Disallow WordPress Plugins

Disallowed WordPress Plugins

This article details the list of WordPress plugins that are not allowed to be installed on our managed hosting and explains the reasoning behind this.
The list last updated at: 2016-06-30


The logic behind things

There are currently over 40,000 plugins in the WordPress plugins directory, out of which there are only a few that we do not allow on our managed storage server, so chances are that if you want to use a particular plugin you can go ahead and use it!

But what about the WordPress plugins that aren’t approved for use on our server? As a matter of fact, these can be divided into several groups based on the reasons for which they are disallowed.
The first such group consists of plugins that offer some of the services we already offer our customers as the products we provide go above and beyond to meet all the needs our customers might have.


Plugins list

Caching plugins

Most common cache plugins do not work with our advanced server settings (specifically designed to work with WordPress sites).
In fact, we cannot allow them to operate in parallel with the solution we offer.
As soon as our system detects that one of the above mentioned plugins is installed on your WordPress site, it will alert you about turning it off.

  • WP Super Cache
  • WP File Cache
  • W3 Total Cache
  • Wp Cache Fastet

You can rest easy! We've already provided you with an equally good alternative. We provide our customers with the best cache plugin currently out there:

Besides, there’s no reason for you to be concerned about the performance of your WordPress site. That's our job. After all, the excellent performance we deliver is doubtlessly the main reason you chose us as your storage provider.


Backups plugins

If you feel safer using a WordPress plugin for additional backup services, in general we recommend this plugin:

We offer this plugin to all of our customers at no extra cost, the plugin can be installed through our recommended plugins library in the admin panel.
In general, we do not recommend using backup extensions of any kind. They are positively unnecessary because they replicate our built-in backup system, consume a large amount of disk space, and usually store the backup files in an unsecured location.

Not only that, most backup plugins run their backup scripts at the wrong time. They can greatly slow down the connection with the database.

  • WP DB Backup
  • WP DB Manager
  • BackupWordPress
  • VersionPress

If you should have any questions about the uPress backup system installed on your website, you are more than welcome to address it to our technical support team by the following Support Center link.
Our support team will be happy to answer your questions and offer assistance whenever necessary.


Server & Mysql optimization plugins

There is another set of plugins that we do not allow customers to use for the simple reason that they overload our storage servers and create an impractical number of MySql queries.

  • Broken Link Checker
  • MyReviewPlugin
  • LinkMan
  • Fuzzy SEO Booster
  • WP PostViews
  • Tweet Blender
  • Related Posts

Almost all "Related Posts" add-ons suffer from the same basic MySql, search and indexing problems.
All of these issues make the plugins themselves a waste of MySql resources. The currently disallowed "Recent posts" plugins are:

  • Dynamic Related Posts
  • SEO Auto Links & Related Posts
  • Yet Another Related Posts Plugin
  • Similar Posts
  • Contextual Related Posts

There are quite a few alternatives for implementing a “Related Posts” feature on your site by using external servers, such as:

If you are interested in a "Related Post" service for your WordPress site, our recommendation is to consider using one of the listed services.


Security plugins

uPress does everything to prevent hacking and suspicious attempts to access your site.
Our Web Firewall system is capable of detecting tens of thousands types of attacks and security breaches, including the latest and most sophisticated ones among them, and immediately block them in order to protect your site.
Of course, you can view and manage all the security data that has accumulated in the system, make changes to the security level, and even block specific IP addresses of your choice.
Using security extensions is thus inefficient, creates security duplicates, and affects site performance, so we do not allow the following extensions:

  • WordFence
  • iThemes Security
  • Security Ninja
  • All in One WP Security & Firewall
  • Sucuri Security
  • AntiVirus For WordPress
  • BulletProof Security
  • Shield WordPress Security

If your site has been hacked in the past, it probably still contains an existing security breach.
With the tool we’ve developed, you can secure your site once and for all and address the root of the security problem on your WordPress site.

Another type of security plugin is one that provides protection against failed login attempts to your site – also known as Brute Force Protection.
These plugins are less effective because they deal with bots trying to enter user names and passwords taken from a database that feeds them until they are lucky enough to hit the right login details.
The above mentioned plugins identify the hacking attempts and block the WordPress site, but the robots are still trying to access the site and enter login information, and are therefore still overloading the site’s resources with server requests.

  • WP Limit Login Attempts
  • Limit Login Attempts
  • Login LockDown
  • Brute Force Login Protection
  • WPSecureOps Brute Force Protect
  • Anti-Malware Security and Brute-Force Firewall
  • BruteProtect
  • Cerber Limit Login Attempts
  • Login Security Solution

With a unique security plugin that we've developed - which works very much like the plugins we’ve just described – bots that have been identified by the plugin as a "hacking attempt" at the server level will not be able to access the site at all, which will save your WordPress site’s resources.
You can install the plugin through the admin panel > Select the desired site > WordPress tab > Install recommended plugins.

  • WeSafe - Join Hands Together

Extra plugins

In addition there are several plugins which don't fit in any category but after some consideration we decied should not be allowed.

  • WP phpMyAdmin - Is not allowed due to a very serious security breach. In any case we give PhpMyAdmin access to every hosted website.
  • EWWW Image Optimizer - Is not allowed due to a security breach. We provide an alternative solution with a license for WP-Smush Pro plugin
  • TimThumb - Older version of TimThumb are known to have a security breach. If you use an older version you must upgrade to the latest TimThumb version available.


In conclusion

We do not intend in any way to say the plugins in this list are bad or should not be use,
Most of these plugins are very good, but each plugin has it uses.
Our only considiration is to provide our customers the best user experienc and the option to expand and devlop their WordPress websites.

As for the insecure plugins, our team of experts scanned each extension and when there is a suspicion that a plugin might endanged our customers we add it to the unapproved list.
Despite this we are still happy to re-check the plugins and if it was updated and fixed the security holes or other problem we had with the plugin - it will be allowed.

In any case, we are positive we provide a proper alternative for any not allowed plugin in this list.
If you have any questions about this list, please contact us. We are happy to answer any question you might have.

uPress Team.