Are there any WordPress plugins banned on your network?
ANSWER: Yes, there is an ever-evolving list of WordPress plugins that we “ban” from our servers for reasons of security and performance; in most cases these plugins can actually be installed for a short amount of time, however, our network cron jobs will automatically delete such plugins several times each day. This approach allows our clients to test a certain plugin if they like, while enforcing a cleanup policy that protects our clients from risky software.
Initially when we launched LittleBizzy, we sought to avoid banning any WordPress plugins. The reason for this is that we didn’t want to manipulate open-source software like WordPress into our own proprietary hosting environment in such a way that discriminated against certain plugins, or in a way that “betrayed” the spirit of open-source collaboration between various individuals, teams, and businesses. However, over time we’ve concluded that quite often it’s not web hosts doing the betraying, but rather some of the very poor plugins out there; that is, when certain WordPress plugins negatively affect the security and performance of your website in a measurable way, or when the goal of a plugin is to “mislead” or even scam WordPress webmasters, then frankly it is such players that are to blame for any bad blood — not us!
Ultimately, while our underlying network security can’t be beat — every single website in our network is placed on it’s own VPS server, without fail — we eventually felt compelled to extend our stated mission of being the “best managed WordPress hosting in the world” into the arena of so-called plugin regulation, because of the drastic side effects involved when installing these little firecrackers. After all, just because Client A is isolated from Client B, it doesn’t mean that we’ve provided the most optimized hosting environment possible. On the contrary, our main goals — speed, stability, and security — surely don’t start and stop with just the server stack, so arguably neither should our management.
The above list will continue to evolve constantly. In particular, we seek to rid our clients of any plugins that are using deprecated code, hurt website accessibility, can be linked to DDOS or other similar attacks, generate email spam, or otherwise degrade the overall speed, stability, and security of your WordPress website.
If you find another WordPress plugin that you think we should consider “banning” for whatever reason, or if you’d like us to reconsider a plugin that is currently banned, please let us know anytime.
- Mar 2018: wp-trackback.php, wp-links-opml.php
- Feb 2018: BlogVault, Updraft, various backup plugin folders
- Feb 2018: moving toward a “no backup plugins” policy
- Are there any banned file extensions on your servers?
- Which security plugin(s) do you recommend?
- Which plugins do you recommend?