Server Optimization and .htaccess Configuration
What ZiziCache writes to .htaccess (Apache/LiteSpeed)
- LiteSpeed directives: CacheLookup on, RewriteEngine on, and no-autoflush in auto/file modes.
- Browser caching:
mod_expiresrules for static assets; HTML/XML/JSON are set to no browser cache. - Font CORS headers:
mod_headersrules to allow cross-origin font loading. - GZIP compression:
mod_deflaterules for text/CSS/JS/fonts/SVG withno-gzipfor.gzfiles. - Cached HTML headers: specific headers for
.html.gz(Content-Type/Encoding, Cache-Control, CDN-Cache-Control, Cache-Tag, Vary). - Rewrite rules: block direct access to cached
.html.gzand route normal requests to WordPress soadvanced-cache.phpcan serve cache.
LiteSpeed-only mode
If cache mode is set to LiteSpeed only, ZiziCache writes a minimal rule set: LiteSpeed cache directives, CacheDebug headers, Cache-Vary cookies for logged-in state, and a server-level no-cache rule for logged-in users. File-based cache rewrite rules are not generated in this mode.
Cache directory security (Apache, NGINX, IIS)
ZiziCache secures cache directories using server-appropriate files:
- Apache: .htaccess files with allow/deny rules.
- NGINX: a
NGINX_SECURITY_README.txtwith sample rules (manual integration required). - IIS:
web.configrules.
Directories covered:
- Main cache: allows
.html/.gz, CSS/JS, fonts,.txt, and.sqlite; blocks dangerous extensions. - External files cache (
3rd-css-js): allows only CSS/JS/fonts; blocks everything else. - Plugin root: blocks access to log files.
Rules are created or updated on plugin activation, config changes, and after plugin upgrades. They are also created when the external files cache directory is first created.
Sample NGINX snippets (manual)
# Main cache directory (selective allow)
location /wp-content/cache/zizi-cache/ {
# Allow cache files, CSS/JS, fonts, txt
location ~* .(html|htm|gz|css|js|txt|woff2|woff|ttf|eot|svg)$ {
access_log off;
add_header X-Content-Type-Options nosniff;
}
# Allow SQLite (async warmup)
location ~* .sqlite$ {
access_log off;
add_header Content-Type "application/octet-stream";
add_header Content-Disposition "attachment";
}
# Block dangerous files
location ~* .(php|phtml|phar|db|sql|log)$ {
deny all;
return 403;
}
# Block hidden files
location ~ /. {
deny all;
return 403;
}
}
# External files cache (3rd-css-js)
location /wp-content/cache/zizi-cache/3rd-css-js/ {
location ~* .(css|js|woff2|woff|ttf|eot|svg)$ {
access_log off;
add_header X-Content-Type-Options nosniff;
}
location ~* .(php|phtml|phar|db|sql|log|txt)$ {
deny all;
return 403;
}
location ~ /. {
deny all;
return 403;
}
location ~ .* {
deny all;
return 403;
}
}
What .htaccess does not do
Request-level caching decisions (logged-in users, query parameters, WooCommerce rules, etc.) are handled in PHP (advanced-cache.php and plugin logic), not in .htaccess.
WP-CLI (maintenance)
# Flush OPcache wp zizi-cache opcache flush # Flush object cache (Redis or Memcached) wp zizi-cache object-cache-flush # Flush Redis (if Redis is active) wp zizi-cache redis-flush
Redis Object Cache (optional)
ZiziCache can enable Redis object caching by installing the object-cache.php drop-in and writing Redis constants to wp-config.php.
- TCP or Unix socket connections.
- ACL (username + password) supported.
- Flush via REST or WP-CLI.
Memcached Object Cache (optional)
ZiziCache supports both PHP extensions (memcached and memcache) and installs a backend-specific drop-in.
- Configurable server list and optional SASL credentials.
- Connection tests are rate-limited and validated.
- Flush via the backend-agnostic WP-CLI command.
Mutual exclusivity
Only one object cache backend can be active at a time. Enabling Redis disables Memcached and vice versa.