Compatibility with cache plugins

Definitely we need not only hardening security but also speeding up the site. So you may want to use IP Geo Block with a caching plugin.

This is a big challenge to make this plugin compatible with cache plugins, because they would respond the requested content without executing any PHP codes at the very beginning of WordPress core process or even before the core starts.

Requirements for compatibility

To achieve the demand for both security and speed, the cache plugins need to support the following requirements.

Do not cache page

One of the most important thing for this plugin is to prevent caching an error page where an access denied message is rendered. For this purpose, this plugin defines DONOTCACHEPAGE constant and set the flag for is_404().

On a cache plugin side, one of the followings needs to be supported.

  1. Support DONOTCACHEPAGE
  2. Support “Do not cache 404 page”

For example, WP Super Cache supports both of them by default, while many other plugins have 2. in their setting options.

Deferred execution

IP Geo Block provides the option “Validation timing” which kick off this plugin at an earlier phase than other typical plugins.

In correspondence with it, a cache plugin need to support the option for “deferred execution” or “late initialization” to give this plugin a chance to render an error page before the cached page is responded against the requests from blacklisted countries (or IPs).

Supported plugins

Here’s a list of supported requirements mentioned above.

Plugin Name Do not cache page Deferred execution
WP Fastest Cache N/A
Comet Cache N/A
Hyper Cache N/A
WP Rocket N/A
WP Super Cache
W3 Total Cache
Swift Performance Lite
Vendi Cache

This list shows that:

The followings are the options setting in each plugin.

WP Super Cache

WP Super Cache

W3 Total Cache

W3 Total Cache - Page Cache Method

W3 Total Cache - Late Initialization

Swift Performance Lite

Swift Performance Lite - Caching Mode

Vendi Cache

Vendi Cache - Cache Mode

Installing MU-Plugins

A must-use plugin is a plugin that will always be activated by default and be loaded prior to other typical plugins when you install it into your wp-content/mu-plugins/ directory.

You must select "mu-plugins" (ip-geo-block-mu.php) as Validation Timing in “Validation rule settings” section to install this plugin as “must-use plugin”.

Validation Timing

Restrictions

Installing ip-geo-block-mu.php has following restrictions mainly because of its execution timing which is before after_setup_theme action hook:

Please refer to “Validation timing” for more details.

What will become of my site if I use other plugin?

Well, it would not be so serious. Let’s think about WP Fastest Cache for example.

If someone requests a page where a cache hit occurs, no PHP code would be executed but static contents in the cache would be responded. In this case, this plugin has no chance to block anything.

If someone requests a page where a cache miss occurs, then WordPress would start to handle the request. In this case, this plugin would have a chance to validate the request.

So a visitor from forbidden countries sometimes gets cached contents and sometimes gets blocked. This means attack from forbedden countires would fail. As a consequence, blocking by country can still reduce the risk of infection.

How about Object Cache plugins?

WP_Object_Cache is a core class that implements an object cache. It stores all of the cache data to memory and makes them reusable within a request, but it does not make them reusable between different user agents even for the same content.

Unlike the full page cache plugins mentioned above, object cache plugins like LiteSpeed Cache on OpenLiteSpeed Web Server and Redis Object Cache using Redis make the “object” persistent. So the mechanism of persistent object cache is suitable for dynamic contents, and should be compatible with IP Geo Block.

See also