Twitter Facebook LinkedIn Flipboard 0 Plugins No Longer In Directory or Repository One of the “fatal flaws” in the WordPress system is that there is no way for the central plugin repository to let us know, in a direct manner, when a plugin we are using has been removed from the directory for potential bad behavior. This leads to blog owners being unaware that a plugin they are using has a security vulnerability (that puts them at risk) when the plugin is temporarily made unavailable and also leaves them unaware of how urgent it is to update the plugin when it becomes available again. This is very much a “weak link” in the system. Before we go any further, it would be VERY beneficial if you would go over to THIS thread and leave a message urging the WordPress development community to give this some of the attention it so badly needs. (Leave a comment to keep urging them forward!) They’ve been “working on this” a long time and no suitable solution has arrived. In the meantime, we have… WordPress “No Longer In Directory” Plugin This simple plugin does a scan of your current plugins and compares it against current and former directory listings for the repository. It also checks for former removals that have returned. This would have been useful a week ago when the SexyBookmarks plugin was removed from the directory for security reasons and has since been patched and returned (it is urgent that you update). Unfortunately, this plugin is a manual check (meaning you have to go to it’s settings page) and is not a background monitoring service that we really need. screenshot courtesy of plugin author This plugin works “hand in hand” with the Better Plugin Compatibility Control which lets you know when a plugin has gone un-maintained (but not removed) and may be a security risk or stability hazard on your current version of WordPress. One of the nice things about this plugin is that it does not throw a bunch of false-positives if you’re using some non-GPL plugins that were never in the repository in the first place. Keep in mind that those plugins can just as easily develop security issues and if you haven’t seen updates in the last six months or a year, you have reason to be nosy about them too! Why Do Plugins Get Removed From The Repository? Plugins can be removed for the following reasons: they are found to break the GPL they are found to break the directory rules other plugins by the author are found to be a problem and all are removed pending investigation the author asks for it to be closed the author asks for it to be closed because they are re-releasing under a different name it is being investigated after non-specific complaints there is a security vulnerability Fortunately, by using a combination of these free plugins, we can get an accurate assessment of where the GPL plugins on our blog stand at this present time. (Which is helpful for preventing hackings!) How often should we do this? Here’s the problem… it needs checked frequently… the more frequently the better. That is why it really needs to be part of the core WP system and to do the checking on it’s own and alert us by email. This is super easy if you have one blog but a pain in the rump if you have 12! What tools do you use to keep your blog safe? I’ll be talking more about security in upcoming blog posts and courses so let me know if there is something you’d like me to cover! ~ Kim ~ Simple Tech Tips For Marketing PS: Be sure you subscribe by email to my list and follow me on social media so you get security news as soon as possible to help you build your business while staying safe! Twitter Tweet Facebook Share Email This article originally appeared on Just Ask Kim and has been republished with permission.Find out how to syndicate your content with B2C Author: Kane Pepi <p>Kane Pepi is an experienced financial and cryptocurrency writer with over 2,000+ published articles, guides, and market insights in the public domain. Expert niche subjects include asset valuation and analysis, portfolio management, and the prevention of financial crime. Kane is particularly skilled in explaining complex financial topics in a user-friendly … View full profile ›More by this author:VoIP Basics: Everything Beginners Should Know!Bitcoin Investment, Trading & Mining: The Ultimate Guide for BeginnersIs This a Better Way to Set Your 2020 Goals and Resolutions?