There are more than 54,000 plugins for WordPress out in the universe and most of them are going to work splendidly on Flywheel. However, there are a few categories of plugins that either duplicate functionality that Flywheel already provides, or are known performance-killers on sites.
Flywheel believes that users shouldn’t have to “fiddle” with their site to get the best performance and security. As a managed host for WordPress, our goal is to make sure you’re starting out with a site that just works.
Backups are included in every Flywheel plan. We back up your sites every 24 hours on external servers, and we allow you to easily restore and download backups from the Flywheel dashboard.
Backup plugins, on the other hand, can be incredibly resource-hungry. When running, they can take a big bite out of the resources needed to deliver content to visitors, which could slow your site down at an inopportune time. For larger sites, some of the MySQL queries can even take your site offline. Backup plugins also often create large files which can unnecessarily fill up a site’s allotted disk space.
Examples of unsupported Backup plugins:
If you’d like to keep your own backups in additions to the ones Flywheel keeps, we recommend downloading a backup from the Flywheel dashboard.
Flywheel handles caching at the server level, eliminating the need for caching plugins. Server-side caching is significantly more efficient and scalable than any plugin-based caching, since it doesn’t rely on PHP. In addition, caching plugins run the risk of interfering with server-side caching, resulting in uncached server requests and degraded performance.
In addition, plugin-based caching solutions tend to cause issues when used in tandem with Flywheel features that move or duplicate sites, including Blueprints, cloning, and Staging.
Examples of unsupported caching/performance plugins:
Flywheel servers are configured specifically with WordPress security best practices. We help prevent brute force attacks, lock down core WordPress files (including xmlrpc.php), and take many other security measures for you.
Security plugins may provide additional features, but in many cases can slow down sites by over-utilizing server resources, interfering with Flywheel’s caching, bloating the site’s database, and/or interfering with our native security software.
While we discourage the use of these plugins, we don’t block them – you are able to install any security plugin you like. That said, we have found these plugins in particular can degrade performance:
In general, if you aren’t manually assigning related posts, any plugin that is automatically showing related posts is going to be doing so via a barrage of MySQL queries that happen on each and every page load. The end result is often a devastating hit on your site’s performance and substantial damage to your database.
Examples of unsupported Related Posts plugins:
.htaccess
will not work on Flywheel, since .htaccess
is an Apache file and we run NGINX.wp-config.php
file will be unable to do so, although in most cases you can contact Flywheel support and we’ll be happy to work with you to put whatever you need in place.The TimThumb image resizing script is embedded in lots of older themes and plugins built from about 2000–2014, but it is no longer supported or updated, so it’s a vulnerability. Besides, it tends to break things on Flywheel anyway. Stick with the image optimization plugins recommended here.
Along with TimThumb, Sucuri reports that outdated versions of Gravity Forms and RevSlider contribute to a high number of security incidents and vulnerabilities with WordPress sites. This is largely because these plugins are frequently embedded in themes and aren’t updated. As long as your theme is kept up-to-date and you are running the latest versions of these plugins, you shouldn’t have issues, but it’s worth double-checking.
Note that certain plugins run database queries to work, and these interfere with caching, which will slow down a site. These include (but are not limited to) Broken Link Checker (which also doesn’t play well with Staging/cloning) and some “related posts” plugins.
This is by no means an exhaustive list, but gives you a sense for the types of plugins that we strongly discourage and/or don’t allow. If you have any questions about a particular plugin and whether it is allowed, don’t hesitate to contact Flywheel support.
If you have any questions our Happiness Engineers are here to help!
New to Flywheel? Start here, we've got all the information you'll need to get started and launch your first site!
View allLearn all about managing your Flywheel user account, Teams and integrations.
View allFlywheel hosting plans include a ton of great features. Learn about how to get a free SSL certificate, set up a staging site, and more!
View allAll the server and setting info you'll need to help you get the most out of your Flywheel hosting plan!
View allTips and tricks for managing your sites on Flywheel, including going live, troubleshooting issues and migrating or cloning sites.
View allLearn more about Growth Suite, our all-in-one solution for freelancers and agencies to grow more quickly and predictably.
Getting started with Growth Suite
Growth Suite: What are invoice statuses?
Growth Suite: What do client emails look like?
Learn more about Managed Plugin Updates, and how you can keep your sites up to date, and extra safe.
Restoring Plugin and Theme Management on Flywheel
Managed Plugin Updates: Database upgrades
Managed Plugin Updates: Pause plugin updates
We can help! Check out our Brand Resources page for links to all of our brand assets.
Brand Resources