My whole site is SSL

BTW the site is https://www.thrivingaudios.com

I’m using this setting with Woocommerce on a full ssl site and https pages are getting cached fine, plus WF is not caching pages like checkout, so I’d say it’ll work ok as long as you’re excluding relevant pages.
However, while for me pages are being cached, the actual cached version does not appear to be used (there’s no message in the html to confirm the cache anyway). Be interested to see if you have a similar problem or it’s specific to my case, which I just raised a ticket for.

Thanks jons7, I’ll try it tonight or tomorrow. I have already excluded the relevant pages, I just need to set the caching.

I appreciate you answering this for me.

Hows the speed with the caching?

lol I wish I knew – the cached pages aren’t being sent, that’s what I raised my ticket about.

Ah, I’ll wait till you get an answer then, what’s your ticket link?

@marky I’ll ask this to our dev team on our weekly call. I believe that Wordfence has always been fully compatible with Woocommenrce. Here’s a page we have about it.
https://support.wordfence.com/support/solutions/articles/1000074182-is-wordfence-and-falcon-caching-engine-compatible-with-woocommerce.

@jons7 I think I know which ticket you refer to on the premium side, but haven’t got an answer back to make sure I’m answering correctly.

tim

Hi, I’m not sure you answered my question.

Everything from the home page through to woocommerce is SSL. My question is, is Wordfence compatible with the whole site being SSL?

And will the site speed up, because according to jons7 whose site is the same as mine with the whole site being covered by SSL the falcon caching does not work properly with it.

Having whole sites covered by SSL is going to be the norm soon.

I want to get the premium, the plugin looks excellent, especially the country blocking, I’m getting traffic from the ukraine and china I’d like to put an end to, but I really want to use the caching before I pay for it.

It might be something specific to my site or server causing my https cached pages not to be served up, so if I were you I’d just give it a try. You can always turn the caching off if it goes pear-shaped.

I ended up using W3 Total Cache in the end, but will try the Falcon Engine again on another project.

@tim thanks but I don’t have a premium account – must be someone else you’re thinking of.

I’m not sure that will be the norm but then everything is debatable.

The country blocking is fun and effective. I have used it several times to block mass attacks (watch these in real time over at https://www.wordfecnce.com on the main page). I think I mentioned elsewhere, my favorite part of it is the option to refer the blocked country to another page. This worked well for the site I mention because I was able to forward them from blog.sitename.com to https://www.sitename.com. I was thinking of sending the requests to a site of a more dubious nature but my better judgement got in the way. stupid better judgment ??

I’m asking about the ssl thing today on our call and will update when I get an answer.

tim

Thanks, appreciated.

I received the information about SSL being the norm in the future from a marketing lady who is apparently on the leading edge, but she could be wrong. She said that an SSL is an absolute requirement these days because of home page hacks, etc.

I tend to take everything marketing people sayb with a grain of salt.
Most know marketing really well, but fall a little short in the details when it comes to how stuff works on the backend. There are exceptions and I am not trying to say that she doesn’t, just that sometimes you need to doublecheck that. Google seems to be pushing ssl, which will likely lead to more adoption but we shall see if webmasters decide to follow or not. My thoughts is wondering how a website that doesn’t require a username or password to join, and doesn’t sell anything in a shopping cart, nor store personal data of any kind would benefit from it. I’m all for being secure. I just want to know why. This is an interesting article about it:
https://support.exware.com/ssl.html
I guess the bottom line is the choice is yours on whether or not to use it. But just because you have it doesn’t mean you are safe. Kind of like Mac users who think they can’t get viruses because its a Mac. They write for Macs now as well as Windows users. (for the Mac users, I am one too. read this for fun facts about Mac Malware https://www.welivesecurity.com/2014/03/21/10-years-of-mac-os-x-malware/)

tim

Good SSL article, we sell audios so we do need it in the shop area, but did decide to use it all over the site. Perhaps we are being overly cautious but as you say Google are pushing it these days.

I bit the bullet and did set Falcon caching up, it has sped up the site, about 50% faster now, which is good but it’s left me wondering if I could get more from another form of caching.

The one thing you need to be cautious about is the danger that a page that has a place for a user to enter information in. Say you have a page where a user chooses a,b, or c. The user that first hits the page chooses b. As long as the page cache exists, any user that hits the page will see b already checked. Or let give you a real world example. One of the sites I managed used another kind of caching (but principle still applies). We began to get reports that people who went to the site, read the page, and wanted to leave comments would see that the comment form was already filled out with another commenter’s credentials and comments. This has been years ago so I don’t remember what our fix was, but the result was the same. So regardless of the caching solution, its something you need to watch out for, especially dealing with credit cards, etc. Like my dad told me years ago when I got my first job “You’re screwing with someone else’s money. Be careful” (actually thats a sanitized version. His language was far more colorful lol).

So, I guess I’m saying be cautious and watch for problems, regardless of which caching you use.

tim