u003C\u002Fstrong> (via headers, URL, …)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>If yes\u003C\u002Fstrong>, the page is saved in the cache and returned to the visitor\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If not\u003C\u002Fstrong>, the page is saved in the microcache (short-lived cache) and returned to the visitor\u003C\u002Fp>\n\u003Ch4>Managing LWS Cache with the plugin\u003C\u002Fh4>\n\u003Cp>The WordPress LWS Cache plugin allows you to \u003Cstrong>automatically purge the cache\u003C\u002Fstrong> of your pages when you modify them or when you add\u002Fapprove comments.\u003C\u002Fp>\n\u003Cp>To \u003Cstrong>manage the plugin\u003C\u002Fstrong>, once connected to your WordPress administration console, go to the “Settings” menu and then “LWS Cache”.\u003C\u002Fp>\n\u003Cp>From the settings page, you can enable\u002Fdisable automatic emptying. You can define when to automatically empty the LWS Cache and completely purge the cache.\u003C\u002Fp>\n\u003Cp>A button for emptying the entire cache can be found anywhere in the WordPress admin console (in the quick access bar at the top of the screen).\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cp>Several settings are available to manage your LWS Cache, you can enable or disable these settings:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Automatic purge\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Home Page Purge (when a post is modified or added, when a published post is trashed)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Purge Post\u002FPage\u002FCustom Post Type (when a post is published, when a comment is approved\u002Fpublished, when a comment is unapproved\u002Fdeleted)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Purge Archives (date, category, tag, author, custom taxonomies)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Purge all cache\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin lets you manage and automatically purge your hosting's LWSCache whenever you edit your website's content",8000,149947,6,"2025-08-28T13:46:00.000Z",[131,169,22],"lws","https:\u002F\u002Fwww.lws.fr\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flwscache.2.9.zip",99,"2025-08-28 00:00:00",{"attackSurface":175,"codeSignals":274,"taintFlows":294,"riskAssessment":295,"analyzedAt":307},{"hooks":176,"ajaxHandlers":264,"restRoutes":271,"shortcodes":272,"cronEvents":273,"entryPointCount":63,"unprotectedCount":28},[177,183,186,190,193,197,200,204,208,212,216,220,224,228,232,235,238,242,245,248,252,255,259],{"type":178,"name":179,"callback":180,"file":181,"line":182},"action","init","add_hooks","core\\core.php",43,{"type":178,"name":179,"callback":184,"file":181,"line":185},"add_capability_dependent_hooks",46,{"type":178,"name":187,"callback":188,"file":181,"line":189},"admin_enqueue_scripts","enqueue_custom_css",57,{"type":178,"name":191,"callback":188,"file":181,"line":192},"wp_enqueue_scripts",58,{"type":178,"name":194,"callback":195,"priority":172,"file":181,"line":196},"admin_bar_menu","add_parent_menu_entry",59,{"type":178,"name":194,"callback":198,"priority":13,"file":181,"line":199},"add_cache_purge_button",60,{"type":178,"name":194,"callback":201,"priority":202,"file":181,"line":203},"add_purge_this_page_button",101,61,{"type":178,"name":194,"callback":205,"priority":206,"file":181,"line":207},"add_cache_purge_status",105,62,{"type":178,"name":209,"callback":210,"file":181,"line":211},"admin_post_nginx_cache_purge","nginx_cache_purge",65,{"type":178,"name":213,"callback":214,"file":181,"line":215},"admin_post_nginx_purge_this_page","nginx_purge_this_page",66,{"type":178,"name":217,"callback":218,"priority":56,"file":181,"line":219},"post_updated","purge_cache_on_update",67,{"type":178,"name":221,"callback":222,"priority":56,"file":181,"line":223},"transition_post_status","purge_cache_on_transition",68,{"type":178,"name":225,"callback":226,"file":181,"line":227},"_core_updated_successfully","closure",69,{"type":178,"name":229,"callback":230,"file":181,"line":231},"admin_notices","display_admin_notices",72,{"type":178,"name":233,"callback":226,"priority":56,"file":181,"line":234},"acf\u002Foptions_page\u002Fsave",76,{"type":178,"name":194,"callback":236,"priority":13,"file":181,"line":237},"add_cache_off_button",85,{"type":178,"name":239,"callback":240,"file":181,"line":241},"admin_post_nginx_cache_off","nginx_cache_off",86,{"type":178,"name":194,"callback":243,"priority":13,"file":181,"line":244},"add_cache_on_button",87,{"type":178,"name":246,"callback":247,"file":181,"line":80},"admin_post_nginx_cache_on","nginx_cache_on",{"type":178,"name":179,"callback":249,"file":250,"line":251},"init_settings","core\\settings.php",51,{"type":178,"name":187,"callback":253,"file":250,"line":254},"enqueue_admin_styles",52,{"type":178,"name":256,"callback":257,"file":250,"line":258},"admin_menu","register_admin_menu",77,{"type":178,"name":260,"callback":261,"file":262,"line":263},"plugins_loaded","init_components","tnc-toolbox.php",94,[265],{"action":266,"nopriv":267,"callback":268,"hasNonce":269,"hasCapCheck":269,"file":250,"line":270},"tnc_test_slack_webhook",false,"ajax_test_slack_webhook",true,53,[],[],[],{"dangerousFunctions":275,"sqlUsage":276,"outputEscaping":278,"fileOperations":292,"externalRequests":28,"nonceChecks":166,"capabilityChecks":56,"bundledLibraries":293},[],{"prepared":28,"raw":28,"locations":277},[],{"escaped":279,"rawEcho":166,"locations":280},15,[281,284,286,287,289,290],{"file":250,"line":282,"context":283},256,"raw output",{"file":250,"line":285,"context":283},269,{"file":250,"line":285,"context":283},{"file":250,"line":288,"context":283},270,{"file":250,"line":288,"context":283},{"file":250,"line":291,"context":283},295,3,[],[],{"summary":296,"deductions":297},"The tnc-toolbox plugin v2.1.2 presents a mixed security posture. On the positive side, the static analysis shows good practices in several areas. There are no detected dangerous functions, and all SQL queries utilize prepared statements, which is excellent for preventing SQL injection. Furthermore, the plugin implements a substantial number of nonce and capability checks, indicating an effort to secure its entry points. The limited attack surface with only one AJAX handler, which is also properly authenticated, is a strength. However, a significant concern arises from the vulnerability history, which includes two known CVEs, one of which was critical, and another medium severity. The fact that both are listed as 'currently unpatched' (despite the last vulnerability date being in the future, which might be an anomaly in the data) is a serious red flag.\n\nThe static analysis reveals a moderate level of concern regarding output escaping, with 29% of outputs not being properly escaped. While not directly flagged as a specific vulnerability type in the history, unescaped output can lead to Cross-Site Scripting (XSS) vulnerabilities. The plugin also performs file operations, and without knowing the specifics, this could introduce risks if not handled with extreme care, especially if user-supplied data is involved in file paths or operations.\n\nOverall, while the plugin demonstrates some good security hygiene in its code, the historical presence of critical and medium vulnerabilities, particularly those related to Missing Authorization and Insecure Storage of Sensitive Information, cannot be ignored. The unpatched status of these historical vulnerabilities, if accurate, significantly elevates the risk. The issues with output escaping and file operations, while not immediately critical based on this data alone, warrant attention as potential attack vectors.",[298,301,304],{"reason":299,"points":300},"Critical and Medium Severity Vulnerabilities in History",20,{"reason":302,"points":303},"Unescaped Output detected",8,{"reason":305,"points":306},"File Operations present",5,"2026-03-16T18:51:15.005Z",{"wat":309,"direct":322},{"assetPaths":310,"generatorPatterns":315,"scriptPaths":316,"versionParams":317},[311,312,313,314],"\u002Fwp-content\u002Fplugins\u002Ftnc-toolbox\u002Fcss\u002Ftnc-toolbox-admin.css","\u002Fwp-content\u002Fplugins\u002Ftnc-toolbox\u002Fcss\u002Ftnc-toolbox-frontend.css","\u002Fwp-content\u002Fplugins\u002Ftnc-toolbox\u002Fjs\u002Ftnc-toolbox-admin.js","\u002Fwp-content\u002Fplugins\u002Ftnc-toolbox\u002Fjs\u002Ftnc-toolbox-frontend.js",[],[],[318,319,320,321],"tnc-toolbox\u002Fcss\u002Ftnc-toolbox-admin.css?ver=","tnc-toolbox\u002Fcss\u002Ftnc-toolbox-frontend.css?ver=","tnc-toolbox\u002Fjs\u002Ftnc-toolbox-admin.js?ver=","tnc-toolbox\u002Fjs\u002Ftnc-toolbox-frontend.js?ver=",{"cssClasses":323,"htmlComments":326,"htmlAttributes":327,"restEndpoints":329,"jsGlobals":330,"shortcodeOutput":332},[324,325],"tnc-toolbox-admin-bar-menu","tnc-cache-purge-status",[],[328],"data-tnc-purge-type",[],[331],"tnc_toolbox_ajax_object",[]]