One of our goals here at WP Engine is to continue innovating and improving our platform so you can get the absolute most out of it. And late last year and early this year we made a host of improvements to our platform that give all WP Engine customers better performance, tighter security, and updated caching. Combined, these improvements result in faster, more reliable, and more secure WordPress sites.
Let’s take a quick look at some of our recent platform improvements and how you benefit from them as a WP Engine customer:
We’re in the process of updating our platform to PHP 5.5, Ubuntu 14.04, and MySQL 5.6. These upgrades individually deliver huge performance gains, and when combined they can account for nearly a 50 percent increase in speed for our customers. Thousands of our customers have already been moved into the new platform, and all new customers are on this platform already. We continue to actively migrate customers, and we’ll send you an email as part of the migration process.
We have also improved our performance monitoring and our hotspot identification and now use it to actively drive performance improvements in our platform. Proactive performance monitoring helps us identify customers who may have performance issues. Our team digs in and finds the root cause of the issue and pushes the improvements upstream–into WordPress, plugins, or our platform, which benefits a larger set of customers and allows us to drive improvements in the performance and scalability of third-party plugins. So far, this effort has resulted in:
- Improvements to the way we do object caching
- Improvements to our baseline database configuration and schema
- Several changes in third-party plugins to make them operate better at scale
We continue to improve our malicious traffic detection and blocking (web application firewall), which reduces overall server load and protects your WordPress sites from attackers. The attacks that we block include:
- Exploits against several plugins, such as the RevSlider vulnerability, that attempt unauthorized downloads of php files, configuration files, /etc/passwd, and more.
- Attempts to gain unauthorized access to wp-admin.
This improvement was put into action recently when news spread of the comment XSS vulnerability–our Security Engineers patched over 4,000 servers within three hours of the vulnerability being privately announced, and was therefore complete well before the public announcement.
We’ve also improved our caching for mobile sites by updating how our platform handles mobile search engine bots. Previously, mobile-specific bots could be served cached versions of non-mobile-optimized pages. This is an important improvement for sites that serve different content to mobile users.
These updates, and the updates we’re currently working on, reaffirm our commitment to all WP Engine customers that we’ll continuously innovate and work on ways to improve our platform.