Tag Archives: Performance

WordPress, HTTPS, CDN and W3 Total Cache – Take 2

I’ve previously mentioned some of the workarounds of using the excellent W3 Total Cache plugin with a CDN and utilising HTTPS on some pages. The heart of the matter is that some CDN providers do not provide Custom HTTPS support out of the box or do but with a normally large monthly fee attached, some like the excellent MaxCDN will provide free shared SSL support but that is on there own domain, for example for this website, using MaxCDN my HTTPS domain for CDN is stswebsite-somersettechnica.netdna-ssl.com.

The Problem

By default when you configure W3 Total Cache with a CDN it assumes that your CDN hostname is the same for HTTP or HTTPS. However for providers like MaxCDN and people that don’t want to pay or simply merit the costs of Custom HTTPS support, this means, that as before without disabling CDN on HTTPS pages you would get a mixed content error or worse the CDN elements may fail to load at all, something especially true with Google Chrome.

The Solution

We stumbled upon a solution while chatting with the W3 EDGE team about the issue that there currently exists a way to specify the HTTPS CDN hostname separately from the HTTP hostname. It appears that this feature request was completed some time ago but never made its way into documentation, and the solution is remarkably simple and requires no code changes or additions to get working.

w3tc-cdn-settingsYes it is that simple! in case the image is unclear, in the replace site’s hostname with field, simply supply a comma separated list of hostnames in the format

cdn.httpdomain.com, cdn.httpsdomain.com

and W3 Total Cache will do the rest for you. If you take a look of our Contact page source then you will see that things like CSS files are now loaded from the different HTTPS endpoint compared to the other pages on the site.

If you are a MaxCDN or NetDNA customer you can find your HTTPS domain very easily, login to your MaxCDN/NetDNA portal, go and manage your Pull Zone, there should be a tab called SSL, simply make sure the enable shared SSL option is ticked and save your settings, then the SSL URL should be shown on that same tab if it wasn’t already like in this screenshot:


Now you can enjoy faster more consistent page load times even on HTTPS without causing an extra drain on your server or your wallet.

Is your WordPress site embedding tracking code without your knowledge?

I just stumbled upon a couple of important articles relating to the WordPress Stats plugin available for free to all wordpress users and gives a sort of cut down Google Analytics functionality. i found the articles because i was googling as to why all of a sudden my sites were loading a file from quantserve.com, I wont rehash the details and instead link you to the 2 respective blog posts and summarise with these points, full info is available at http://www.techairlines.com/2010/12/30/wordpress-stats-quantcast/ or at http://blog.futtta.be/2010/12/15/wordpress-com-stats-trojan-horse-for-quantcast-tracking/

  • The WordPress Stats plugin now includes a call to the quantserve sites for “planned extra features”
  • They have not acknowledged the inclusion of a 3rd party data tracking script in there plugin on the plugin main page
  • they have not offered ANY opt in or opt out procedure and look to be unwilling to do so
  • The js file in question can and seems to lower website performance by a noticeable margin

However there is a solution for users of the of the WordPress Stats plugin: install this plugin made by futta which will disable all tracking possibility with quantserve (do not install if you actually use quantserve) and let the developers of the WordPress Stats plugin know that you are unhappy with the inclusion of 3rd party data tracking without your knowledge and without an opt-out facility.

I’m also going to consider asking futta to submit the plugin to the wordpress plugins database.

This problem highlights the need to be vigilant and careful about what plugins you install on your wordpress site