Comments (3)
jessuppi
commented on July 29, 2024
@Bronislawsky Thanks for the suggestion. In all likelihood, there will always remain a certain list of plugins that are "hardcode" disallowed to avoid conflicts with SlickStack. The question is more really defining the categories of plugins that this applies to, which is a work in progress:
https://slickstack.io/faq/blacklisted-plugins
It is a balance trying to keep things as open as possible by default, while still settling on a philosophy and best practices that SlickStack wants to evangelize.
SMTP plugins might be one category that we end up allowing again since it speaks toward avoiding censorship and email API monopolies. Others, like cache plugins, will always be deleted.
from slickstack.
jessuppi
commented on July 29, 2024
An update on this:
Several days ago, we finalized our "policy" on this, at least for a while... but first, some background.
After more users complained about certain WordPress plugins being force-deleted in SlickStack despite them having disabled the blacklist.txt (or using a custom blacklist.txt), we introduced a temp fix last year with an option in ss-config that was called SS_CLEAN_FILES_WORDPRESS_PLUGINS so that this function could be disabled.
However, after more discussions and consideration, we have removed this option, and decided the following:
- force-deleting certain WordPress plugins can no longer be disabled in SlickStack
- there will be no integration with the blacklist.txt feature, since this is both technically very difficult to achieve, but also because these two features now serve more distinct purposes
- going forward, SlickStack will only force delete plugins that fall into these categories:
- Malware
- Exploitable (this generally refers to deprecated plugins with known security problems that are no longer being patched or updated by the author)
- Database Thrashing (plugins that are known to cause servers to crash, also usually deprecated)
- Unresolvable Conflicts which refers to plugins that inherently conflict with SlickStack
This greatly narrowed and better defined scope should help avoid confusion in the future.
Keep in mind, for future readers of this thread, there are certain plugins we consider to "conflict" with SlickStack even if there are no fatal errors, such as cache plugins or "hide wp-login" plugins.
Remember that our project doesn't aim to be everything to everyone, we want to create a lightweight WordPress stack with server-level caching and security features that is as open as possible, while still reducing common bloat. If a server-level feature can be done more reliably using commonly agreed methods, we will usually prefer that over a plugin.
Community feedback on our blacklist.txt and the plugins we force delete is always welcome.
Further comments are welcome here anytime, thanks!
from slickstack.
jessuppi
commented on July 29, 2024
By the way, there are too many commits to reference in this Issue, but future readers can check here:
Ref: https://github.com/littlebizzy/slickstack/blob/master/bash/ss-clean-files.txt
from slickstack.
Related Issues (20)
- Migration slickstack between VPS to VPS HOT 1
- change php version and Install ioncube loader HOT 4
- Install freeze on Running ss-install-redis-packages... HOT 3
- Website very slow loading inside apps ios HOT 3
- CERT_AUTHORITY_INVALID After install HOT 1
- SUDO_USER and SFTP_USER validation check to avoid conflicts? HOT 2
- Perform custom tasks during certain SlickStack scripts HOT 1
- Invalid user mysql:mysql error when using remote database HOT 1
- Ensure more privacy for openssl cert generation. HOT 11
- SS_ADMINER_PUBLIC="false" does not work as intended. HOT 9
- Allow tuning of PHP8 JIT settings (opcache.jit options in php.ini) HOT 4
- Cloudflare real visitor IP support in Nginx config HOT 18
- Option to allow only Cloudflare IPs to connect to origin server HOT 2
- OpenVZ PHP-FPM "Unable to set priority for the master process: Permission denied" HOT 9
- Support for custom Permissions Policy HTTP header in Nginx HOT 6
- Improve WP-Cron robustness for Multisite environments HOT 3
- Scanning WordPress core files to check if intact or broken HOT 4
- Redirect .php extension to WordPress if not exists HOT 4
- Why deny /wp-admin/load-styles.php and /wp-admin/load-scripts.php? HOT 3
- Nginx access log enabled by default but nginx.conf says not HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from slickstack.