New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

What kind of mickey mouse hosting company installs plugins without notifying their customers? #16

Open
BrettGregson opened this Issue Mar 14, 2017 · 15 comments

Comments

Projects
None yet
@BrettGregson
Copy link

BrettGregson commented Mar 14, 2017

You installed some caching thing on a wordpress site of one of my clients without notifying us. How do I remove it?

@megrimm

This comment has been minimized.

Copy link

megrimm commented May 27, 2017

this is a nightmare... i just spend several hours trying to figure out why code changes were not being reflexed in the browser.

cacheing? really? while developing? wtf...

@MikeHansenMe

This comment has been minimized.

Copy link
Member

MikeHansenMe commented Jun 2, 2017

Hi @BrettGregson sorry for the delay. If you would like to remove it, you have a few options. On the settings general page you can set the level to 0. On the plugins -> mu-plugins page you can click disable. And after doing either of those two if you would like to remove it entirely you can delete the file mu-plugins/endurance-page-cache.php from your install.

@MikeHansenMe

This comment has been minimized.

Copy link
Member

MikeHansenMe commented Jun 2, 2017

@megrimm if you are doing dev on the server it would make sense that caching would get in your way. There are a number of triggers to cause a purge but nothing looks for code changes. There is a purge button on both the plugins->mu-plugins screen and in the admin toolbar (v0.8). I think a better solution may be for us change the cache level to 0 if WP_DEBUG is true. I will try to get that into the next release.

@megrimm

This comment has been minimized.

Copy link

megrimm commented Jun 2, 2017

thanks and apologies for the rant. that day cost me several hours trying to figure out the cause of why pages were not reflecting changes. i basically purged everything I could think of on my local system (thinking that is where the problem originated) only to find this server side caching which, I assume, customers were not informed of. It might not be the cache that is the biggest problem but the lack of communication? but maybe i just missed a memo on this....

@MikeHansenMe

This comment has been minimized.

Copy link
Member

MikeHansenMe commented Jun 2, 2017

@megrimm no problem. I understand and you are not wrong in that we can be better about communicating this to customers. Currently the two ways you can get caching are if you have done a new wp install using one of our installers in say the last 6 months or if the site is under a traffic spike and we attempt to cache it as an alternative to it crashing.

@wesbos

This comment has been minimized.

Copy link

wesbos commented Jun 8, 2017

Super bad move - I'll no longer be recommending Bluehost to any of my students

@callummr

This comment has been minimized.

Copy link

callummr commented Jun 8, 2017

Had a number of sites with bluehost for a few years and the poor performance hasn't been quite enough to persuade me to move, but modifying customers' sites without any comms certainly is. Thanks @BrettGregson for raising the issue so others don't lose so much time.

@ostoh

This comment has been minimized.

Copy link

ostoh commented Jun 8, 2017

I gave up on Bluehost because of such nonsense. Multiple URL injections and cache issues.

@TomClive

This comment has been minimized.

Copy link

TomClive commented Jun 14, 2017

@MikeHansenMe Advice to change the settings for the plugin isn't much help when the htaccess file has been amended and this has prevented access to site and admin area. Nothing was acccesible.

Our affected installation is in a sub-directory and we made custom changes to the htaccess file to help prevent unauthorised access following a hack.

These Bluehost modifications caused unnecessary work reverting htaccess file and deleting plug-in. Although there are only 50 or visitors to the site per day right now, this happened during a critical week for this public-sector project. Not good.

@Johan333g

This comment has been minimized.

Copy link

Johan333g commented Jun 23, 2017

DO NOT ACTIVATE THIS PLUGIN delete the file mu-plugins/endurance-page-cache.php from your install using an FTP manager.. Then install a real caching plugin.

@MikeHansenMe "if the site is under a traffic spike and we attempt to cache it as an alternative to it crashing" That is because you have oversold your server space.. use load balancing instead.. don't hack someone's property.

@tmz1970

This comment has been minimized.

Copy link

tmz1970 commented Jun 25, 2017

HostGator did this too. No warning, no ask.
Also -- this plugin does not seem to respect core Capabilities. I created a custom Role with NO capabilities at all, except to view entries from Gravity Forms. But now these users can also access the Cache top-menu, since this plugin doesn't account for Capabilities.

@Johan333g

This comment has been minimized.

Copy link

Johan333g commented Jun 28, 2017

To be a little more specific for those having issue with this.. The federal Computer Fraud and Abuse Act provides in part that Whoever (Mike Hansen, Endurance International Group) having knowingly accessed a computer without authorization or exceeding authorized access, and by means of such conduct having obtained information from any protected computer if the conduct involved an interstate or foreign communication; is subject to a fine under this title or imprisonment for not more than ten years, or both.

If this software was installed without your permission and not removed immediately upon request please file a complaint with the FTC and your local FBI agency.

Hacking is a federal crime with some serious penalties.

Have a nice day

@davidmoore-io

This comment has been minimized.

Copy link

davidmoore-io commented Aug 8, 2017

Yeah.... this just cost us an afternoon. Installing (pretty well hidden) plugins on your clients sites, doing URL injection, editing htaccess files etc etc etc has cost us (and by the looks of things, lots of others) a load of unnecessary work and stress. It appears to be something that the parent company (Endurance) do across their hosting companies?

I'd suggest making it really obvious it exists (why doesn't it conform to the standard WP plugins architecture?), and producing proper docs for devs, would be a wise move.

Bizarre. Cheers for that guys. 👍

@MagneticMule

This comment has been minimized.

Copy link

MagneticMule commented Dec 30, 2017

Why does anyone use Bluehost in this day and age? I moved away from them long ago. Do yourself a favor and get serious about your hosting. Learn about containers, Linux admin and shift over to somewhere like DigitalOcean. Your wallet and your sanity will thank you in the long run.

@BrettGregson

This comment has been minimized.

Copy link

BrettGregson commented Dec 30, 2017

@MagneticMule not always the developers choice. One of my clients was using them (I eventually did convince them to move)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment