The WordPress hosting provider, WP Engine, maintains a list of disallowed plugins that they won’t allow customers to use for security and performance reasons. For some new customers, it can come as a surprise when they sign up and find out that they can’t use one of their favorite plugins.
In most cases, WP Engine disallows plugins that conflict with built-in security and performance features. For example, they don’t allow popular caching plugins like W3 Total Cache or WP Super Cache because the features they offer are already baked into WP Engine’s Digital Experience Platform.
If a plugin offers additional value-added features beyond the ones already available from WP Engine and has a significant user base, WP Engine will work with the plugin developer to make it compatible. That’s what they did with the caching and performance plugin, WP Rocket, in March 2017.
Wordfence is now compatible with WP Engine
Wordfence, an endpoint firewall and security scanner plugin, now has the rare distinction of also being removed from WP Engine’s disallowed plugin list. WP Engine announced that their engineers worked with Wordfence’s engineers to make the plugin compatible with their hosting service.
The WP Engine and WordFence team worked together to update the WordFence plugin so it would store their Web Application Firewall (WAF) rules in a database instead of the filesystem. This change improves the security of WordFence because storing the rules in a database, rather than a filesystem, makes the data more secure.
Wordfence’s new feature is called MySQL Storage Engine, and it stores WAF rules in a database instead of the filesystem. They anticipated that they would get a lot of questions about this change, so they published a Wordfence MySQL Storage Engine FAQ for their customers.
The change appears to be a win-win-win for WP Engine, Wordfence, and site owners that want to use both services. The MySQL Storage Engine also introduces a more secure way to store WAF rules, which makes the Wordfence plugin even better.
Editor’s Note: Coywolf is hosted on WP Engine, uses the WP Rocket plugin, and utilizes Cloudflare to achieve site performance that meets or exceeds AMP pages.