WordPress.org

Ready to get started?Download WordPress

Forums

How to disallow certain plugins from being installed? (10 posts)

  1. Ampix0
    Member
    Posted 1 year ago #

    Hey all, I and a partner are starting a hosting company. On one of our plans we would like to disallow the ability to install certain plugins for various reasons. We will have access to all files on the server obviously and we could ask people not to use certain plugins, we just feel it would be better if they aren't given the chance.

  2. Only SuperAdmins can install Plugins so ... don't make people super admins, then they can't install plugins :)

  3. Ampix0
    Member
    Posted 1 year ago #

    Well I do want them to be able to install plugins. just not a certain few. Such as buddy press

  4. Are you sure you want them to be able to install plugins?

    What about just activate ones you've installed?

    Because Multisite does not permit per-sites to install plugins, just activate them.

  5. Ampix0
    Member
    Posted 1 year ago #

    I want to give them the entire freedom of owning a wordpress site, I just need to make sure that they dont start a video streaming service, or create a forum using one of the wordpress forum plugins. I could always monitor this myself it would just be nice to somehow block these plugins on my server. I wonder if I write in the .htaccess file to block the url of the exact plugin page on wordpress.org if it will not show up when a wordpress installation on the server searches plugins.

  6. Multisite does not permit individual site owners to install plugins at all.

    I don't know how to make this more clear. They can't do it at all unless you make them super admins. You, the super admin, are 100% in charge of installing any and all themes and plugins. The site admins cannot do this.

  7. Ampix0
    Member
    Posted 1 year ago #

    No I completely understyand that I am saying I DO WANT them to be able to do that. I NEED them to be able to install their own plugins and themes. There is a list of maybe 5 single plugins I dont want them to have access to. not all of them, just a few.

  8. Curtiss Grymala
    Member
    Posted 1 year ago #

    It sounds like you will not be able to use a WordPress Multisite installation; you'll need individual installations of WordPress instead. As Mika pointed out, there is no way to allow regular site admins to install plugins in a multisite environment (which it sounds like is necessary).

    More than likely, you'll need to create some sort of WordPress package that has all of the default plugins, themes, etc. you want, then add some PHP code (probably in the mu-plugins folders) that checks for specific plugin names and stops them from being installed/activated.

  9. michael.mariart
    Member
    Posted 1 year ago #

    I NEED them to be able to install their own plugins and themes.

    Then you can't use multisite. Sorry, but it's that simple.

    There is a list of maybe 5 single plugins I dont want them to have access to. not all of them, just a few.

    There's no built-in way to disable these sort of things. If you actually went down the multisite route, then yes you can contorl what's installed. If you go as single instalations, which you will need to do to allow plugin installation, then you can't block them installing plugins.

    The only thing that I'd suggest doing is setting up a searching script that will look at all of the WP installations and see what plugins have been installed and see if any of them are on the "bad plugins" list. If they are you can alert the sites owners and tell them that they must remove it. Don't try to remove it yourself automatically because you never know what you might break if you do, and you really don't want to be the one breaking a clients website for any reason.

  10. There is a list of maybe 5 single plugins I dont want them to have access to. not all of them, just a few.

    Well you could with a lot of .htaccess shenenigans, but realistically, you don't want Multisite in this scenario. You want separate sites and then your firewall tuned to block those plugins from being able to be downloaded.

    tl;dr: If you don't want them to be super admins and you want them to be able to install any plugin they want, you don't want to use Multisite.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.