Fixed: Regenerating an already-cached page was a silent no-op — the generator’s loopback HTTP request was served the existing static file by Apache instead of fresh PHP output, so the cache was overwritten with its own stale content. The .htaccess rules now pass generator requests (identified by the X-Cyclone-Internal header) through to PHP.
Fixed: When a loopback URL is configured, the Host header is now included in the fetch request so Apache can route to the correct virtual host on multi-site servers.
1.1.37
Fixed: Changing Settings → Reading (front page type, front page, or posts page assignments) no longer requires a manual full-site regeneration — those option changes now trigger automatic full regeneration the same way widget and menu changes do.
1.1.36
Fixed: On sites with a static front page and a separate Posts Page (Settings → Reading → “A static page”), publishing, unpublishing, or deleting a post did not queue the Posts Page for regeneration. Only the home page (/) was re-queued, leaving the Posts Page with stale content until the next full-site regeneration. The posts page is now detected automatically and queued alongside the home page whenever post content changes.
1.1.35
Fixed: All cache-serving RewriteRules and the anti-recursion guard now use the [END] flag instead of [L]. The [L] flag ends the current rewrite pass but restarts the engine with the new URL, allowing the WordPress block to match the internal cache-file path and enter a redirect loop. [END] terminates all rewrite processing unconditionally, preventing the loop entirely. Sites with high traffic could accumulate tens of thousands of AH00124 errors per day in the Apache error log.
1.1.34
Fixed: mod_rewrite recursion loop on hosting configurations where the cache directory path does not fall under wp-content — root .htaccess now adds an explicit early pass-through rule for the cache path as a belt-and-suspenders guard against any recursion scenario.
Fixed: No Cache-Control headers were emitted for cached pages, leaving CDN cache TTLs undefined. Compressed variants (Brotli/gzip) now receive public, max-age=31536000, immutable; the plain-HTML fallback receives public, max-age=3600. Existing users: purge your CDN cache after upgrading.
1.1.33
Fixed: On hosts with mod_brotli enabled globally, pre-compressed cached pages were re-compressed on top of the existing gzip encoding when the client sent Accept-Encoding: br, producing a corrupted body that browsers reject with ERR_CONTENT_DECODING_FAILED (blank pages or raw compressed bytes rendered as text). The cache directory’s .htaccess now declares Content-Encoding via AddEncoding in mod_mime’s type_checker phase, which runs before the output filter chain so mod_brotli correctly detects the encoding and skips re-compression. Upgrading installs are migrated automatically on the next request. Remember to purge any CDN cache in front of the site after the upgrade — edge caches may have pinned the bad responses.
1.1.32
Fixed: Mobile browsers (notably Chrome on Android) served cached pages as a “download.tgz” archive instead of rendering them as HTML. Root cause was mod_mime’s type_checker overriding the RewriteRule’s T=text/html based on the .gz / .br file extension; the cache directory’s .htaccess now uses ForceType and per-file Content-Encoding headers scoped by FilesMatch, which survive internal subrequests reliably. Upgrading installs are migrated automatically on the next request.
1.1.31
Fixed: Pre-compressed .gz and .br cache files failed to serve on Apache configurations whose default authz policy denies access under wp-content — the cache directory’s .htaccess now grants access explicitly instead of relying on a blanket “Require all denied” that also blocked internal rewrite subrequests. Upgrading installs are migrated automatically on the next request.
1.1.30
Added: Admin notice for users upgrading from v1.1.28 or earlier — detects the old cache directory (wp-content/cyclone-static) left behind by the cache location change and offers a one-click delete or dismiss
1.1.29
Fixed: Inline <script> in deactivation modal moved to wp_add_inline_script() per WP.org coding standards
Fixed: .htaccess path now uses get_home_path() instead of ABSPATH constant directly
Changed: Default cache directory moved to uploads folder (wp-content/uploads/cyclone-static) per WP.org guidelines
Changed: Custom cache directory setting now restricted to the uploads directory instead of all of wp-content
Added: Deactivation modal — when deactivating the plugin, a prompt now asks whether to keep or delete cached files; dismissing without choosing defaults to keep
Changed: Uninstall no longer silently deletes the cache directory; files are only removed if the user explicitly chose “Delete cache files” at deactivation
Fixed: Settings page fatal error caused by missing PHP closing tag after template variable assignment
1.1.27
Changed: Removed all trialware and upgrade-prompt UI; plugin is now fully functional with no feature gates
Changed: Freemius SDK config updated to reflect free-only distribution on WordPress.org
Fixed: Inline <script> blocks in settings view moved to wp_add_inline_script() per WP.org coding standards
Fixed: Removed load_plugin_textdomain() call (not needed since WordPress 4.6 for WP.org-hosted plugins)
Added: External Services disclosure in readme.txt for Bunny.net, Cloudflare, KeyCDN, and CloudFront
1.1.26
Security: Added missing output escaping on several admin dashboard and pages-list elements (esc_attr on CSS class/style values; esc_html on human_time_diff output)
Security: Added missing wp_unslash() before sanitize_text_field() on bulk-action POST field
1.1.20
Added: Amazon CloudFront CDN support (Pro); WordPress Multisite support (Pro)
Added: Compression status rows in System Info — shows gzip and Brotli availability and whether cached files are present; includes install instructions if php-brotli is missing
Added: Throttle Delay setting — configurable pause between page fetches in a batch to prevent cache generation from affecting live visitors
Changed: Default batch size reduced from 20 to 2 for safer out-of-box behaviour on shared/VPS hosting
Fixed: Plugin update no longer disrupts .htaccess — hooks into upgrader_process_complete to rewrite rules cleanly after each update
Fixed: First-activation redirect now lands on the correct dashboard page
1.1.6
Added: Brotli pre-compression — generates index.html.br alongside index.html.gz when php-brotli extension is available; Apache serves the best variant the browser supports
Added: Comment invalidation — posting or approving a comment now re-queues the parent post for regeneration
Added: Nginx configuration snippet in Settings — collapsible panel with a ready-to-paste server block for Nginx users
Fixed: .htaccess header block now correctly sets Content-Encoding and Vary for both Brotli and gzip responses
1.1.5
Fixed: W3 Total Cache removal guide moved from broken Help tab to a collapsible section on the Settings page
Fixed: Removed dead add_help_tab() calls that were registered too late in the WordPress lifecycle to appear
1.1.4
Fixed: Widget, sidebar, nav menu, and Customizer changes now trigger a full site regeneration — previously cached pages retained stale widget output after any widget edit
1.1.3
Fixed: Dynamic shortcodes settings UI now correctly reflects configuration state
1.1.2
Fixed: .htaccess block now auto-restores if deleted externally (e.g. via Permalinks save)
Fixed: Version stamp check now also verifies block presence, not just version match
1.1.1
Added: Pre-compressed gzip delivery — static pages served as .gz files with reduced server CPU overhead
Fixed: E=no-gzip:1 flag prevents mod_deflate double-compressing pre-compressed files
