WordPress Has Again Closed Plugins

Last Update: December 27, 2017

You've no doubt heard here on WA about limiting your use of plugins. The standard reasoning is because using numerous plugins can reduce page load speeds. And that is correct. But that's not all of it.

The larger problem with the plugins that are used is the code that is injected into your site - and WA - due to these plugins. Don't get me wrong - WA has some of the best security around. But using bad plugins, aka code, puts your site at risk. And I don't mean just risk of looking stupid, but backdoor hacking that places your site visitors at risk as well.

Today Wordfence announced that three more plugins have been removed from the WordPress Repository. Their explanation is as follows: "The WordPress Repository has closed three plugins because they contained content-injection backdoors. “Closing” a plugin means that it is no longer available for download from the repository, and will not show up in WordPress search results. Each of them had been purchased in the previous six months as part of the same supply chain attack, with the goal of injecting SEO spam into the sites running the plugins."

The three plugins I am referring to today are Duplicate Page and Post, No Follow All External Links, and WP No External Links. By the way friends, by following the training here and utilizing other resources, you will not even need plugins to achieve what these three claim to do. And you won't jeopardize your site health.

I share this, not to be alarming, but to educate. Many here at WA are new to site design, and it's easy to see a Plugin that looks cool with all kinds of shiny bells and whistles. I have mentioned before, and will continue to emphasize, that if you are considering adding a plugin, please consider these three points prior to downloading and/or installing into your site:

1) Make sure the plugin is from a trusted author. That means someone that has written more than one plugin, and preferably a person/company who has successfully written many.

2) If the version is 1.0 or is a plugin with low number of installations and/or reviews, step away from the plate and do not swing. Why in the world would you jeopardize your site with bad code written by a newbie? More info here on good practices.

https://my.wealthyaffiliate.co...

https://my.wealthyaffiliate.co...

3) Following the instructions on the links above will make sure that you protect your sites, your hard work, and your reputation.

4) Make sure that the plugin you are considering has been tested with your current version of WordPress.

Set up a sample SiteRubix site to experiment on. It will help you with themes, plugins, and growth. Use proven plugins rather than experimenting with the unknown. Learn, grow, and succeed. That's all I got. Peace friends! :-)

Join the Discussion
Write something…
Recent messages
1signbanner Premium
Ok Bob will do, thanks!

Frank
Reply
SurfsideBob Premium
My pleasure Frank, peace bro! :-)
Reply
PatsyC Premium
Hi Bob, thanks for the information and leaving the names of the 'tainted' plugins.

We don't know what plugins can bring along with them when we don't check them out.

Thanks for sharing :)
Reply
SurfsideBob Premium
My pleasure Patsy! :-)
Reply
MKearns Premium
Thanks for exposing the ulterior reasons for WA shunning excessive plugins Bob!
Reply
SurfsideBob Premium
My pleasure Mike, always thankful for your input as well. Peace bro! :-)
Reply
suzzziq Premium
Thanks for the share, Bob:). Good info. to know!
Blessings:)
Suzi
Reply
SurfsideBob Premium
My pleasure Suzi, you're welcome! :-)
Reply
suzzziq Premium
Quick question...if I want to delete a plugin, do I need to just deactivate it, or do I need to something to the code also? I hate messing with the code!
Reply
SurfsideBob Premium
Deactivate and then delete. I also use Updraft Plus to perform a backup when making major changes, and will publish a post on that within the next week.
Reply
suzzziq Premium
Great, thanks!
Reply
subcpo14 Premium
Bob, thanks for bringing this up and watch out for snow late this week. Happy New Years. Jay
Reply
SurfsideBob Premium
My pleasure bro, and I don't like 4-letter words like "snow." lol
Reply
Top