Disable plugin install but allow updates (4 posts)

  1. neothemachine
    Posted 2 years ago #

    I think it would be very good security-wise and convenience-wise to have a config flag that disallows the installation of new plugins (and therefore disallowing the injection of malicious code) but allows the update of existing plugins and wordpress itself. Kinda like introducing the notion of "trusted" plugins.
    What do you think?

  2. esmi
    Forum Moderator
    Posted 2 years ago #

    We already recommend that you only ever download plugins from a trusted source - such as wordpress.org. At some point, site owners have to take on the responsibility for the security of their own sites and not rely on software to do this for them.

  3. neothemachine
    Posted 2 years ago #

    No no, you misunderstood me. My request was more motivated from an attack point-of-view. So, imagine a hacker successfully gets inside the admin interface. I could add some protection by disallowing file edits and plugin installations/updates so that he cannot do much damage. But this is quite inconvenient because whenever I want to do a plugin or wordpress update I would have to release the lock by flipping DISALLOW_FILE_MODS.

  4. esmi
    Forum Moderator
    Posted 2 years ago #

    If a hacker has gained entry to the admin area of the site, you're pretty much toast whatever you do. In reality, many hackers don't bother uploading plugins (at least not the ones I've seen - and that's quite a few). Instead they focus on gaining access to the server and/or the database - at which point they can directly inject whatever they want into wherever they want. So, later on, if you find an infected plugin, it doesn't mean that the hacker uploaded it "as is". It usually means that the original plugin was OK but that the hacker injected additional coding after it was already on the server.

    I do appreciate that there are a minority of rogue themes & plugin out there that are created simply to insert hacker back doors for easier access but I'm not convinced that a blanket ban is the best way to deal with these. The best approach is IMO is to take a pro-active stance on your site's security generally.

    1. Always know what you're uploading and from where (aka Following the Garbage In, Garbage Out policy). If in doubt, stick to wordpress.org for downloads.

    2. Secure the site generally by following the advice in Hardening_WordPress.

    3. Use strong passwords and guard them with your life. This includes FTP passwords. Many hacks result from "FTP leaks" that give hackers access to your FTP logins. So use SFTP is possible and never store un-encrypted passwords on any computer.

    4. Scan your own computer regularly for malware or key loggers.

    5. If you feel it's really necessary, install a malware scanning plugin on your site. There are a few available from here.

Topic Closed

This topic has been closed to new replies.

About this Topic