• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Please beaware of a breaking change in the REST API on the next Plesk release (18.0.62).
    Starting from Plesk Obsidian 18.0.62, requests to REST API containing the Content-Type header with a media-type directive other than “application/json” will result in the HTTP “415 Unsupported Media Type” client error response code. Read more here

How to set a plugin as ignored ?

L

Lucien

New Pleskian
Server operating system version
Centos 7.9
Plesk version and microupdate number
18.0.47
Hi,

Is it possible to set a plugin as ignored for wordpress toolkit ?

Situation : We have a few websites with a dead plugin that we patched manually for a public exploit (no official update will never be released)

Thank you for help !
 
Lucien said:
Hi,

Is it possible to set a plugin as ignored for wordpress toolkit ?

Situation : We have a few websites with a dead plugin that we patched manually for a public exploit (no official update will never be released)

Thank you for help !
Click to expand...
Hullo, I’ve been making templates and code for use in other projects but have always avoided the plugin system since I could never get it working. Time to get it working methinks! So I’ve tried to add the “Blank Plugin” to my project along with my own plugin based on the UObjectPlugin. They are being added to the Visual Studio solution but when it comes time to compile they are ignored. What troubleshooting steps should I take? Also is there any tool for adding classes to plugins?!
 
taylorray said:
Hullo, I’ve been making templates and code for use in other projects but have always avoided the plugin system since I could never get it working. Time to get it working methinks! So I’ve tried to add the “Blank Plugin” to my project along with my own plugin based on the UObjectPlugin. They are being added to the Visual Studio solution but when it comes time to compile they are ignored. What troubleshooting steps should I take? Also is there any tool for adding classes to plugins?!
Click to expand...
This is totally unrelated to my question/request.
 
Lucien said:
Hi,

Is it possible to set a plugin as ignored for wordpress toolkit ?

Situation : We have a few websites with a dead plugin that we patched manually for a public exploit (no official update will never be released)

Thank you for help !
Click to expand...
Hi,
You can add the plugin' slug into block list (WordPress Toolkit -> Settings (the button on the right side of the page title) -> field "Plugin blocklist").
Plugins with slugs listed in the block list cannot be installed thru WPT, when WPT discovers that such plugin is installed on WordPress site, the WPT will deactivate it.
 
vbelich said:
Hi,
You can add the plugin' slug into block list (WordPress Toolkit -> Settings (the button on the right side of the page title) -> field "Plugin blocklist").
Plugins with slugs listed in the block list cannot be installed thru WPT, when WPT discovers that such plugin is installed on WordPress site, the WPT will deactivate it.
Click to expand...
I don't want WPT to disable it , I just want him to ignore the version / exploit

(because I manually fixed it and no official patch will never be released)
 
Lucien said:
I don't want WPT to disable it , I just want him to ignore the version / exploit

(because I manually fixed it and no official patch will never be released)
Click to expand...
Could you please clarify what you mean under "ignore the version / exploit"?
Do not allow to install this plugin on new WordPress sites, and also do not allow to remove and install plugin again on the same WordPress site? Since it would be installed from the wordpress.org, and that version doesn't have your custom patch.
 
vbelich said:
Could you please clarify what you mean under "ignore the version / exploit"?
Do not allow to install this plugin on new WordPress sites, and also do not allow to remove and install plugin again on the same WordPress site? Since it would be installed from the wordpress.org, and that version doesn't have your custom patch.
Click to expand...

I don't want WPT to warn me everyday about the fact a plugin that IS used on some sites is exploited.

I know, I patched it myself, official patch will never exists.

I don't want want to uninstall those, I just want WPT to ignore them (accept they're now "safe")
 
@Lucien, my WP knowledge is limited, but would it not be possible to manually change the version of the plugin? You've already patched it manually.

My thinking is that WPT uses the version numbering of Plugins to see if they mach any known exploited or vulnerabilities for that version. The version of your particular plugin seems to be listed. So if you could change the version number of the plugin, WTP presumably stops sending you notifications. Not sure if this is possible, it's just a thought.
 
If a patch exists, let's say in version 1.12 of a plugin I could manually change version to 1.12.

I'm talking about plugins without any patched version.
 
Lucien said:
I don't want WPT to warn me everyday about the fact a plugin that IS used on some sites is exploited.

I know, I patched it myself, official patch will never exists.

I don't want want to uninstall those, I just want WPT to ignore them (accept they're now "safe")
Click to expand...
Afaik WPT should not sent notifications about the same vulnerability twice. But the site still be marked as vulnerable.

As a workaround you can change the plugin slug:
1. Deactivate plugin in WPT
2. Open file manager
3. Go to WordPress Site directory, open "wp-content/plugins" folder
4. Rename plugin folder, e.g. if the original name is "akismet", then change the folder name to "akismet-patched"
5. Open "akismet-patched" directory, rename "akismet.php" to "akismet-patched.php"
6. Open WPT, press "Refresh" button on the WordPress card
7. Activate plugin
 
You must log in or register to reply here.

Similar threads

T
Question Is it possible to automatically apply settings for wordpress sets?
Replies
1
Views
438
Aleksey Filatev
Aleksey Filatev
P
Multiple instances of .wp-toolkit when smart update is activated
Replies
1
Views
191
Kaspar@Plesk
Kaspar@Plesk
D
Resolved problem with alert about a vulnerability in a plugin that's already fixed
Replies
1
Views
815
Daniel-spain
D
J
Plugin package cannot be installed: Premium plugin requires base plugin
Replies
3
Views
1K
Peter Debik
P
T
WP-Toolkit and cache clearing from wordpress
Replies
0
Views
985
thinkjarvis
T
Back
Top