Conversion not happening with Cache and CDN

  • Resolved matthewcarlin

    (@matthewcarlin)


    6 years ago

    Hi,

    I’m using this on a site and i have successfully installed it and ran the test for the conversion, which works. However it doesn’t seem to be converting any of the uplaods folder or theme folder images. I’m using W3 total cache and an Amazon cloudfront CDN. Is there something specific i need to do or a setting i need to change to make this work?

    Thanks

Viewing 9 replies - 1 through 9 (of 9 total)
  • Plugin Author rosell.dk

    (@roselldk)

    Hi,

    Have you followed the CDN instructions in the FAQ?
    https://www.ads-software.com/plugins/webp-express/#description

    If you already had the CDN running before you installed WebP Express, it probably means that they are on in the CDN cache now – and that they were cached before our plugin made sure to append the Vary header.

    I would guess that once you configured cloudfront to forward the “Accept” header, cloudfront will invalidate the cache. But you may have to purge the images in the cloudfront cache.

    Thread Starter matthewcarlin

    (@matthewcarlin)

    Hi,

    Yes i think that was it and it appears to be working now. One other thing though is that the plugin seems to keep triggering warnings in the Wordfence Security plugin about LFI: Local File Inclusion , not sure if that’s something you can handle or it’s something on the Wordfence side.

    Plugin Author rosell.dk

    (@roselldk)

    Hi again,

    Is it the scan or the firewall that triggers the warning? It does not trigger warnings on the sites I administer, and I use Wordfence on all of them. I do not use Premium. Is it perhaps a Premium feature?

    I have some ideas on what might trigger an LFI warning, but to handle this properly, I need to be able to see the warning in the first place.

    Thread Starter matthewcarlin

    (@matthewcarlin)

    Hi,

    It’s the firewall that is triggering it not the scan it does. I’m not using premium either. I can forward on the email i receive (or anything else) privately if you have an email address i can send it to?

    wfdave

    (@wfdave)

    Hi @roselldk,

    There’s someone else on Wordfence’s support forums with a similar question.

    https://www.ads-software.com/support/topic/increased-attack-rate-alert-after-installing-webp-express-plugin/

    I’ve posted a solution over there, but I’ll also summarize it here:

    1. Go to Wordfence -> All Options -> Whitelisted URLs
    2. Type / for URL
    3. Choose Param Type: Query String
    4. Type source for Param Name
    5. Click Save Changes in the top-right corner

    Dave

    Plugin Author rosell.dk

    (@roselldk)

    Thanks, Dave!

    As remarked in the thread you pointed to, I will see to that WebP Express does not trigger the LFI warning in the first place.

    Plugin Author rosell.dk

    (@roselldk)

    Fixed in 0.8.0, which has just been released. Users of WebP Express will have to click the “Save settings and force new .htaccess rules” in order to update the .htaccess rules and avoid the LFI block.

    Besides the issue in test-run.php, it was also a problem with the line in .htaccess that passed the source argument to the php script. It was passing it like this: ?source=%{SCRIPT_FILENAME}. I have changed so it now passes it like this: ?xsource=x%{SCRIPT_FILENAME}. By putting an x before the path, the LFI rule is bypassed.

    The whole story is here: https://github.com/rosell-dk/webp-express/issues/87

    Plugin Author rosell.dk

    (@roselldk)

    marking as resolved

    Plugin Author rosell.dk

    (@roselldk)

    .

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Conversion not happening with Cache and CDN’ is closed to new replies.