Close Content Menu
Open Menu

Third-Party WordPress Plugins

Executive Overview

This document describes in detail our policy regarding support for 3rd party WordPress plugin code, as well as the reasoning and history behind that policy.  If you want to skip directly to requirements when requesting a new plugin, you can find that in the "In Summary" section at the end of the document.

 

Background

CareHubs is integrated with WordPress, which many of our customers use for the blogging and content management aspects of their sites.

WordPress is the world’s leading CMS, powering more than 27% of all websites worldwide.  One of the most popular elements of WordPress is its support of plugins, which allow you to add new functionality to your site simply by installing them.  These plugins are created primarily by WordPress’ large and vibrant community of open source developers, and can be a huge boon when wanting to extend site functionality.

That said, it is critical for enterprise customers to understand that some caution and due diligence are required when adding new plugins to a website or network where security and stability are paramount, because:

  1. The security and reliability of plugin code will only be as good as the practices of the developer(s) who wrote it.  Since anyone, anywhere can create and publish a plugin, this could be an experienced software engineer or someone just learning how to code.
  2. The quality of plugins in the open source WordPress repository is enforced only via a community rating system and does not include any particular QA or audit process.
  3. Activating a plugin will allow that code to run unrestricted on your site. It will have complete access to all of your data, and may also run on the computers or phones of anyone who visits your site (ordinarily this is fine, but in the case of malicious or hacked plugins it can be a vector for attempting to attack your users.)
  4. The plugin’s code may conflict with the code of other major or minor components of your site, potentially resulting in bugs or unexpected behavior.  These issues can arise both at the time of installation, as well as anytime the plugin code is updated.
  5. For clients running on network installations with multiple sites, installation of a bad plugin that destabilizes a site potentially jeopardizes uptime for all sites on the network, not just the site on which it was installed.
  6. Like all other site components, 3rd party plugins require consistent, ongoing monitoring for patches, updates and maintenance. Failure to patch promptly when security issues are discovered or an upgrade is released can result in your site being compromised.
  7. The consequences of failing to address these risks can be severe.  Compromised 3rd party plugins are the primary point-of-entry for most WordPress hacks, and according to a recent study, just 3 outdated plugins were responsible for nearly a quarter of all WordPress hacks during the studied period.  In fact, an unpatched 3rd party plugin is suspected to have been at the core of the infamous Panama Papers data breach! (all data from website security firm Sucuri’s Q1 2016 report.)


Risk Mitigation

For these reasons, we enforce a strict plugin policy to ensure that we can meet the security and stability commitments made in our enterprise service level agreements and cyberliability insurance coverage.  This policy imposes a couple of requirements on both us and our customers.

For our part, our team's primary obligations are:

  • Full auditing of all plugins.  We actively curate and maintain a fixed list of plugins in our repository. Plugins, when written correctly, are extremely powerful and time-saving. For the plugins that we have approved in our repository, each line of code has been reviewed by a CareHubs Senior Engineer.
  • Consistent, ongoing updates.  We monitor and update all plugins in our repository at regular intervals on an ongoing basis (precise timing varies based on plugin and requirement specifics, but most typically weekly) to ensure that we are running the latest, most fully patched version of each plugin and that no security issues have been uncovered either with the plugins themselves or any supporting code libraries.  Post-update we then test for breakage/incompatibility with existing site functionality (exact nature of this testing varies per customer engagement.  Please contact your account manager if you have any questions.)

 

Requesting a new plugin

In turn, we ask two things of our customers when they request installation of a new plugin, in order to help us best meet their needs.

First - please tell us, as specifically as possible, what results you are seeking to achieve with the plugin.  Many plugins are multifunctional, and understanding the specific need behind your request will enable us to advise you if we already have that functionality available via an existing, audited plugin in our repository.

If we don’t have an existing plugin that meets all of your requirements, we are happy to audit new candidates for potential addition to our network.  

Please know that some plugins have tens or even hundreds-of-thousands lines of code, so the audit can be a time consuming process, and it will therefore be necessary for you to have support hours available for us to initiate a review.  This typically takes between 1 and 16 hours, depending on the plugin.  Your account manager can provide a precise estimate.

To maximize your return on this investment of hours, and to minimize the chances of your plugin failing to pass our review, our second request is that you select candidate plugins which have already been extensively tested by the developer and/or the WordPress community, as reflected by the following metrics:

  • Have at least a 4 out of 5 star rating within the WordPress community (you can view ratings in the WordPress repository.)
  • Have at least 500,000 downloads from the repository, (or are offered as a paid plugin from a reputable developer who offers active plugin support.)
  • Are at least 6 months old.

 

Additional considerations

There are two final considerations to keep in mind when requesting addition of a new plugin:

  • Due to the maintenance requirements described above, there will be some modest, ongoing time investment required for the maintenance of a custom plugin in the repository.  This will likely be quite small, but for customers with very limited support hours budgets, it may nevertheless be a consideration.  Please ask your account manager if you have questions about this.
  • Because of its original genesis as a blogging platform before becoming a full-fledged CMS, many of our customers have had some experience using WordPress for a personal blog or similar site.  Based on that experience, they may also favor a particular plugin for some purpose.  While we strive to please our customers and will do everything possible to provide requested functionality, it’s important to recognize that plugins which might be suitable for sites with hundreds of users may not be reliable for networks with thousands or millions of potential visitors.  Similarly, plugins suitable for use on a private intranet, may not be sufficiently secure for a public site, or one which potentially contains sensitive information or PII.

 

In Summary

3rd party WordPress plugins have the potential to be extremely useful, but also introduce risks to site integrity.  To help us best serve you, while managing/mitigating these risks:

  1. If requesting installation of a new plugin, please help us understand the precise need behind the request.
  2. When looking at possible new plugin candidates, focus on ones that are most likely to have been tested extensively.
  3. Understand that not all plugins (even favored ones) are suitable for all enterprise use-cases.
  4. When adding a new 3rd party plugin, please remember that there will be some hours cost associated with both the initial audit and ongoing maintenance.

We have written this policy based on our team's decades of experience in this space and crafted it in collaboration with our Senior Security Advisor. It is in place to protect our wonderful and cherished customers and ensure the integrity, quality, and safety of your site. If you have any questions or would like to inquire about which plugins are audited and available to you, please don't hesitate to contact us anytime.