What's inside

Everything the edge needs to
cache WordPress safely.

Seven production systems working together: edge rules, purge sync, smart bypass, cache warming, Perma-Cache cleanup, live stats, and WAF bypass. Each one solves a real problem Bunny users run into.

01 / Edge rules

74 rules. One click.
No duplicates.

Bunny's edge behavior lives in pull zone rules, not in your origin server. This plugin writes all 74 of them to your pull zone via API, tracks each by GUID, and redeploys cleanly every time with no stale rules left behind.

One-click deploy. Pushes the complete ruleset to your Bunny pull zone via API in one action.
GUID tracking. Every rule is stored by its Bunny GUID, so redeploys update rules in place without duplicating them.
Enable or disable per rule. Toggle individual rules in the admin UI before deploying.
Covers everything: SSL, WAF bypass, admin bypass, static caching, CORS, security headers, ecommerce, membership, and LMS.
Edge Rules: 74 rules active Deploy Rules
01 Force SSL: HTTP → HTTPS redirect Active
02 Disable Shield & WAF: WP admin Active
04 Bypass cache: logged-in users Active
11 Cache HTML: anonymous visitors Core
12 WooCommerce cart & checkout bypass Active
63 Static files: long TTL + ignore QS Active
67 Security headers (HSTS, X-Frame) Active
74 Trusted IP whitelist: WAF bypass Optional
02 / Purge sync

Your cache plugin purges.
Bunny follows automatically.

Hooks into the purge events fired by your active cache plugin and mirrors them to Bunny's API in real time. Where possible, per-URL purges are used instead of wiping the entire zone, so only stale pages are cleared.

Automatic sync. No manual action needed after publish or plugin update.
Per-URL purge. Supported cache plugins send exact URLs so only changed pages are cleared, not the whole zone.
Manual purge tab. Full zone wipe or wildcard URL purge available directly in WP admin.
Purge log. The last 20 events with timestamp, trigger source, URL, and status.
Purge event flow
Post published WordPress fires transition_post_status
Origin
Cache plugin clears page Fires swcfpc_purge_urls / after_rocket_clean_post
Hook
Bunny API call Purge exact URL, not a full zone wipe
Per-URL
Cache warmer triggered Schedules sitemap crawl for full purges
Cron
03 / Smart bypass

No manual URL entry.
Ever.

The biggest failure mode of edge HTML caching is a cached page that should have been bypassed: a logged-in member seeing someone else's cart, or a checkout page served from cache. This plugin eliminates that by reading bypass rules directly from your active plugins at deploy time.

Auto-detected at deploy time. Checks which plugins are active using class_exists() and defined(), then generates only the rules that apply.
Page IDs from plugin settings. Reads checkout, cart, and dashboard page IDs directly from each plugin’s own option values.
Cookie-based bypass. Session and cart cookies trigger per-visitor bypass at the Bunny edge layer, not at origin.
Multilingual aware. Bypass rules automatically include translated page URLs when WPML, Polylang, or TranslatePress is active.
Bypass rule categories
Core WordPress Rules 1-10
Logged-in users · Admin · WP-cron · REST API · POST requests · Search · XML feeds · wp-admin paths
Ecommerce Slots 12-48
Cart · Checkout · Order confirmation · Session cookies · AJAX endpoints, across 6 platforms
Membership & LMS Slots 49-73
Member dashboards · Student portals · Registration · Login pages, across 13 membership plugins and 9 LMS plugins
Static & performance Slots 62-71
Long TTL for CSS/JS/images · Query string ignore · CORS headers · Security headers
04 / Cache warmer

Edge cache pre-filled
before visitors arrive.

After a full purge, the edge is cold, so the first visitor to each page has to wait for origin. The cache warmer crawls your sitemap in the background via WP-Cron, so the edge is warm and serving cached HTML before real traffic hits.

Triggered after a full purge. Fires automatically when any supported cache plugin clears everything.
SEO plugin sitemap detection. Finds your sitemap automatically across 8 SEO plugins, including Yoast, Rank Math, AIOSEO, and SEOPress, plus the WordPress core sitemap.
Batch size and delay control. A configurable crawl rate so warming doesn’t hammer your origin server.
Custom sitemap URL. Override auto-detection if your sitemap lives at a non-standard path.
Cache warmer Running
Crawling sitemap_index.xml 72 / 124 URLs
https://example.com/
https://example.com/about/
https://example.com/blog/
https://example.com/blog/edge-caching/
https://example.com/blog/bunny-cdn-setup/
https://example.com/contact/
https://example.com/pricing/
05 / Perma-Cache cleanup

Stale Perma-Cache files
cleared immediately.

Bunny's Perma-Cache writes edge-cached HTML to a Bunny Storage zone as a permanent backup. Without this plugin, purging the CDN doesn't remove those files, so stale HTML can re-enter the cache from storage. This plugin deletes them right after every full purge.

Fires after every full purge. No manual action, no TTL wait.
Lists and deletes via the Storage API. Enumerates all files in the Perma-Cache path and removes them in bulk.
Configurable via constants. Lock the storage zone name, password, and region in wp-config.php so they never touch the database.
9 storage regions supported: Falkenstein, London, New York, LA, Singapore, Stockholm, São Paulo, Sydney, and Johannesburg.
Perma-Cache cleanup
247
Files found
247
Deleted
1.4s
Duration
/__bunny_perma_cache__/example.com/index.html Deleted
/__bunny_perma_cache__/example.com/blog/index.html Deleted
/__bunny_perma_cache__/example.com/about/index.html Deleted
Cleanup complete, 0 stale files remain Done
06 / Live CDN stats

Your CDN performance,
inside WordPress admin.

Pulls live pull zone analytics from the Bunny API and surfaces them directly in your WordPress dashboard, so there's no need to log into the Bunny panel to check if caching is working.

Cache hit rate. The percentage of requests served from edge versus origin.
Bandwidth breakdown. Total traffic, cached traffic, and origin traffic.
DNS zone stats. Request volume and resolution data when a Bunny DNS zone is configured.
Cache sync status. Shows the last purge time and source so you know the edge is current.
Pull zone analytics, last 30 days
94.3%
Cache hit rate
18.4 GB
Bandwidth served
1.2M
Total requests
73k
Origin requests
Daily requests, last 14 days
07 / WAF bypass

Trusted IPs skip Bunny's
Shield inspection.

Bunny Shield's WAF inspects all inbound traffic for threats, but that can cause false positives for SaaS callbacks, payment gateway IPs, office networks, and staging servers. This feature lets you define a list of trusted IPs or CIDR ranges that bypass Shield inspection entirely.

IP and CIDR support. Individual addresses or ranges, one per line in Settings.
Auto-batched. Bunny’s API limits each rule to 5 IP patterns, so the plugin splits your list into batches of 5 automatically.
Role-scoped admin bypass. A separate wpbc_role cookie limits WAF bypass on wp-admin paths to selected user roles only.
Takes effect on next deploy. Changes to the IP list are applied the next time you click Deploy in the Edge Rules tab.
Inbound request handling
203.0.113.45 (Payment gateway) Matches trusted IP whitelist
WAF bypass
10.0.0.0/8 (Office network) CIDR range match
WAF bypass
Admin logged in (Editor role) wpbc_role cookie present
WAF bypass
Unknown visitor No match. Shield inspects normally
Inspected
Compatibility

Two known conflict cases.

This plugin is compatible with every major WordPress plugin tested: security, consent, membership, cache, and more. Two edge cases are worth knowing about before you install.

Cache plugins with their own CDN layer
Some cache plugins bundle their own cloud CDN. Running that CDN alongside Bunny as a proxy creates a double-CDN conflict where both layers attempt to cache the same HTML. If the plugin's CDN component can be disabled independently, there is no conflict, only the optimization features are affected.
Cache plugins with a built-in Bunny integration
A small number of cache plugins include their own native Bunny pull zone integration. If that integration is active alongside this plugin, both will attempt to manage the same pull zone; purging, rule deployment, and settings may conflict. Use one or the other, not both.

One plugin. Everything Bunny
needs to cache WordPress.

Free on WordPress.org. No Nahnu account required. Install it, connect your API key, deploy the rules, and you're done.

Free forever • GPL-2.0+ • WordPress.org • Tested with WordPress 7.0

This website uses cookies to enhance your browsing experience and ensure the site functions properly. By continuing to use this site, you acknowledge and accept our use of cookies.

Accept All Accept Required Only