NEW! Subscribe to our email newsletter » NEW! Subscribe to our FREE email newsletter to receive updates »

Blacklisted WordPress Plugins

The Plugin Blacklist plugin is included by default in SlickStack, but is not a required “core” MU plugin.

However, there are certain categories of WP plugins that will still be force-deleted by the ss-clean Bash script in SlickStack for reasons of security and stability. We try to keep this list relatively slim, to avoid overly controlling the stack customization of each team or agency. However, the philosophy of SlickStack in some cases is clear, and we want to establish best practices for the DevOps community at large when it comes to LEMP cloud servers and WordPress. These are the auto removed plugin categories below:

The goal of SlickStack is to reinforce the benefits of open source software, such as portability and integration, and help small businesses avoid plugins that are misleading, insecure, or otherwise cause instability in various forms.

Keep in mind that this blacklist approach is nowhere near fool-proof. Determined developers can find a way to rename and activate plugin folders, classes, and functions, so that our blacklist cannot detect them properly. But well-meaning users who trust our judgement will see a very clear warning in regard to above categories.

How we maintain both HTTP and HTTPS mirrors

GitHub Pages is an awesome feature that came out a few years ago on GitHub to allow for basic, static-file HTML websites to be hosted free of charge on GitHub. It can be a bit confusing to understand in the beginning, because you must connect one of your repos to be used for a given […]

Native Staging Sites (Optional) In Subdirectory

For the past several weeks, SlickStack has been testing our new Staging Site feature and it is now live on all SlickStack installations. If you use another staging service or simply don’t use staging at all and wish to disable staging sites, simply change your ss-config options to be STAGING_SITE=”false” and it will later remove […]

Adminer Bundled For Easy MySQL Management

The very lightweight Adminer script is now included by default in all SlickStack installations, hosted as a single adminer.php file under the /var/www/meta/ directory. This “hidden file” approach means a cleaner public web root, and less room for attacks and exploits. It uses the Nginx alias feature to point requests to example.com/adminer to the /var/www/meta/adminer.php […]