-
Notifications
You must be signed in to change notification settings - Fork 0
Bext Cloud
Use Cloud mode when WordPress runs somewhere the bext loopback can't reach — e.g. a managed-WordPress host behind a remote bext / bext cloud edge.
Bext → Settings:
-
Mode →
Cloud -
Cloud endpoint URL → the bext origin that serves your site, e.g.
https://www.example.com - Cloud API token → the shared purge secret (see below)
-
Test connection → expect
HTTP 200 from <endpoint>/__bext/health
…or in wp-config.php:
define( 'BEXT_WP_MODE', 'cloud' );
define( 'BEXT_WP_CLOUD_URL', 'https://www.example.com' );
define( 'BEXT_WP_CLOUD_TOKEN', 'a-long-random-secret' );Remote purges are opt-in. Set a token on the bext server; then
POST /__bext/cache/purge-proxy accepts requests carrying a matching
Authorization: Bearer <token> (constant-time compared), in addition to the existing loopback and
admin-JWT paths:
# /etc/default/nginx (or the service EnvironmentFile):
BEXT_PURGE_TOKEN=a-long-random-secretThen fully restart bext so the new env var is loaded (a ZDT/--swap-only swap inherits the
old environment):
sudo ./scripts/deploy-local.sh --legacy-restartThe same value goes in the plugin's Cloud API token. Without the env var set, remote purges are rejected and the endpoint stays loopback/admin-only.
WordPress (remote)
│ POST https://www.example.com/__bext/cache/purge-proxy
│ Authorization: Bearer <token>
│ { "host": "www.example.com", "paths": ["/about/"], "prefixes": [] }
▼
bext edge ──► verifies token (constant-time) ──► invalidate_paths() ──► {"purged":N}
| Feature | Auto | Cloud |
|---|---|---|
| Purge-on-change / manual purge | ✅ loopback | ✅ bearer token |
| Personalization-safe headers | ✅ | ✅ |
| Action Scheduler taming | ✅ | ✅ |
| Dashboard / health | ✅ | ✅ (health via the endpoint) |
| SDK email / jobs | ✅ loopback app-id |
- Use a long random secret over HTTPS; rotate by updating both sides.
- The token authorizes purges for whatever
hostthe request names. Per-tenant scoping (a token limited to one host) is planned; today a token is trusted for any host it names — keep it to a single trust boundary.
See also Security.
bext-wp · GPL-2.0-or-later · Sponsored by webdesign29 & Inklura · bext.dev
Getting started
Features
Reference
Operations