awhig on "W3 Total Cache critical Vulnerability disclosed"
For those whose page caching stopped working with the update to .5, someone has posted a fix to this. It is only for Disk: Basic page caching, which is exactly what stopped working for me. I've applied...
View Articlenoisegate95 on "W3 Total Cache critical Vulnerability disclosed"
The fix mentioned above totally fixed my response time issues. I swore it was Cloudflare. Give it a shot.
View Articledaevid on "W3 Total Cache critical Vulnerability disclosed"
I've updated to .5 and my website now has severe problems - requests time out or don't return any database content. W3TC is notifying me of the same errors as @alexwoolfson and @MediaInk mentioned: "It...
View ArticlesLa NGjI's on "W3 Total Cache critical Vulnerability disclosed"
At this point the question is: Frederick Townes is technically capable of programming this plugin, or (i read this in this same forum) the people who created the code of this plugin, have abandoned the...
View Articledaevid on "W3 Total Cache critical Vulnerability disclosed"
After replacing W3TC with the modified version of 0.9.2.5 mentioned above (http://www.wmiles.com/2013/01/03/w3tc-cache-preload-for-version-0-9-2-5) my problems get reduced to this error message only:...
View Articlenoisegate95 on "W3 Total Cache critical Vulnerability disclosed"
I received that same minify re-write error. I think just clearing your cache, and verifying your three htaccess files, you should be good to go. If you are using a CDN such as Amazon, you should upload...
View ArticleMediaInk on "W3 Total Cache critical Vulnerability disclosed"
The change of the code posted on (http://www.wmiles.com/2013/01/03/w3tc-cache-preload-for-version-0-9-2-5) fixed my page cache issue and running now at the load before the upgrade. Really appreciate...
View Articledaevid on "W3 Total Cache critical Vulnerability disclosed"
@MediaInk You have to unzip the plugin and only upload the folder "w3-total-cache" which resides inside the folder "w3-total-cache.0.9.2.5".
View Articlenoisegate95 on "W3 Total Cache critical Vulnerability disclosed"
I did it the hard way. 1. Disable W3TC. 2. Rename the folder in the /plugins directory to wp-total-cacheOLD. 3. Open the "new" plugin in 7Zip. 4. Remove the version "0.9.2.5" from the folder name. Save...
View ArticleMediaInk on "W3 Total Cache critical Vulnerability disclosed"
@daevid thank you for the pointer. I installed the modified upgrade on 5 different sites, all of them are working fine. I am using Disk Basic page caching on litespeed servers
View ArticleUltravader on "W3 Total Cache critical Vulnerability disclosed"
@sLa NGjI's there seems to be a problem with your post on .htaccess rules. Most of it is in keeping with the similar stuff found on httpd.apache.org but there is a missing character in the part: #...
View ArticlesLa NGjI's on "W3 Total Cache critical Vulnerability disclosed"
# RewriteCond %{ENV:REDIRECT_STATUS} 200 RewriteRule .* - [L] #
View ArticleUltravader on "W3 Total Cache critical Vulnerability disclosed"
@sLaNGjI's Also, in the part # # Skip WordPress 404 Error for Static Files # RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME}...
View ArticleReply To: W3 Total Cache critical Vulnerability disclosed
Frederick Townes, 0.9.2.5 version was released, but my question is: 0.9.2.5 version include enhancements and corrections contained on previous development 0.9.2.5b (2011-08-31) versions? 🙂
View ArticleReply To: W3 Total Cache critical Vulnerability disclosed
For those of you that use W3 Total Cache to make your sites more performant, thank you. Security issues are always of paramount interest, no matter the scope. The root of the possible vulnerability...
View ArticleReply To: W3 Total Cache critical Vulnerability disclosed
@ithacaindy & anyone else who needs to use DB caching – then you can create a deny all .htaccess file and upload it to your /w3tc/dbcache folder. To create a deny all .htaccess file: 1. Open...
View ArticleReply To: W3 Total Cache critical Vulnerability disclosed
Otto: I updated my .htaccess to prevent directory indexing. Since I’m on a shared host, I need the database cache; disabling it brought things to a crawl. It would be nice if Object Caching were...
View ArticleReply To: W3 Total Cache critical Vulnerability disclosed
ithacaindy: Essentially, don’t use the “Disk: Basic” or “Disk: Enhanced” settings for the cache. Or, if you do, then make sure you have Directory Indexing disabled on the site, which is generally a...
View ArticleReply To: W3 Total Cache critical Vulnerability disclosed
Can someone specify what the correct settings for “Database Cache” should be in order to avoid the exploit?
View Article