WP Engine removes a popular plugin from their disallowed list

WP Engine worked with Wordfence to make their security plugin compatible with its hosting service and to remove it from WP Engine’s infamous Disallowed Plugins list

WP Engine and Wordfence
WP Engine now supports the Wordfence firewall and security scanning plugin for WordPress

The WordPress hosting provider, WP Engine, maintains a list of disallowed plugins that they won’t allow customers to use for security and performance reasons. For some new customers, it can come as a surprise when they sign up and find out that they can’t use one of their favorite plugins.

In most cases, WP Engine disallows plugins that conflict with built-in security and performance features. For example, they don’t allow popular caching plugins like W3 Total Cache or WP Super Cache because the features they offer are already baked into WP Engine's Digital Experience Platform.

If a plugin offers additional value-added features beyond the ones already available from WP Engine and has a significant user base, WP Engine will work with the plugin developer to make it compatible. That’s what they did with the caching and performance plugin, WP Rocket, in March 2017.

Wordfence is now compatible with WP Engine

Wordfence, an endpoint firewall and security scanner plugin, now has the rare distinction of also being removed from WP Engine’s disallowed plugin list. WP Engine announced that their engineers worked with Wordfence’s engineers to make the plugin compatible with their hosting service.

The WP Engine and WordFence team worked together to update the WordFence plugin so it would store their Web Application Firewall (WAF) rules in a database instead of the filesystem. This change improves the security of WordFence because storing the rules in a database, rather than a filesystem, makes the data more secure.

Wordfence’s new feature is called MySQL Storage Engine, and it stores WAF rules in a database instead of the filesystem. They anticipated that they would get a lot of questions about this change, so they published a Wordfence MySQL Storage Engine FAQ for their customers.

The change appears to be a win-win-win for WP Engine, Wordfence, and site owners that want to use both services. The MySQL Storage Engine also introduces a more secure way to store WAF rules, which makes the Wordfence plugin even better.

Editor’s Note: Coywolf is hosted on WP Engine, uses the WP Rocket plugin, and utilizes Cloudflare to achieve site performance that meets or exceeds AMP pages.

Jon is the founder and Managing Editor of Coywolf. He is a serial entrepreneur with over 25 years of experience in web development, SaaS, internet strategy, and digital marketing. Follow @henshaw

Never miss an important story – Subscribe to Newsletter