WordPress Has Again Closed Plugins
You've no doubt heard here on WA about limiting your use of plugins. The standard reasoning is because using numerous plugins can reduce page load speeds. And that is correct. But that's not all of it.
The larger problem with the plugins that are used is the code that is injected into your site - and WA - due to these plugins. Don't get me wrong - WA has some of the best security around. But using bad plugins, aka code, puts your site at risk. And I don't mean just risk of looking stupid, but backdoor hacking that places your site visitors at risk as well.
Today Wordfence announced that three more plugins have been removed from the WordPress Repository. Their explanation is as follows: "The WordPress Repository has closed three plugins because they contained content-injection backdoors. “Closing” a plugin means that it is no longer available for download from the repository, and will not show up in WordPress search results. Each of them had been purchased in the previous six months as part of the same supply chain attack, with the goal of injecting SEO spam into the sites running the plugins."
The three plugins I am referring to today are Duplicate Page and Post, No Follow All External Links, and WP No External Links. By the way friends, by following the training here and utilizing other resources, you will not even need plugins to achieve what these three claim to do. And you won't jeopardize your site health.
I share this, not to be alarming, but to educate. Many here at WA are new to site design, and it's easy to see a Plugin that looks cool with all kinds of shiny bells and whistles. I have mentioned before, and will continue to emphasize, that if you are considering adding a plugin, please consider these three points prior to downloading and/or installing into your site:
1) Make sure the plugin is from a trusted author. That means someone that has written more than one plugin, and preferably a person/company who has successfully written many.
2) If the version is 1.0 or is a plugin with low number of installations and/or reviews, step away from the plate and do not swing. Why in the world would you jeopardize your site with bad code written by a newbie? More info here on good practices.
https://my.wealthyaffiliate.co...
https://my.wealthyaffiliate.co...
3) Following the instructions on the links above will make sure that you protect your sites, your hard work, and your reputation.
4) Make sure that the plugin you are considering has been tested with your current version of WordPress.
Set up a sample SiteRubix site to experiment on. It will help you with themes, plugins, and growth. Use proven plugins rather than experimenting with the unknown. Learn, grow, and succeed. That's all I got. Peace friends! :-)
Recent Comments
58
It's good to have some sound fear (nice oxymoren, yeah?) and not to download anything you don't know about, or ask, and double ask people who know better...Which I am doing...haha..
Thanks, Bob. It's a privilege to have such knowledgeable people like you are in the community.:)
Yes ma'am, you are correct! And thank you, as always, for the kind complements. Peace Miss Vera! :-)
Sure... One of my gifts which includes ability to laugh at myself, too. Life is much cooler this way.:-)
Do what? Come along and laugh with a Southern Boy! haha Prayers for your happiness and success, that you realize your true potential, and that you Know how you bless others. Thank you Miss Vera! :-)
Awww... Thanks much... Can always use all the prayers. You stay blessed, too! And may God be constantly increasing His presence in your life.:-)
Hi Bob, thanks for the information and leaving the names of the 'tainted' plugins.
We don't know what plugins can bring along with them when we don't check them out.
Thanks for sharing :)
Quick question...if I want to delete a plugin, do I need to just deactivate it, or do I need to something to the code also? I hate messing with the code!
Deactivate and then delete. I also use Updraft Plus to perform a backup when making major changes, and will publish a post on that within the next week.
Bob, thanks for bringing this up and watch out for snow late this week. Happy New Years. Jay
See more comments
Thanks for this information I wasn't fully aware of. Very helpful!
No worries Miss Cindy, some of it was released today.