Thoughts on W3 Total Cache with Roots?

I know that W3 Total Cache was (or is) a recommended plugin on the Roots website, but I wondered what everyone’s experience is with it and whether we need it with Grunt doing all the minification.

Obviously W3TC does a lot more than just minification, but I have become more and more frustrated with the way it works and it’s feeling of self importance.

I use W3TC on all my sites, and I do love the way it handles browser/page caching and converting images and css files to using my CDN. However I hate clutter and the new settings page is just covered in unneccessary stuff and of course there is the annoying <!-- Performance optimized by W3 Total Cache. Learn more: comment that is appended to all pages which you can’t switch off easily. Since one of the huge advantages with Roots is the way it hides the fact that you are using WordPress and cleans and declutters the code I find that W3TC does this annoying. I’ve brought it up with them in the past and it doesn’t look like they are going to change it.

By the way, if you do want to remove the comment, you can hack it by changing a few lines in the TotalCache.php file. First of all, find TotalCache.php which should be in the /wp-content/plugins/w3-total-cache/lib/W3/Plugin directory.

Then find and replace:



if ($this->can_ob()) {


(from: )

Obviously the only issue with this method is that you’ll have to do this each time there is an update for W3TC. If anyone can come up with a filter or easier way to do this I am all ears!

Could we remove the comment with a hook? Whenever you update W3TC you’ll have to re-implement this hack

The only part of W3TC I use is for using a CDN (sometimes browser/page caching). Otherwise I’ve got a super optimised server runs on Ubuntu with Nginx/MySQL/FPM-PHP/Varnish/APC, my sites generally load in under 400ms and some sites render in 150ms. I’m tempted to see what Wordpress works like on other database platforms but they are not as easy to implement.

I testdrive w3 on site that I maintein. Result was disaster. I do not blame w3 but things happened. While I was enabling-disabling options on w3 I lose connection with my hosting provider and cannot connect again. I couldn’t even see site or ftp it. With different speed-test sites I determine that site is up and that is, sort of, functional. Long story short I was firewalled because of “suspicious behavior” by provider deffence system. My IP was baned. So I use different cache. Like I sad before I dont blame w3 because my provider is histerical.
Early this mounth my provider upgraded system and I wont to give w3 another chance.

I’d love it if it were possible to remove with a hook, but I don’t think that is currently possible. Unless someone can look into it?

It seems a lot of people here are using Nginx- is this quicker than Apache? Either way I can’t move away from Apache since that is what my host offers. Not even sure what FPM-PHP, Varnish and APC are, but they sound fun!

That’s odd. Why was it called “suspicious behavior”? I don’t see what W3TC could be doing that was seen as suspicious. Sounds like you’ve had a bit of a nightmare- sorry to hear that.

What caching plugin do you use?

I’m just wondering if any Roots users have any tips on how to use W3TC well and what their experiences are.

It’s definitely possible you just need to find the action that it’s inserted it, remove it and re-add it but edit the output string to blank. I haven’t looked at the code to work out names of variables, etc.

It’s honestly not much quicker than Apache unless you’re getting a ton of traffic. Who is your host? I recently moved to Digital Ocean and although you get little support (you have to install everything via ssh) it’s insanely fast. I’d consider it and let me know if you can consider it and I can invite you :smile:.

PHP-FPM - Basically normal PHP but a bit more clever
Varnish - Is a cache which outputs everything as HTML
APC - Is another Cache which is used a lot with W3TC

1 Like

Cool, thanks for this. I need to learn more about actions and hooks in WP and check this out. Maybe someone already has?!

I’m really pleased with my host- they have insanely good customer service and give over and above what they need to. I really need this because I just don’t have the knowledge or the time to fiddle with servers. They’re called Clook Internet. I think they might be able to offer stuff like Varnish, but I haven’t looked at it. They’ve moved us all over to using suPHP which makes a lot of sense and they offer a fab CDN service. I’ll have to look into PHP-FPM and APC.

They are very paranoid since someone launch “brutal” attack on all WP sites on their servers (trying to guess passwords). Funny staf is that, after that, users must enable their IP addres, so I had in my .htaccess that only one IP address, my, can reach wp-login.php. Cpanel always inform you about last IP. They always know my IP (it is same last 3 mounths) and thay ban me. Its not only that, they keep wrong FTP instalation files for SFTP. Idea is that you download .xml file from cpanel and inport it in Filezilla and you have SFTP. But its wrong on Windows and on Linux. When I tryed it, after the new order was establish, they ban me again. OK unban is simple and fast, but. I found their mail, when I was asking for reason:

“mod_security is blocking the access due to the insecure way of access your script is making and it can be exploited for file injection and remote file include and in a wrong hands this vulnerability can be exploited and can be used for hacking your own account and it in turn will affect the server so the solution here is to contact any developers and fix that vulnerability by changing the way your script access the URLs and pass the values and that will make your site more secure and will help it from getting hacked or getting uploaded with malicious contents and this feature which is blocking your access now is for your own security so instead of us disabling it what you need to do is to fix it and thats the permanent solution for it and that will be helpful for you in the long run and adds security to your site. Hope you have understood the situation and expecting your co-operation in this.”

My knowlege is not high enough to understand what they try to tell me. In my opinion its brushoff (how many “and” is in that first sentence).

I know that it look like another “complaining on hosting providers”, but it is not. My intention was only to inform people about things that can happend. And to not be stuned like I was, take me two days to contact suport.

You can remove the <!-- Performance optimized by W3 Total Cache. --> by disabling ‘Set W3 Total Cache Header

Old topic I know, but I was wundering if there are other people still using W3 Total Cache with Sage?

In previous versions, the minified stylesheet and javascript file always had the same name (main.min.css, script.min.js) so if a visitor viewed a cached page with the ‘old’ stylesheet and script, there wasn’t a real issue (other than changes you made were not visible).

However in Sage each minified production file gets a unique suffix (for example main-f52f8e72.css & main-435fa303.js) which is good, but now if a visitor views a cached page it might contain references to previous production files which causes an unstyled page and no functionality, which is a problem.

After running gulp --production I have to login Wordpress and empty the cache manually every time. I was wundering if anyone has a solution for this?

Additionally, if I would be using Trellis for deployments on for example DigitalOcean and enable the FastCGI Caching, would that eliminate the need for using a WP cache plugin?


This is something I always had a concern with. Previous versions of the theme did the cache busting with a query variable instead of a filename for that reason. Ideally you’d have some way of automating W3TC to empty cache on every deploy.

I think it depends, but for most sites it would definitely eliminate the need. For sites that get a good amount of traffic, I’d say use Memcached.

IMO, W3 Total Cache is a bloated plugin and shouldn’t be used. I used to use it all the time and even had it listed as a recommended plugin on the Roots site. It’s much nicer no longer going anywhere near that plugin.

:+1: on this, we’ve always had problems with W3TC. We’re currently using WordFence as our security plugin, and found that the WordFence caching feature works brilliantly with Sage. We’ve also included a URL hook in our lib/custom.php to empty the page cache during our automated deployments:

// This allows us to automatically empty the cache during deployments
if(!empty($_REQUEST['wfCacheClear'])) {
    // Empty the WordFence Falcon Cache (this will empty ALL caches on a network)
    die('Cache Cleared');

Our Sage sites are lightning fast now, and the above hook resolves the problem with cached pages pointing to outdated CSS/JS filenames.

Good idea! Just one question, went use REQUEST? I’ve not a fan of that, can cause very strange issues…

Probably because I couldn’t decide if it was going to be a GET or a POST. We ended up using GET, ie:


so we can probably just change it from REQUEST to GET in our next release.

We’re using SemaphoreCI to handle the building/deployment of our Sage sites, when each deploy finishes it runs:

echo "Updating WP Database"
curl -L -s -S ""

echo "Emptying Cache"
curl -L -s -S ""

This saves us from having to remember to…

  1. Login to the Admin
  2. Click the “Upgrade DB” button (in case of WordPress/plugin updates)
  3. Empty the Cache

…every time we deploy a change to our sites.

If someone does want to implement this same “empty cache” feature with W3TC they can change the WordFence hook to call:

1 Like

Thanks for this!
So, in my custom.php I add this:

// This allows us to automatically empty the cache during deployments
if(!empty($_GET['w3tc_flush_all'])) {
    // Empty the W3 Total Cache
    die('Cache Cleared');

But how or when exactly is this called?
Could I somehow add a call to my Gulpfile.js after file upload since I don’t use deployments yet?

I think this is working:

 * This allows us to automatically empty the cache during deployments
if (!empty($_REQUEST['w3tcEmptyCache'])) {
  // Empty the W3 Total Cache
  if (function_exists('w3tc_pgcache_flush')) {
  die('Cache Cleared');


var emptycache   = require('gulp-open');

// ### Empty Cache 
gulp.task('emptycache', function(cb) {

Just wundering if you need to be logged in to WP for this to execute?

That looks pretty cool, I wouldn’t think you’d need to be logged in for it to work because you’re calling the function directly in your code (but I don’t know enough about W3TC to know for certain).

Something I should make clear, the URL parameter I posted (‘wfCacheClear’) is not the one we actually use in our code, it’s actually something completely different. You may want to change yours to something less easily guessed, the last thing you want is a malicious person writing a bot/script to empty your cache every 5 seconds! An alternative is to use a different value for the parameter which is unique to each of your sites, ie:

if(!empty($_GET['wfCacheClear']) && $_GET['wfCacheClear'] == 'myToken9742') {


There’s a lot of possible places you could call your hook. A deployment service like SemaphoreCI, CodeShip, CircleCI, Travis, PHPCI etc is one way (I literally tried ALL of those with Sage until I settled on Semaphore). If you’re deploying using Git, you could probably call it from a post-receive(?) hook. Not sure about FTP deployments, that’s a little harder.

1 Like

Got it!
I’m trying to add a timestamp on every call like this:

// ### Empty Cache 
gulp.task('emptycache', function(cb) {
  var today    = new Date();
  var yyyy     = today.getFullYear();
  var mm       = today.getMonth()+1;
  var dd       = today.getDate();
  var hh       = today.getHours();
  var ii       = today.getMinutes();
  var cur_time = "" + yyyy + mm + dd + hh + ii;
  .pipe(emptycache({uri: 'http://mydomain.ext/?w3tcEmptyCache=mytoken' + cur_time}));
$cur_time = date('Ymdhi');

if (!empty($_GET['w3tcEmptyCache']) && $_GET['w3tcEmptyCache'] == 'mytoken' . $cur_time) {
  // Empty the W3 Total Cache
  if (function_exists('w3tc_pgcache_flush')) {
  die('W3 Total Cache Cleared');

But the hours differ with 2 hours, so I’m wundering if I need to set my timezone somewhere on my local machine?
if so, where? Would that be an Ansible setting?

Why are you adding a timestamp at all? I don’t see any reason for doing that, it’s just making things much more complicated than you need them to be.
The ‘token’ is more like a password, adding a timestamp won’t make it any more secure. In fact I can pretty much guarantee that you’ll have times when your cache fails to empty because the clocks are slightly out of sync.

Why not just generate a random string and use that? As long as the same code exists in your gulpfile and in your custom function, you won’t have any issues.

Thanks, that’s what I end up doing indeed!
By the way, the function call had to be:


instead of