We take measures to maintain the best possible security and performance on your Wordpress sites. These measures include ensuring the themes and plugins being used on sites are kept up-to-date and create no vulnerabilities.
Below we explain what is considered in determining whether a theme or plugin should be disallowed.
Nearly all WordPress themes are compatible, however, some cache-intensive themes may need modifications to work as expected.
We discourage the use of cache plugins on our platform as we already handle caching via NGINX. Beyond caching, we also disallow a small list of plugins that can pose performance problems for our servers, such as high disk and/or database usage.
There are a few other situations which may cause a plugin to be disallowed, such as:
- Ambiguity in developer oversight and/or the plugin’s function.
- We already provide a secure way of doing what the plugin intends to, making the plugin redundant and problematic for our platform.
- It has been revoked on wordpress.org due to unpatched security vulnerabilities.
Aside from being disallowed in the list below, safeguards in our hosting configuration make some plugins incompatible if they are using disabled PHP functions. Things such as proc_open, shellexec, etc. are not allowed for web transactions.
You can view the current list of banned plugins below.
***These plugins are resource hogs and we suggest using Google Analytics instead.
***These plugins conflict with our own robust nightly backups to Amazon S3.
disable plugin updates
sendpress email marketing