Description
WebPush Hub by CTIMEXICO allows your visitors to subscribe to native browser push notifications with a single click. Every time you publish new content, they receive an automatic notification on their mobile or desktop device, without needing to provide an email address or create an account.
How it works
- A few seconds after landing on your site, the visitor sees a small popup in the bottom-right corner asking if they want to receive alerts about new content.
- If they accept, the browser displays its native permission dialog.
- From that point on, every time you publish a post, all active subscribers receive a native push notification on their device.
Main features
- No email addresses or user registration required
- No dependency on third-party services such as OneSignal or Firebase
- Compatible with Chrome, Firefox, Edge and Safari (iOS 16.4+)
- Fully customizable popup: text, background color and text color
- Site favicon displayed inside the popup
- Admin panel with active subscriber count
- Test notification button in the admin panel
- Automatic sending when any post is published
- Expired subscriptions are removed automatically
- Full WordPress Multisite support
- Each subsite can be individually activated or paused
Technical implementation
The plugin implements the VAPID protocol (RFC 8292) and aes128gcm encryption (RFC 8291) natively using only standard PHP extensions, with no additional libraries or Composer required.
Server requirements
- PHP 8.1 or higher
- PHP extensions: openssl, curl, json, mbstring (available by default on any modern hosting)
- WordPress installed with active HTTPS (required for Service Workers)
Important Notes
WordPress Multisite
This plugin is optimized for multisite environments. When activated network-wide, it automatically configures the database and VAPID keys across all existing subsites without any manual intervention. Each subsite maintains its own subscriber list and its own configuration.
To pause the plugin on a specific subsite without uninstalling it, simply uncheck the “Enabled on this site” option under Settings > Push Notifications on that subsite. This stops the popup and notification sending only for that site, without affecting the rest of the network.
Cache plugin compatibility
If your installation uses cache plugins such as WP Super Cache or Autoptimize, you must clear the cache after installing or updating the plugin for the changes to take effect.
From the WordPress dashboard:
- WP Super Cache > Settings > WP Super Cache > click “Delete Cache for All Blogs”.
- Autoptimize > Settings > Autoptimize > click “Save Changes & Empty Cache” (no changes needed, just save).
Via SSH terminal (recommended for multisite):
sudo rm -rf /path/to/wordpress/wp-content/cache/supercache/*
sudo rm -rf /path/to/wordpress/wp-content/cache/autoptimize/BLOG_ID/*
Replace BLOG_ID with your subsite identifier number (for example, 3 for the third subsite in the network).
Recommended Autoptimize configuration
Autoptimize can interfere with the plugin if the inline JS deferral option is enabled. To avoid issues, choose one of these options under Settings > Autoptimize > JavaScript:
- Disable the “Also defer inline JS” option, or
- Keep it enabled and add
MNPushto the “Exclude scripts from Autoptimize” field.
External Services
This plugin communicates with third-party browser push notification services to deliver notifications to your subscribers. No additional server is required on your end — the only cost is that when you publish a post, your WordPress site makes one HTTP request per subscriber to the browser vendor’s push service. With a few thousand subscribers, this is negligible.
The following external services may receive data when notifications are sent:
Google Firebase Cloud Messaging (FCM)
Used to deliver push notifications to Chrome and other Chromium-based browsers.
Data sent: encrypted notification payload, subscriber endpoint URL.
Sent when: a new post is published and Chrome users are subscribed.
– Terms of Service: https://firebase.google.com/terms
– Privacy Policy: https://policies.google.com/privacy
Mozilla Push Service
Used to deliver push notifications to Firefox browsers.
Data sent: encrypted notification payload, subscriber endpoint URL.
Sent when: a new post is published and Firefox users are subscribed.
– Terms of Service: https://www.mozilla.org/en-US/about/legal/terms/firefox/
– Privacy Policy: https://www.mozilla.org/en-US/privacy/firefox/
Apple Push Notification service (APNs)
Used to deliver push notifications to Safari browsers on iOS 16.4+ and macOS Ventura+.
Data sent: encrypted notification payload, subscriber endpoint URL.
Sent when: a new post is published and Safari users are subscribed.
– Terms of Service: https://developer.apple.com/terms/
– Privacy Policy: https://www.apple.com/legal/privacy/
All notification payloads are end-to-end encrypted using the aes128gcm standard (RFC 8291) before being sent to any external service. The browser vendor cannot read the content of the notifications.
Screenshots
Subscription popup appearing in the bottom-right corner of the site 
Administration panel showing plugin status, active subscriber count and popup customization options 
Native push notification received in the browser after publishing a post
Installation
Standard installation
- Go to Plugins > Add New > Upload Plugin in your WordPress dashboard.
- Select the plugin ZIP file and click Install Now.
- Activate the plugin.
- Go to Settings > Push Notifications.
- If VAPID keys were not generated automatically during activation, click Generate keys now.
- Customize the popup text and colors as desired.
- Done! The popup will start appearing for new visitors.
WordPress Multisite installation
- Activate the plugin network-wide from Network Admin > Plugins > Network Activate.
- The plugin will automatically create the required database tables and generate VAPID keys for each existing subsite.
- New subsites are also configured automatically when created.
- Each subsite can be managed independently from its own Settings > Push Notifications panel.
FAQ
-
Does the plugin work without HTTPS?
-
No. Service Workers, which handle push notification delivery in the browser, require a secure connection (HTTPS) to function. Most hosting providers include a free SSL certificate through Let’s Encrypt.
-
Which browsers are supported?
-
The plugin is compatible with Chrome, Firefox, Edge and Opera on desktop and Android. On Apple devices, it works with Safari on iOS 16.4 or later and macOS Ventura or later.
-
What happens if I regenerate the VAPID keys?
-
VAPID keys identify your site to the browser push notification servers. If you regenerate them, all existing subscriptions will become invalid and users will need to subscribe again. For this reason, keys should be generated only once and preserved.
-
Can I customize the popup appearance?
-
Yes. From Settings > Push Notifications you can modify the title, description, button text for accept and dismiss, popup background color, text color and the delay before the popup appears after the page loads.
-
Is it compatible with WordPress Multisite?
-
Yes, the plugin is designed for multisite environments. When activated network-wide, it automatically configures all subsites. Each subsite has its own subscriber database, its own settings panel and can be paused independently without affecting the rest of the network.
-
The popup does not appear after installing the plugin. What should I do?
-
The most common cause is a cache plugin serving an older version of the HTML, prior to the plugin installation. To resolve this:
- Clear the cache in WP Super Cache from Settings > WP Super Cache.
- Clear the cache in Autoptimize from Settings > Autoptimize > Save Changes and Empty Cache.
- In Autoptimize > JavaScript, disable the “Also defer inline JS” option, or add
MNPushto the exclusions field. - Reload the site using Ctrl+Shift+R to force a browser cache refresh.
-
The settings are not saving correctly. What could cause this?
-
Make sure the VAPID keys are generated under Settings > Push Notifications. If they were not generated during activation, click the “Generate keys now” button. Without active VAPID keys, the plugin does not inject its code into pages and the settings form may not behave correctly.
-
What happens to subscriptions that expire?
-
When a browser push server (Google, Mozilla, etc.) reports that a subscription is no longer valid through a 404 or 410 response code, the plugin automatically removes it from the database. No manual maintenance is required.
Reviews
There are no reviews for this plugin.
Contributors & Developers
“WebPush Hub by CTIMEXICO” is open source software. The following people have contributed to this plugin.
Contributors
Translate “WebPush Hub by CTIMEXICO” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
1.3.0
- Renamed to WebPush Hub by CTIMEXICO
- Replaced inline scripts with wp_enqueue_script and wp_add_inline_script
- Added External Services documentation section
- Improved documentation and readme
1.2.1
- Added toggle to individually activate or pause the plugin on each subsite
- Fixed a bug that prevented popup colors from saving when the status checkbox was unchecked
1.2.0
- Full WordPress Multisite support
- Automatic database table creation and VAPID key generation across all subsites on network activation
- Added popup text color selector
- Fixed encoding of special characters in default text strings
1.1.0
- Added popup background color selector
- Site favicon now displayed inside the popup
- Updated author information to CTIMexico / ctimexico.com
1.0.0
- Initial release
- Native Web Push Notifications with VAPID implementation, no external dependencies
- Customizable popup with configurable text
- Admin panel with subscriber counter and test notification sending
- Automatic notification sending when a post is published
- Service Worker included for browser notification management