• GoDaddy Community
  • Managed WordPress Hosting
  • Managed WordPress Hosting

    cancel
    Showing results for 
    Show  only  | Search instead for 
    Did you mean: 
    Go to solution
    Highlighted

    Blacklisted Managed Wordpress Plugins

    I just need to register some sort of complaint.. somehow. Recently GoDaddy started a list of "Blacklisted Wordpress Plugins" and they are strolling through the websites I have hosted under GoDaddy managed WordPress (around 60 of them) and deleting plugins. This is creating some pretty huge issues and starting to cost me a lot of time and money. Some of the plugins being removed are removed for reasons like (duplicate of another plugin) or (no longer offers support) I don't see how that is really a valid reason to remove something that's essentially none of their business and not hurting anything. Just needed to be heard, hope they change their policy so that there is at least a warning of pending plugin removal, so I hear it from GoDaddy before I hear it from my clients.

    Its not cool.

     

    13 REPLIES 13
    Moderator
    Moderator

    Re: Blacklisted Wordpress Plugins

    Hey @Dannyhacks

    Appreciate you taking a moment to share your feedback here on the Community. 

    First, without knowing the actual plugins you're referring to, it is difficult to say why a given plugin is blacklisted.Our admins actively monitor and usually blacklist a plug-in when it is known to be causing performance problems or duplicates existing features of the platform. The most common are caching & backup plug-ins as these are features already built into the environment.

    To clarify, we don't blacklist plug-ins duplicating another plug-in. Only plug-ins previously mentioned duplicating the environment features. As for plug-ins no longer offering support from their developers, our admins are happy to re-evaluate such plug-ins if they've come back under active development.

    You're always welcome to reach out to our live support so our team can review. If it can't be removed from our listings, our admins may likely have an active alternative they can suggest to use instead. 

    If you share some of the plug-ins you're having trouble with here, maybe another member of the community can suggest a good work around as well? 

     

    CG - GoDaddy | Community Moderator
    24/7 support available at x.co/247support

    Re: Blacklisted Wordpress Plugins

    Thx..Ninjaforms caused the most headaches.
    Product Team
    Product Team
    Solution

    Re: Blacklisted Wordpress Plugins

    Hi Danny, thanks for bringing this up.  We've have the plugin blacklist for a couple years, but the headache you're talking about was a mistake on our part--sorry about that, it was a bad user experience and wasn't our intent.

     

    The plugin blacklist is meant to restrict vulnerable and disruptive plugins from being installed.  It can remove plugins, but that's not the primary intent.  The issue you're talking about was the recent problem with Ninja Forms.  Here's what happened:

     

    The Ninja Forms plugin had a vulnerability.  To protect our customers, we upgraded instances of this plugin to the updated, non-vulnerable version.  After upgrading customers, we intended to only add the vulnerable version to the blacklist.  We made a mistake and instead of only blacklisting the vulnerable version, we also accidentally blacklisted the non-vulnerable version.  Unfortunately, this caused it to be removed from a subset of customer sites and automatically sent out a notice about the action.  This was an error on our part.  Fortunately, we were able to revert the action and fix all affected customer sites, but I know it was still a major headache--sorry about that Danny.

     

    To summarize, here's how it should work: 1) A plugin has a significant vulnerability, 2) we update customers on our Managed platform to protect them, 3) after all customers are upgraded to the new version we blacklist the old vulnerable version so it can't be installed.

     

    That was a long explanation, but hopefully you have a better understanding of what happened now and how things should work.

     

    Again sorry about the bad experience Danny.  If you have any questions let us know--thanks again for the feedback, we love it!

     

    Gabriel A. Mays

    Head of WordPress Products | GoDaddy

    Gabriel A. Mays
    Head of WordPress, GoDaddy
    New

    Re: Blacklisted Wordpress Plugins

    SO I would just like to weigh in on this. I don't think it is the responsibility of GoDaddy to remove plugins that it deems might cause a vulnerability to a owner of a website. That is the responsibility of the owner who is adding that plugin to their wordpress website. (or course unless it is redundant to your cache/etc) That is why there are updates that the developer of the plugin provides when there is a breach or update is needed. If a owner adds a plugin they do it at their risk. I don't see how this is any different than you deciding you don't like the content someone is putting on their site and deciding to make changes because it needs a little editing. 

     

    I was affected by this and by you removing it and adding it back it I am still finding issues with things that are broken that had been working initially. I did not realize this but it has been impacting communication between my clients and my website. So in doing this you have negatively impacted my business. 

     

    Ninja forms plugin, which was able to send out email notifications to users, is no longer functioning and I am unable to track down what has happened.

     

    Just had to air my feelings about your response to Danny.

    Thanks

    Teri

    Product Team
    Product Team

    Re: Blacklisted Wordpress Plugins

    Hi Teri, thanks for the feedback--your frustration is completely justified.

     

    Regarding security, because Managed WordPress is a managed platform we do consider some aspects of security our responsibility--that's common among Managed WordPress hosts.  That said, the experience you had was not intended and was do to an error on our part--I'm very sorry about that.

     

    The Ninja Forms issue you're experiencing is one that we're investigating but haven't been able to narrow down yet.  We're working with the Ninja Forms team to determine where it's in the plugin, in our platform, in the wider networking infrastructure or somewhere else.

     

    I hope this is helpful Teri, thanks again for sharing your experience.

    Gabe

    Gabriel A. Mays
    Head of WordPress, GoDaddy

    Re: Blacklisted Wordpress Plugins

    Ninja Forms have stopped working for me as well - no idea about submissions until manually checking. 

     

    BackupBuddy is also saying they don't work with managed wordpress because of something called "cron."

     

    Can anyone recommend which Forms plug-ins ARE acceptable to GoDaddy?

    And same question for Backups?  We really need backups. I'm losing sleep on this right now. 

    New

    Re: Blacklisted Wordpress Plugins

    The automatic mail on Ninja Forms, Contact Form 7, and WP-Members have all stopped working for me. The forms work, but the mail notifications are not being generated. Please advise how to fix this. Thank you.

    Re: Blacklisted Wordpress Plugins

    It's been my experience with Contact Form 7 that any failure regarding mail notifications involves the target email domain's rejection of the from email (typically @wordpress.com domain), as they tend to think it's not valid. 

     

    Of course, you might not be talking about this, in which case, kindly disregard.

    New

    question about aliplugin

    hello everybody 🙂
    did godaddy WordPress Hosting package support aliplugin e commerce ?

    thanks 

    Your site cannot be backed up because your server doesn't support mysqldump or PDO::mysql. Please co

    Hi, 

    I installed a backup plugin called BackUpWordpress and got this message:

    " Your site cannot be backed up because your server doesn't support mysqldump or PDO::mysql. Please contact your host and ask them to enable them. "

    I did read about mysqldump in the help center but did not understand what exactly should I do in order to have the mysqldump  supported. 

    Can anyone help with this issue?

    Thanks

    Re: Blacklisted Managed Wordpress Plugins

    I am getting the following error when I am trying to migrate a wordpress account hosted by bluehost to my godaddy account.

     

    Cannot install plugins using provided admin account credentials.

     

    GoDaddy support said this is being caused by a blacklisted plugin, but none of my plugins appear in the blacklisted list.  Any help that can be given would be appreciated.

     

    Re: Blacklisted Wordpress Plugins

    I am not with GoDaddy, but your attitude towards vulnerabilities makes me want to stay away from any site that hosts your sites.  The reason is simple.  You don't understand what vulnerabilities are, and what allowing them can do to the people on the same service, and to people who come to your site.  If I am on the same service as you, and you don't care and have your site owned and malware put up, then Google Safe-Browsing might block the address for you, me, and anyone else who shares the service (or probably more accurately the IP address).  Pretty rude.  Then there are the people who come to your site.  If they can get there, and it has had malware loaded onto it, and they get exploited, then you don't care about the people who you are trying to attract to your website.  Again, pretty rude.  This isn't about rights, it is about being a good neighbor.  I also understand that most people don't want the "hassle" of understanding vulnerabilities, implications, etc.  It takes a lot of time.  That is why people pay others to gain the expertise to manage the hassle for them, which is what I believe that you are doing.  Not gaining the expertise to manage things yourself, but complaining about others who have the expertise do it, well ...

    New

    Re: Blacklisted Wordpress Plugins

    I need help what can I do if my website requires wp-postviews to allow my script to work and without it it doesn’t work at all I can’t do anything my script is meant to do since I can’t install the plugin I need is there a way to work around the blacklist or what ? I want to start working on my new site just got my script uploaded and set but if I can’t install the wp-postviews I can’t do anything ?