Cloudflare

• 2022-07-27 =

• Restrict access to sensitive files using .htaccess configuration.

• Added cloudflare_use_cache hook to determine when to cache.

• Allow arrays with url keys to be passed into cache purge requests.

• Handle getZoneSettings not returning a key and throwing an unset array key error.

• 2022-06-06 =

• Fix logic for ignoring cache purge operations.

• 2022-06-03 =

• Ignore feed URLs in cache purge operations unless a cache override is in place.

• 2022-05-04 =

• Handle empty URL arrays for purging.

• Swap publicly_queryable for is_post_type_viewable when determining if the post is public.

• Update always_use_https check to work with the API lacking a "value" for the key.

• purgeCacheByRelevantURLs now accepts either an array or single ID

• 2022-03-22 =

• When a zone has "Always Use HTTPS" enabled, only send HTTPS based URLs. HTTP URLs will never be hit and never present in the cache.

• 2022-03-18 =

• Retag 4.8.1 with correct version in user agent

• 2022-03-18 =

• Loosen domain check for cache purge calls to allow subdomains

• 2022-03-15 =

• Updated supported WordPress version to 5.9

• Replace Guzzle with wp_remote_request for remote calls

• Update cache purge logic to improve efficiency of what we send to the remote service

• 2021-10-28 =

• Merge cloudflare-plugin-backend into Cloudflare-WordPress repository

• 2021-10-11 =

• Make frontend use native await/async

• Purge cache on mobile if APO Cache By Device Type

• 2021-06-03 =

• Rewrite PHP 8 bootstrap files for symfony/polyfill to be PHP 7 compatible

• 2021-06-02 =

• Document unintuitive transition_post_status WP hook behavior

• Only purge public taxonomies while clearing any empty values from the list

• Better handling of cases where wp_get_attachment_image_src is false and not a usable array

• Support activation of IDN domains

• Improve development experience by shipping a Docker Compose file with more tooling and documentation

• 2021-03-23 =

• Purge posts when transitioning to or from the 'published' state

• Remove conditional logic for subdomain, allow to activate APO feature on the subdomain

• Further work to autocorrect APO settings

• 2021-03-19 =

• Sanitise sensitive HTTP header logs

• Stop sending cfCRSFToken to remote API

• Add warnings for incorrectly configured Automatic Platform Optimization

• Purge posts that go from public to private

• Purge pagination for first 3 pages

• 2021-03-08 =

• Fix warning for file_get_contents of composer.json

• 2021-03-05 =

• Deprecate REST dashboard analytics

• 2021-03-02 =

• Allow configuration of Cloudflare credentials via environment variables

• Prevent purging of cache before comments have been moderated

• Remove unnecessary symfony/yaml dependency

• 2021-02-11 =

• Removed development dependencies from vendor directory

• Update CLOUDFLARE_MIN_PHP_VERSION to match the plugin requirements

• 2021-02-09 =

• Drop support for PHP 5.6, 7.0 and 7.1

• 2021-01-14 =

• Revert Add pagination purging

• 2021-01-13 =

• Add pagination purging

• 2020-12-07 =

• Purge taxonomy feed URLs

• Fix changing APO settings (cf, wordpress, plugin) when running on subdomain

• Fix setting hostname override

• 2020-11-19 =

• Add subdomain support for APO card

• 2020-10-15 =

• Added automatic purge cache on new comment

• 2020-10-13 =

• Added composer's type=wordpress-plugin for Bedrock users

• Fixed typo in readme.txt

• Fix modify header exception thrown during wp-cron

1. Cloudflare Plugin

=

• 2020-10-05 =

• Fixed setting all APO values properly for correct dashboard rendering

• 2020-10-02 =

• re-relase broken version, no changes

• 2020-10-02 =

• Fixed typo in config.js(on) that resulted in warning #292

• Check for array indicies are set before using #278

• 2020-10-01 =

• Added APO support

• Renamed Automatic Cache Management card to Auto Purge Content On Update

• 2020-09-25 =

• Bump cloudflare-plugin-backend v2.3.0 and cloudflare-plugin-frontend v3.1.0 #283

• 2020-09-17 =

• Bump cloudflare-plugin-backend #276

• 2020-07-02 =

Fixed

• Fixed Cache Purges failing #266

• 2020-06-26 =

Fixed

• Disable HTTP/2 Push on wp-admin pages #214
• Fix PHP 7.4 notice #256

Added

• Purge attachment URLs #208
• Purge URLs on page/post update #206
• Turn on IPv6 by default #229
• Add constants for better control HTTP/2 Server Push #213
• Allow custom actions for purge url and purge everything actions #212

• 2019-08-29 =

Added

• Added support for API Token authentication.

• 2019-08-29 =

Fixed

• Updated list of contributors.
• Updated tested Wordpress version to latest (5.2.2).

• 2019-3-6 =

Fixed

• Bug in Hooks.php causing errors in PHP 7+
• Bug preventing Autoptimize plugin's optimized asset urls from being used when present and when Cloudflare HTTP/2 Push was enabled

• 2017-12-12 =

Fixed

• Bug in cf-ip-rewrite

Added

• Added a new filter cloudflare_purge_by_url allowing users to have better control on automatically purged urls.

• 2017-6-29 =

Fixed

• Potential bug with using by unchecked $_GET.

• 2017-6-29 =

Added

• Added a new Splash Screen
• Added userConfig.js file allowing custom configurations.
• Added logs in debug mode for Automatic Cache Purge.
• Added logs for oversized Server Push HTTP headers.

Changed

• Automatic Cache Purge now purges Autoptimize by everything rather than by URL.
• Updated IP Ranges

Fixed

• Bug where domains which had capital letters not working.
• Bug where Automatic Cache Purge couldn't purge front page.
• Bug related to work with IWP.
• Bug where if PHP is compiled with ipv6-disable flag, it crashed the site.

• 2017-3-14 =

Fixed

• Bug where accounts which had more than 20 zones would not show up correctly.

• 2017-3-1 =

Added

• Bypass Cache By Cookie functionality.
• HTTP/2 Server Push functionality (disabled by default).

Changed

• Lowered the plugin size.
• Automatic Cache Management feature includes purging taxonomies.
• Automatic Cache Management feature supports sites which use both HTTP and HTTPS.

Fixed

• Admin bar disappearing from the plugin.
• Bug where spinner was loading forever.
• Bug where the backend errors where not being shown in the frontend.
• Issues where IE11 was not working properly.

• 2016-11-17 =

Changed

• Moved Admin Bar behind Automatic Cache Purge toggle.

• 2016-11-17 =

Added

• Added ability to automatically purge cache when a post is published, edited or deleted. (Thanks to brandomeniconi and mike503)
• Added ability to work with Wordpress MU Domain Mapping plugin. (Thanks to brandomeniconi)

Changed

• Changed the UI to look more like cloudflare.com dashboard.
• Changed plugin description.
• Disabled showing WordPress Admin Bar and Edit Post Link to avoid caching problems for users using HTML Caching.

Fixed

• Fixed bug where require vendor folders was not working.
• Fixed bug where static files were cached which caused issues updating the plugin.
• Fixed dependencies which caused issues with PHP Compatibility Checker plugin.

• 2016-10-6 =

Added

• Added ability to toggle Development Mode.

Fixed

• Fixed bug where active zone dropdown was not working properly.

Changed

• Compressed resources to lower plugin size.
• Updated Cloudflare logo.

• 2016-09-28 =

Fixed

• Fixed bug where refactored Flexible SSL fix was causing the settings page hook not to load.

• 2016-09-27 =

Added

• Ability for users to toggle Automatic HTTPS Rewrites (enabled by default, solves for most mixed content errors).

Fixed

• Fixed an issue where low PHP version where getting syntax error.
• Fixed issue where some users using Flexible SSL where not able to login to wp-admin .
• Fixed a bug where the active zone selector was not paginating through the whole zone list.
• Fixed an issue where the setting for Image Optimization was being displayed incorrectly.
• Fixed a bug in Analytics where theUniques Visitors data was not displaying accurately.

Changed

• Compressed assets to lower plugin size.
• Hooks loading logic refactored to make it more simple and readable.

• 2016-09-21 =

Fixed

• Fixed an issue where some domains were being incorrectly propagated to the domain selector dropdown
• Fixed an issue where the Web Application Firewall was accidentally triggering RFI Attack Rules
• Fixed an issue where image optimization was not being enabled for Pro and higher CloudFlare plans

• 2016-09-16 =

Fixed

• Disabled HTTP/2 Server Push which was leading to 520 and 502 errors for some websites.

• 2016-09-16 =

Fixed

• Fixed HTTP/2 Server Push exceeding the header limit Cloudflare has which caused 520 errors.
• Fixed warning message in HTTP/2 Server Push.

• BETA RELEASE: IPv6 support - Pull the IPv6 range from https://www.cloudflare.com/ips-v6. Added Development Mode option to wordpress plugin settings page.

• Added IP ranges.

• Adjusted a line syntax to account for differing PHP configurations.

• Removed use of php short-code in a couple of places
• Added some cURL / json_decode error handling to output to the screen any failures
• Reformatted error / notice display slightly

• Clarified error messaging in the plugin further
• Added cURL error detection to explain issues with server installed cert bundles

• Improved logic to detect the customer domain, with added option for a manual override
• Standardised error display
• Updated CloudFlare IP Ranges

• Plugin settings are now found under Settings -> CloudFlare
• Plugin is now using the WordPress HTTP_API - this will give better support to those in hosting environments without cURL or an up to date CA cert bundle
• Fixes to squash some PHP Warnings. Relocated error logging to only happen in WP_DEBUG mode
• Added Protocol Rewriting option to support Flexible SSL

• Update regex to not alter the canonical url

• Limit http protocol rewriting to text/html Content-Type

• Bug: Clean up headers debugging message that can be displayed in some cases

• BETA RELEASE: IPv6 support - Pull the IPv6 range from https://www.cloudflare.com/ips-v6. Added Development Mode option to wordpress plugin settings page.

• Updated the method to restore visitor IPs
• Updated the URL rewrite to be compatible with WordPress 4.4

• Added input sanitization.

• Fixing bug which prevented a user from activating/deactivating the plugin

Fixed bug that was preventing spam comments from being sent to CloudFlare

• Bump stable version number.

• Add in IPV6 support and Development Mode option to wordpress plugin settings page. Remove cached IP range text file.

• Disable Development Mode option if cURL not installed. Will Use JSONP in future release to allow domains without cURL to use Development Mode.

• Remove Database Optimizer.

• Remove Database Optimizer related text.

• Fixed issue with invalid header.
• Updated IP ranges
• Fixed support link

• Made adjustment to syntax surrounding cURL detection for PHP installations that do not have short_open_tag enabled.

• 2016-09-15 =

Added

• Added one-click application oft WordPress specific recommended settings
• Added ability to purge the CloudFlare cache
• Integrated with WordPress cache management to automatically clear the CloudFlare cache on updating site appearance
• Added ability to change CloudFlare settings (Always Online mode, Im Under Attack, Image Optimization, Security Level, Web Application Firewall)
• Added Analytics showing Cached Requests, bandwidth used, unique visitors, threats blocked
• Added Header rewrite to prevent a redirect loop when Cloudflares Universal SSL is enabled
• Added HTTP/2 Server Push support
• Added Support for PHP 5.3+

Removed

• Removed HTTPS Protocol Rewriting
• Removed submission of spam comments
• Removed ability to toggle Development Mode On/Off

Changed

• Updated user interface
• Started to support WordPress 3.4+ instead of 2.8+ because we depend on the WordPress Options API

• Pull the IP range from https://www.cloudflare.com/ips-v4. Modified to keep all files within cloudflare plugin directory.