为了极致优化Wordpress,加上了Cloudflare CND后,页面缓存也都配置上了,但每次更新都需要去CF后台刷新缓存,所以做了个插件,方便自动更新。Github项目地址 WP-Cloudflare-Auto-Purge
首先,CF页面缓存设置:进入域名后,左边栏目选择 缓存-缓存规则 新建一个缓存。缓存规则为
- 第一条:选择缓存默认文件扩展名,点预览模版,然后重命名为“缓存静态文件”
(http.request.uri.path.extension in {"7z" "avi" "avif" "apk" "bin" "bmp" "bz2" "class" "css" "csv" "doc" "docx" "dmg" "ejs" "eot" "eps" "exe" "flac" "gif" "gz" "ico" "iso" "jar" "jpg" "jpeg" "js" "mid" "midi" "mkv" "mp3" "mp4" "ogg" "otf" "pdf" "pict" "pls" "png" "ppt" "pptx" "ps" "rar" "svg" "svgz" "swf" "tar" "tif" "tiff" "ttf" "webm" "webp" "woff" "woff2" "xls" "xlsx" "zip" "zst"})选择符合缓存条件,边缘TTL可以设置成一年,浏览器TTL默认,或者设置成接受源服务器 TTL。
nginx缓存规则可以加上location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|svg|woff|woff2|tif|ttf|webp|ico)$ { expires 30d; error_log /dev/null; access_log /dev/null; } - 第二条:绕过缓存。规则为(注意huilang.me改成你自己的域名,如果有www,记得加上)
(http.host eq "huilang.me" and not starts_with(http.request.uri.path, "/wp-admin") and not starts_with(http.request.uri.path, "/wp-json") and not starts_with(http.request.uri.path, "/wp-sitemap") and not http.request.uri contains ".php" and not http.cookie contains "wordpress_logged_in" and not http.cookie contains "comment_author_") and not http.request.uri.query contains "s"我有一个Uptimeflare的监控,需要排除缓存,所以加上
and not http.user_agent contains "Uptimeflare"如果你用到woocommerce,可以加上
and not http.cookie contains "woocommerce_items_in_cart" and not starts_with(http.request.uri.path, "/cart") and not starts_with(http.request.uri.path, "/checkout") and not starts_with(http.request.uri.path, "/my-account")选择符合缓存条件,边缘TTL可以设置成:忽略缓存控制标头,使用此 TTL(1年)。浏览器TTL建议设置成2分钟。
高级用法:边缘TTL改成1分钟,然后下方状态码TTL新增一个 单一代码/200/持续时间1年,避免其他非200缓存.
注意两条规则的顺序
缓存最终效果:
- 缓存所有静态文件
- 登录用户/评论用户/搜索页面/指定路径(/wp-admin /wp-sitemap .php 密码保护文章)之外全部资源缓存
然后在Github下载并安装插件,启用后设置选项,保存即可。
建议先关闭闪电模式,开启详细反馈,修改一篇文章看看文章顶部日志输出效果,如果没问题,可以再开启闪电模式
顺便附几个安全规则
1. 后台防护
(http.request.uri wildcard r"/wp-admin*" and ip.src.country ne "CN") or (http.request.uri wildcard r"/*.php*" and ip.src.country ne "CN") or (http.request.uri wildcard r"/?s=*") or (http.request.uri wildcard r"/*&s=*") or (http.request.uri wildcard r"/wp-json*")2.垃圾UA
(http.user_agent contains "DotBot") or (http.user_agent contains "rushBot") or (http.user_agent eq "") or (http.user_agent contains "Go-http-client") or (http.user_agent contains "DataForSeoBot") or (http.user_agent contains "MJ12bot") or (http.user_agent contains "AhrefsBot") or (http.user_agent contains "Censys") or (http.user_agent contains "ython-") or (http.user_agent contains "Parser") or (http.user_agent contains "okhttp") or (http.user_agent contains "BLEXBot") or (http.user_agent contains "serpstatbot") or (http.user_agent contains "Barkrowler") or (http.user_agent contains "Apache-HttpClient") or (http.user_agent contains "LinkedInBot") or (http.user_agent contains "zgrab")3.拦截路径
(ends_with(http.request.uri, ".zip")) or (ends_with(http.request.uri, ".tar")) or (ends_with(http.request.uri, ".sql")) or (ends_with(http.request.uri, ".gz")) or (ends_with(http.request.uri, ".rar")) or (http.request.uri contains ".env") or (http.request.uri contains "wlwmanifest.xml") or (http.request.uri.path contains "/.git")
