Skip to main content
Last Reviewed: January 30, 2023

WordPress Plugins and Themes with Known Issues

A list of WordPress plugins, themes, and functions that are not supported and/or require workarounds.


This page lists WordPress plugins, themes, and functions that may not function as expected or are currently problematic on the Pantheon platform. This is not a comprehensive list (see other issues). We continually update it as problems are reported and/or solved. If you are aware of any modules or plugins that do not work as expected, please contact support.

We do not prevent you from installing and using these plugins or themes. However, we cannot provide support for incompatible plugins and themes, or if they are used against the guidance provided here.

Plugin & Theme Maintainers: If your work is listed here, please reach out to us. We're happy to help provide information that can lead to conflict resolutions between your code and the platform.

If your work is already updated but still listed here, let us know so we can remove it, or submit a pull request.

Assumed Write Access

Some plugins and themes are built on the assumption that the CMS has write access to the entire filesystem. While this is usually true of standard LAMP/LEMP stack server configuration, Pantheon and other specialized platforms do not. This can result in runtime errors when the software can't write to locations in the codebase in Test and Live environments.

Refer to documentation on Using the Pantheon WebOps Workflow for more information on how Pantheon differentiates "code" from "files".

The solution to these issues is usually to create a symbolic link (symlink) from the plugin's expected write location to a location in the writable filesystem (/sites/default/files for Drupal, wp-content/uploads for WordPress). The process for creating a symlink and verifying that the symlink is correct is detailed in Using Extensions That Assume Write Access.

The following is a list of plugins that assume write access, and the specific file or folder that needs to be symlinked to resolve:

PluginAssumed Write PathNotes
AccessAlly WordPress LMSwp-content/accessally-protected-contentPROTECTED_CONTENT_FOLDER variable within the plugin assumes access to PATH
All-in-One WP Migrationwp-content/ai1wm-backupsThe platform is not designed for large backup files, and this plugin can cause your deployment workflows to break. You can download full backups from the Site Dashboard. See below for additional information.
wp-content/plugins/all-in-one-wp-migrations/storage
Autoptimizewp-content/resourcesSee the Autoptimize section below for other solutions.
Big File Uploadswp-content/bfu-tempSee the Big File Uploads section below for solutions.
Divi WordPress Theme & Visual Page Builderwp-content/et-cacheRemember to repeat this process for each environment, including Multidevs.
Fast Velocity Minifywp-content/cacheRemember to repeat this process for each environment, including Multidevs.
Hummingbirdwp-content/wphb-logsThe /wphb-logs folder logs API calls
NextGEN Gallerywp-content/galleryYou can override this path on the plugin configuration page (/wp-admin/admin.php?page=ngg_other_options) to use wp-content/uploads/gallery/ instead of creating a symlink.
Nitropackwp-content/nitropack and advanced.cache.phpAllows for the caching feature to be disabled so that other features, such as optimization, can be used side-by-side.
WooZonewp-content/plugins/woozone/cache
Wordfencewp-content/wflogsFollow the steps outlined in the Wordfence section.
WP Fastest Cachewp-content/cacheThis plugin uses is_dir to verify the target directory, which will return false if the directory is a symlink. This causes a permissions error when deleting cache files.
WP-Rocketwp-content/wp-rocket-config
wp-content/cache
WPML - The WordPress Multilingual Pluginwp-content/languagesAlternate solutions are listed in the WPML section.

Define FS_METHOD

By default, WordPress tests each directory before uploading a file by writing a small temporary file. Some plugins and themes may have issues on the Pantheon platform due to this write access test. You can avoid these issues (and skip the test of writing a small file) by defining the FS_METHOD as direct in the wp-config.php file above the line /* That's all, stop editing! Happy Pressing. */. To resolve the issue, configure the wp-config.php to resemble the following code sample:

wp-config.php
if (isset($_ENV['PANTHEON_ENVIRONMENT'])) {
    if ( !defined('FS_METHOD') ) {
        define('FS_METHOD', 'direct');
    }
}

The successful write of the temporary file returns "direct". You can specify the direct file system method beforehand to allow operations to run slightly faster. Note that the direct specification forces the method to use direct file I/O requests from within PHP, which can open up security issues on poorly configured hosts.

Plugins and themes with issues resolved (at least partially) by this include the following:

Info:
Note

If your site is using an up-to-date version of the Pantheon WordPress upstream, FS_METHOD will automatically be set for you.

AdThrive Ads

Last reviewed: Oct 10 2022

AdThrive Ads is an ad provider for bloggers. AdThrive Ads is not compatible with the Pantheon platform because the plugin assumes write access and is also incompatible with:

  • Git deployments
  • Docker
  • Kubernetes

There is no solution for the compatibility issues with this plugin.

All-in-One WP Migration

Last reviewed: Nov 30 2020

Issue: All-in-One WP Migration attempts to store all of the environment's code, database, and files in version control. This is too much for git to handle, and will cause all deployments to fail.

Warning:
Warning

There is a very strong possibility this plugin will break the site's workflows, leaving you unable to deploy for a minimum of 24 hours.

Solution: Use the platforms automated backups from the Site Dashboard.


AMP for WP – Accelerated Mobile Pages

Last reviewed: Dec 05 2019

Issue: With the AMP for WP – Accelerated Mobile Pages plugin, enabling the Mobile Redirection feature within AMP for WP sends a session cookie which conflicts with platform-level page caching. See the WordPress support forum for details.

Solution: Disable the option for Mobile Redirection within the AMP for WP options page. Then handle mobile redirection via PHP within wp-config.php, for example:

wp-config.php
if ((is_mobile())&&(strrpos($_SERVER['REQUEST_URI'],'amp') == false)) {
  header('HTTP/1.0 301 Moved Permanently');
  header('Location: https://'. $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] .'/amp');

  // Name transaction "redirect" in New Relic for improved reporting (optional).
  if (extension_loaded('newrelic')) {
    newrelic_name_transaction("redirect");
  }
  exit();
}
function is_mobile() {
  if ( empty($_SERVER['HTTP_USER_AGENT']) ) {
          $is_mobile = false;
  }
  elseif ( strpos($_SERVER['HTTP_USER_AGENT'], 'Mobile') !== false // many mobile devices (all iPhone, iPad, etc.)
          || strpos($_SERVER['HTTP_USER_AGENT'], 'Android') !== false
          || strpos($_SERVER['HTTP_USER_AGENT'], 'Silk/') !== false
          || strpos($_SERVER['HTTP_USER_AGENT'], 'Kindle') !== false
          || strpos($_SERVER['HTTP_USER_AGENT'], 'BlackBerry') !== false
          || strpos($_SERVER['HTTP_USER_AGENT'], 'Opera Mini') !== false
          || strpos($_SERVER['HTTP_USER_AGENT'], 'Opera Mobi') !== false ) {
                  $is_mobile = true;
  }
  else {
          $is_mobile = false;
  }
  return $is_mobile;
}

Autoptimize

Last reviewed: Feb 10 2020

Issue 1: Autoptimize assumes write access to the site's codebase within the wp-content/resources directory, which is not granted on Test and Live environments on Pantheon by design. For additional details, refer to Using Extensions That Assume Write Access.

Solution: Configure Autoptimize to write files within the standard wp-content/uploads path for WordPress (wp-content/uploads/autoptimize) by adding the following to wp-config.php:

wp-config.php
/** Changes location where Autoptimize stores optimized files */
define('AUTOPTIMIZE_CACHE_CHILD_DIR','/uploads/autoptimize/');

Be sure to add this configuration above the comment to stop editing:

Example of Autoptimize configuration above the stop editing comment

For additional details, see the Autoptimize FAQ. An alternative solution is to create a symbolic link.

Issue 2: Autoptimize attempts to generate the file wp-content/autoptimize_404_handler.php upon activation, and if not present will throw a php warning.

Enabling this setting requires write access and a location directive not configured in platform's Nginx configuration, generating the error:

Warning: file_put_contents(/code/wp-content/autoptimize_404_handler.php):
failed to open stream: Permission denied in /code/wp-content/plugins/autoptimize/classes/autoptimizeCache.php on line 642

Solution: Uncheck Enable 404 fallbacks in the Autoptimize settings page wp-admin/options-general.php?page=autoptimize. The Pantheon Platform does not provide support for custom HTTP server configurations, so file redirects will not work. More information can be found in the redirect files section of Advanced Redirects and Restrictions.


Better Search And Replace

Last reviewed: Sep 27 2019

Issue: The Better Search and Replace plugin is not accessible in Test or Live (read-only environments in Pantheon) due to the install_plugins capability check of the plugin. Follow this issue on the WordPress support forum.

Solution 1: There is an undocumented filter in place to override the capability check. Adding this in the your theme’s function.php can make it work:

function.php
function better_search_replace_cap_override() {
    return 'manage_options';
}
add_filter( 'bsr_capability', 'better_search_replace_cap_override' );

Solution 2: Use an alternative Search and Replace plugin like WP Migrate DB


Big File Uploads

Issue: The Big File Uploads plugin has assumed write access for its temporary file storage.

Solution:

  1. Set your Dev (or Multidev) environment to Git connection mode in the dashboard or via Terminus.

  2. Use Git to clone your site's codebase locally if you haven't already. See Clone your site codebase

  3. In your terminal, change your current directory to the location where the site's Git clone is stored.

  4. Navigate to /wp-content and check if the /wp-content/bfu-temp folder exists. If it does, remove it before you create the symlinks in the next steps:

    cd wp-content
    rm -rf bfu-temp
  5. Return to the root directory of the Git clone:

    cd ..
  6. Create a symlinks:

    ln -s ../../files/private/bfu-temp ./wp-content/bfu-temp
  7. Commit this change and push to your site, and ensure that a private/bfu-temp directory is created on each environment.


Bookly

Issue: Sessions are implemented in a way that will not allow Bookly to function with the WP Native Sessions plugin, either installed as a regular plugin or an mu-plugin. Follow this issue on the WordPress support forum.


Issue: For the Broken Link Checker, a low value set for "Check link every X hours" can consume a large amount of server resources.

Solution: Ensure that the value is set for the default of 72 hours or greater.


Caching Plugins

This includes but is not limited to:

Issue: Conflicts with platform-level page caching.

Solution: See Caching: Advanced Topics for details on how to bypass the platform page cache.


Coming Soon

Last reviewed: Oct 03 2018

Issue: The Coming Soon plugin's Maintenance mode gives the ERR_TOO_MANY_REDIRECTS error in the frontend. This plugin returns the error 503 Header status - Service Temporarily Unavailable which creates a redirect loop. Please see this issue for more details regarding the error.

Solution: This plugin only works in the Coming Soon Mode on Pantheon. You need to add content to the Page Settings > Message, so the Coming Soon page won't appear as a blank page.

Alternatively, if you don't want your site to be crawled by search engines, you can lock it via the platform and you can use a custom lock page.


Contact Form 7

Last reviewed: Aug 21 2021

Issue 1: The Contact Form 7 plugin relies on $_SERVER['SERVER_NAME'] and $_SERVER['SERVER_PORT'], which pass static values subject to change over time during routine platform maintenance.

Solution: Add the following to wp-config.php:

wp-config.php
$_SERVER['SERVER_NAME'] = $_SERVER['HTTP_HOST'];

if (isset($_ENV['PANTHEON_ENVIRONMENT'])) {
  if (isset($_SERVER['HTTP_USER_AGENT_HTTPS']) && $_SERVER['HTTP_USER_AGENT_HTTPS'] === 'ON') {
    $_SERVER['SERVER_PORT'] = 443;
  }
  else {
    $_SERVER['SERVER_PORT'] = 80;
  }
}

For more details, see SERVER_NAME and SERVER_PORT on Pantheon.

Issue 2: In order to attach or upload files, local file attachments set in the admin panel cannot come from the uploads folder. Therefore, you must direct attachments to a temporary folder.

Solution: You can customize the upload path for the temporary folder using the following:

define( 'WPCF7_UPLOADS_TMP_DIR', WP_CONTENT_DIR . '/uploads/wpcf7_uploads' );

Please note that the temporary folder needs to reside in a folder that can be accessed by Dev, Test, Live, or whichever Multidev you are using.

At this time, this setting alone does not resolve the issue. An issue has been submitted by the community and is being worked on here.

The suggested temporary workaround is to comment out the following code in your /contact-form-7/includes/mail.php file:

# Comment out the following code:
if ( ! wpcf7_is_file_path_in_content_dir( $path ) ) {
  if ( WP_DEBUG ) {
    trigger_error(
      sprintf(
        /* translators: %s: Attachment file path. */
        __( 'Failed to attach a file. %s is not in the allowed directory.', 'contact-form-7' ),
        $path
      ),
      E_USER_NOTICE
    );
  }
  return false;
}

Constant Contact Forms

Last reviewed: Aug 24 2018

Issue: The Constant Contact Forms plugin adds dependencies using Composer and provides a .gitignore file which prevents these dependencies from being picked up by Git. This leads to problematic deployments as not all code moves forward to Test and Live.

Solution: Remove .gitignore files from the constant-contact-forms and constant-contact-forms/vendor/psr/log directories.


Disable REST API and Require JWT / OAuth Authentication

Last reviewed: Apr 01 2019

Issue: When the Disable REST API and Require JWT / OAuth Authentication plugin is enabled along with WooCommerce, WP-CLI and Pantheon dashboard workflows like Cache Clear can fail. This issue may not happen for environments where WP-CLI is not installed (local machine, other platforms, etc):

Fatal error: Uncaught Error: Call to undefined method WP_Error::get_data() in /srv/bindings/.../code/wp-content/plugins/woocommerce/includes/cli/class-wc-cli-runner.php:64

For WooCommerce, the CLI runner needs some of the REST endpoints for it to function. The plugin is only allowing a specific set of paths for allowed access.

Solution: In the plugin.php file, edit the if ( ! is_user_logged_in() ) conditional to include a check for CLI PHP requests:

plugin.php
    if ( ! is_user_logged_in() && php_sapi_name() != 'cli' ) {

        // Only allow these endpoints: JWT Auth.
        $allowed_endpoints = array(
            '/jwt-auth/v1/token/validate',
            '/jwt-auth/v1/token',
            '/oauth/authorize',
            '/oauth/token',
            '/oauth/me',
    );
    $allowed_endpoints = apply_filters( 'reqauth/allowed_endpoints', $allowed_endpoints );

Divi WordPress Theme & Visual Page Builder

Last reviewed: Sep 28 2022

Issue: Divi WordPress Theme & Visual Page Builder may produce the error below when attempting to edit pages. This is caused by the page builder attempting to write to three different nested folders in the web root. This issue is also expressed when the WordPress admin dashboard becomes slow when editing posts using Divi.

.../data/Utils.php:758  ET_Core_Data_Utils::WPFS():
[ERROR]: Unable to write to filesystem. Please ensure that the web server process has write access to the WordPress directory.

Explanation of why these issues occur: The dynamic features in Divi, along with other settings stored in et-cache, can create excessive rewrites to the file system. Under high traffic uncached requests, this can saturate the file system, and degrade the performance of the site. The effect this creates is compounded when WordPress' FS_METHOD is not set to direct. Elegant themes provide these configurations in an attempt to enhance the experience of their Product, however these options are redundant and detrimental in certain environments.

Solution: The resolution is to access the Divi Theme Options located under the Advanced section in Builder and disable Static CSS File Generation:

  1. Navigate to Divi Theme Options, select Builder, and then select Advanced.

  2. Disable Static CSS file generation in the Divi theme.

  3. Select Theme Options, select General, select Performance, and then select to disable Dynamic CSS.

  4. Consider disabling other Dynamic settings if possible.

  5. Verify that a symlink exists for wp-content/et-cache.

  6. Define the FS_METHOD in the wp-config file if you are not using Pantheon's mu-plugin.

  7. Purge the contents of et-cache manually but do not purge the et-cache folder itself. You can do this by accessing the site's files via SFTP.

I am still having issues: Please contact support if you have completed the resolution steps above and you are still having issues.


Elementor

Last reviewed: Mar 30 2022

Issue: Elementor uses the current full URI to link to styled assets, which are invalid when the code is pushed from one environment to another.

Solution 1: Use any find/replace option to update the paths in Elementor. Ensure you account for escaped JSON URLs for this solution to work.

For example: my.example.com

Find or replace must handle test.example.com -> my.example.com and my.example.com -> test.example.com.

Note that if you are using a / ending slash on a new site’s URL, ensure you add a / on old site’s URL as well.

Solution 2: Use the search and replace feature in Elementor to enter the following:

/wp-admin/admin.php?page=elementor-tools#tab-replace_url.


Event Espresso

Last reviewed: Nov 15 2018

Issue 1: Event Espresso displays the following error:

PHP Fatal error: Uncaught EE_Error: An attempt to access and/or write to a file on the server could not be completed due to a lack of sufficient credentials.

Solution: Define FS_METHOD.

Issue 2: Enabling Event Espresso sends a session cookie which conflicts with platform-level page caching.

Solution: Session autostart can be disabled conditionally using FHEE_load_EE_Session filter.


Facebook for WordPress (official-facebook-pixel)

Last reviewed: Nov 22 2021

Issue: The plugin includes Git submodules in code/wp-content/plugins/official-facebook-pixel/vendor/techcrunch/wp-async-task/

which returns a PHP error because thewp-async-task/* can't be promoted to other environments due to the Git submodules.

Warning: include(/code/wp-content/plugins/official-facebook-pixel/vendor/composer/../techcrunch/wp-async-task/wp-async-task.php): failed to open stream: No such file or directory in /code/wp-content/plugins/webp-converter-for-media/vendor/composer/ClassLoader.php

Solution: Download the plugin from https://wordpress.org/plugins/official-facebook-pixel/ and extract it to your desktop. Then navigate to official-facebook-pixel/vendor/techcrunch/wp-async-task and delete the .git & .gitignore files before uploading to Dev.


FacetWP

Last reviewed: Oct 15 2019

Issue: The FacetWP plugin conflicts with New Relic.

Solution: Disable New Relic when using FacetWP.


Fast Velocity Minify

Last reviewed: Dec 12 2022

Issue: Your site may suddenly display a white screen of death in Git mode or in the Test/Live environment when using the Fast Velocity Minify plugin. This occurs because the default cache location, wp-content/cache, is not writable in Pantheon.

Solution 1: The default cache path for this plugin is wp-content/cache as of version 3.2.2.

1.Create a symlink for wp-content/cache in the wp-content directory. Refer to the documentation on Using Extensions That Assume Write Access for more information.

  1. Run the following line of code:

    ln -s ./uploads/cache ./cache
  2. Remember to clear the cache from Pantheon and flush the Redis cache. Earlier versions have this option in the Fast Velocity Minify's Settings tab for the Cache Location.

Solution 2: The FVM_CACHE_DIR and FVM_CACHE_URL variables are available to override the cache location to address this bug as of version 3.3.3.

Add the example configuration in the wp-config.php file:

define( 'FVM_CACHE_DIR', '/code/wp-content/uploads' );
define( 'FVM_CACHE_URL', WP_SITEURL . '/code/wp-content/uploads' );

Force Login

Last reviewed: Jul 26 2018

Issue: The Force Login plugin appends a port number using $_SERVER['SERVER_PORT'] at the end of the URL when the user logs in to the site.

Solution: See Set SERVER_PORT Correctly.


Last reviewed: Feb 20 2020

Issue: The GDPR Cookie Consent plugin sends two set-cookie headers in each response, which breaks caching on Pantheon's Global CDN. For example:

curl -I https://www.example.com
HTTP/2 200
cache-control: public, max-age=600
content-type: text/html; charset=UTF-8
server: nginx
set-cookie: cookielawinfo-checkbox-necessary=yes; expires=Thu, 20-Feb-2020 17:31:51 GMT; Max-Age=3600; path=/set-cookie: cookielawinfo-checkbox-non-necessary=yes; expires=Thu, 20-Feb-2020 17:31:51 GMT; Max-Age=3600; path=/x-pantheon-styx-hostname: styx-fe1-a-789d66bff9-tztp6
x-styx-req-id: 7f93c166-53fe-11ea-803e-b26d7703e33f
date: Thu, 20 Feb 2020 16:31:51 GMT
x-served-by: cache-mdw17379-MDW, cache-chi21146-CHI
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1582216311.492451,VS0,VE204
vary: Accept-Encoding, Cookie, Cookie
age: 0
accept-ranges: bytes
via: 1.1 varnish

Solution: Several users have reported that upgrading to the premium version of this plugin and disabling the included script blocker fixed the issue. For additional support, work with the plugin maintainers and review related documentation for the premium version.


H5P

Last reviewed: Nov 05 2019

Issue: Adding new libraries or content types from the H5P hub through the admin interface (or uploading large files from slow internet connections) can hit our max execution timeout, resulting in a 504 error:

While not a solution, re-running the Install process multiple times may result in success. You can also attempt to upload .hp5 files from your local computer. If local uploads hit the timeout, please try from a faster connection.


HM Require Login

Last reviewed: Nov 04 2021

Issue: When using the HM Require Login plugin, WordPress's cookies disappear shortly after a user successfully logs in. When the user attempts to access a second page in the WordPress Admin, the login screen is displayed.

Solution: Use an alternative plugin such as Force Login or Restricted Site Access.


Hummingbird

Last reviewed: Jan 20 2022

Issue: When using the Hummingbird plugin on a locked site, the user may encounter an HTTP 400-level (client error) response.

Solution: To resolve this issue flush the Hummingbird cache. Note that flushing the cache purges the cache storage, which might affect other processes that use the same storage.


HyperDB

Last reviewed: Sep 28 2023

Issue: Pantheon's database replication architecture is incompatible with HypeDB requirements, as the HyperDB plugin does not expect the replica to be readable during the bootstrap process and continues to query it instead of falling back to the main database. This issue is known to cause significant application problems when used on the platform.

Solution: HyperDB is not supported or recommended on Pantheon and there is no known workaround at this time.


InfiniteWP

Last reviewed: Oct 01 2019

Issue 1: Installing the InfiniteWP plugin admin panel on a Pantheon hosted site is not possible, because the plugin hardcodes the database credentials and uses a custom port in the URL. Our platform offers database credentials and offers them as an environment variable, and does not allow web access on ports other than 80 and 443.

Issue 2: Cannot remotely update core, or install/update themes and plugins in the Test and Live environments.

Solution: Due to the read only nature of Test and Live environments, remote updates can only be done in Dev, then deployed to Test and Live environment. Consider using a Custom Upstream or WordPress Multisite instead if you are deploying similar codebase, theme and plugins for a group of sites hosted on Pantheon.


Instashow

Issue: The Instashow plugin relies on query parameters that are not compatible with Pantheon's Edge Cache. See PANTHEON_STRIPPED for more information. This inhibits the ability to set the authorization token required to make the plugin function.


Solid Security (Previously: iThemes Security)

Last reviewed: Jan 26 2024

Issue 1: The "File Change Detection" check in the Solid Security (Previously: iThemes Security) plugin, warns site admins when files are modified. On Pantheon, automated backups will trigger this warning.

Solution: Disable the "File Change Detection" component of the plugin. Code files in the Test and Live environments are not writable, so this is not a security risk on Pantheon.

Issue 2: Solid Security attempts to modify nginx.conf, .htaccess and wp-config.php. Components that need write access to these files will not work since nginx.conf cannot be modified and code files on the Test and Live environments are not writable.

Solution: Modifications to wp-config.php should be done in Dev or Multidev environments, then deployed forward to Test and Live.


Jetpack

Last reviewed: Mar 09 2022

Issue 1: Jetpack requires the XMLRPC interface to communicate with Automattic servers. The Pantheon WordPress upstream disables access to the XMLRPC endpoint by default as it is a common scanning target for bots and receives a lot of invalid traffic.

Solution:

  1. Modify your site's pantheon.yml file to allow access to the xmlrpc.php path:

    pantheon.yml
    protected_web_paths_override: true
    protected_web_paths:
      - /private
      - /wp-content/uploads/private

    This will maintain the normal security settings for other paths, but allows access for XMLRPC. Follow the remaining steps below to block all requests to the xmlrpc.php file EXCEPT those added to your IP address allowlist.

  2. Add Jetpack IP addresses to the is_from_trusted_ip function of your wp-config.php file.

  3. Add /xmlrpc.php to your disallow_uri array, for example:

    $disallow_uri = array(
            '/xmlrpc.php',
        );

    The reference code demonstrates IP based restrictions in context of locking down admin paths (like /wp-admin/ and /wp-login.php). While locking down admin paths is a best practice, it may not fit all site use cases and it is not required in order to solve this specific Jetpack issue. If you opt to keep admin paths in the $disallow_uri array you will need to add IP addresses for yourself and every site administrator to the $trusted_ips array in addition to the Jetpack IPs added in the previous step.

Info:
Note

Pantheon does not support XML-RPC if it is enabled. You must resolve any issues you experience from enabling XMLPRC on your own.

Issue 2: Unexpected server port value error is reported by Jetpack in WP admin, where the fix suggested by the plugin causes critical errors on Pantheon. For example:

Jetpack error message unexpected Server port value

Solution: Adjust the fix suggested by Jetpack, so that $_SERVER['SERVER_PORT'] is used instead. For example:

define( 'JETPACK_SIGNATURE__HTTPS_PORT', $_SERVER['SERVER_PORT'] );

Maintenance Mode

Issue: Maintenance Mode causes a redirect loop on all pages for logged out users when the maintenance mode option is checked.

Solution: If you are locked out of your site, wp-login.php will still function and you can login to disable the maintenance mode plugin.


ManageWP worker

Last reviewed: Oct 12 2018

Issue 1: The ManageWP Worker plugin displays an error when adding a site in the ManageWP dashboard:

Site could not be added - Bad HTTP response (403 Forbidden)

This error sometimes leads users to believe that ManageWP's IP addresses need to be allowlisted on the platform.

Solution: Pantheon does not block any IPs, and there is nothing that would require an allowlist. Most likely there is a security plugin that temporary blocks the connection, or a conflicting plugin like those listed here. Temporary disable all other plugins, or the security plugins, then try adding your site again. For full troubleshooting, consult the ManageWP troubleshooting page.

Issue 2: Cannot remotely update core, or install/update themes and plugins in the Test and Live environments.

Solution: Due to the read only nature of Test and Live environments, remote updates can only be done in Dev, then deployed to Test and Live environment. Consider using a Custom Upstream or WordPress Multisite instead if you are deploying similar codebase, theme and plugins for a group of sites hosted in Pantheon.

Issue 3: Cannot remotely update core, or install/update theme and plugins in the Dev environment.

Solution: Make sure you are in SFTP mode instead of Git mode.


Monarch Social Sharing

Issue: The Monarch Social Sharing plugin appears to break WP-CLI, which is used by many of our workflows (clone, clear cache).


New Relic Reporting for WordPress

Last reviewed: May 08 2019

Issue: The New Relic Reporting for WordPress plugin sets up redundant configurations (appname and framework) with the New Relic® Performance Monitoring configuration, resulting in new applications in New Relic. This behavior may break compatibility with New Relic integrations such as QuickSilver scripts.


One Click Demo Import

Last reviewed: Mar 30 2022

Issue: The One Click Demo Import plugin returns a 502 error when automatically importing the demo files and pages for a theme. This generally happens when the process reaches the configured max-execution time in the Pantheon system php file.

Solution: Select the Switch to Manual Import option to import the demo files, including, content.xml, widgets.wie, etc.


Last reviewed: Dec 06 2019

Issue: The Popup Builder plugin stores full file paths to the options table, which breaks across multiple application containers.

Solution: A user patch has been submitted to the plugin maintainers.


PolyLang

Last reviewed: Nov 15 2023

Issue: The PolyLang plugin adds a cache-busting cookie (ex. pll_language=en) for each request.

Solution: Define the constant PLL_COOKIE to false in wp-config.php to remove the cookie:

wp-config.php
// Disable Polylang's feature to set a cookie that stores the visitor's selected language.
define('PLL_COOKIE', false);

The value of PLL_COOKIE defaults to pll_polylang. This defines the name of the cookie used by Polylang to store the visitor's language. When PLL_COOKIE is set to false, Polylang does not set any cookie. Be aware that in this case some features of the plugin may not work completely. For example, the login page will not be translated.

See the plugin documentation for more information on its PHP constants.

Issue: The PolyLang plugin caches the home url for each language. If your site is served from multiple domains, then only one of those domains' home url will be served and the others will redirect to that one.

There is also a chance that your site will cache the insecure http protocol for the home url of different languages. This can happen if the cached data gets generated by a server-side cron event or WP-CLI command. In this case, you'll get a redirct loop of https://domain.com/langcode/ http://domain.com/langcode/ https://domain.com/langcode/.

Solution: Define the constant PLL_CACHE_HOME_URL to false in wp-config.php to force Polylang to calculate the language's home url on each request:

wp-config.php
// Force Polylang to recalculate language home and search urls on each request.
define('PLL_CACHE_HOME_URL', false);

See the plugin documentation for more information on this PHP constant.


Posts 2 Posts

Last reviewed: Dec 10 2020

Issue: Posts 2 Posts can have incompatible index values for meta_key on database tables when installed on a site imported from a host using 3-byte character sets, resulting in the following error on import:

Index column size too large. The maximum column size is 767 bytes

Solution: You can apply this patch to ensure new tables created by the plugin use the supported meta_key(191) index value. You can fix existing tables via the MySQL commandline, for example:

ALTER TABLE wp_18_p2pmeta DROP INDEX meta_key, ADD INDEX meta_key(meta_key(191));
ALTER TABLE wp_29_p2pmeta DROP INDEX meta_key, ADD INDEX meta_key(meta_key(191));
ALTER TABLE wp_30_p2pmeta DROP INDEX meta_key, ADD INDEX meta_key(meta_key(191));
ALTER TABLE wp_31_p2pmeta DROP INDEX meta_key, ADD INDEX meta_key(meta_key(191));
ALTER TABLE wp_33_p2pmeta DROP INDEX meta_key, ADD INDEX meta_key(meta_key(191));

Query Monitor

Issue: The Query Monitor plugin creates a symlink with an absolute path, which will only work on the appserver where the plugin was installed. The plugin is not fully designed for cloud or multi server environments. Additionally, the plugin can create large amounts of logs which can cause performance and file system issues.

Alternatives: Pantheon has tools in place to monitor database queries:


Object Sync for Salesforce

Last reviewed: Aug 24 2018

Issue: The Object Sync for Salesforce plugin adds dependencies using Composer, and one of these dependencies provides a .gitignore file which prevents files from being picked up by Git. This leads to problematic deployments as not all code moves forward to Test and Live.

Solution: Remove the .gitignore file from the object-sync-for-salesforce/vendor/pippinsplugins/wp-logging directory.


Redirection

Last reviewed: Jul 19 2021

Issue 1: When using the Redirection plugin, customers have reported issues with 404 logging creating large database tables, reducing site performance.

Solution: Consider using PHP code to set up your redirects. See Configure Redirects for more information.

Issue 2: Redirection prefers $_SERVER['SERVER_NAME'] over $_SERVER['HTTP_HOST'] for URL and server redirects. By default, $_SERVER['SERVER_NAME'] returns Pantheon's internal server name and not the current hostname. As a result, Redirection's "URL and server"-based redirects never match.

Solution: In wp-config.php, add the following above the line /* That's all, stop editing! Happy Pressing. */:

wp-config.php
// Map $_SERVER['HTTP_HOST'] to $_SERVER['SERVER_NAME']
// to allow the Redirection plugin to work when using
// "URL and server" based redirects. By default,
// $_SERVER['SERVER_NAME'] returns Pantheon's internal
// server name and not the current hostname, as a
// result, Redirection's "URL and server"-based
// redirects never match.
$_SERVER['SERVER_NAME'] = $_SERVER['HTTP_HOST'];

Visit the SERVER_NAME and SERVER_PORT on Pantheon doc for more information about how to use HTTP_Host on Pantheon.

Warning:
Warning

This workaround may potentially break other functionality that depends on the default Pantheon return value for $_SERVER['SERVER_NAME'].


Revive Old Post

Issue: The Revive Old Post plugin does not set a proper callback via OAuth and the Twitter module. It attempts to use ['SERVER_NAME'] instead of the recommended ['HTTP_HOST']. Visit the SERVER_NAME and SERVER_PORT on Pantheon doc for more information about ['HTTP_HOST'].


SendGrid Subscription Widget

Last reviewed: Nov 04 2021

Info:
Note

This section exists for reference purposes, as SendGrid for WordPress has been deprecated as of July 13, 2021. Support can continue to help with platform issues, but may not be able to troubleshoot SendGrid-specific issues.

Issue: The email confirmation link sent from the SendGrid Subscription Widget goes to a redirect loop (see the open issue on wp.org). The link created uses a URL GET parameter __sg_api, which has double underscores. The platform strips this type of parameter to improve caching performance.

Solution: Manually change the the parameter __sg_api to any variable (like sg_api) without double underscores as prefix in the following lines of sendgrid-email-delivery-simplified/lib/class-sendgrid-mc-optin.php:

  • Line 25: $vars[] = '__sg_api';
  • Line 40: if( isset( $wp->query_vars['__sg_api'] ) )
  • Line 146: $confirmation_link = site_url() . '/?__sg_api=1&token=' . $token;
Warning:
Warning

This workaround may potentially break again with the next plugin update, and you will need to manually reapply the modification.


Site24x7

Last reviewed: Oct 20 2021

Issue: Site24x7 is an uptime monitor that pings a site to observe stability and various functions. Each time a site is pinged, Site24x7 uses a unique user agent string or various IP addresses, which may falsely inflate traffic metrics with Pantheon.

Solution: Consider using New Relic or Pingdom (/guides/pingdom-uptime-check) to monitor uptime. Pantheon maintains partnerships with these services and does not meter or bill requests from their user agents.


Slider Revolution

Last reviewed: Oct 01 2020

Issue: Slider Revolution video backgrounds will not auto-play when added to a layer, and throws this error in the Javascript console:

Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://<env>-example.pantheonsite.io').

The plugin generates the site's URL using $_SERVER['SERVER_NAME'] instead of $_SERVER['HTTP_HOST']. Due to the dynamic nature of Pantheon's cloud architecture, $_SERVER['HTTP_HOST'] is considered best practice.

Solution: Add the following line to wp-config.php:

wp-config.php
$_SERVER['SERVER_NAME'] = $_SERVER['HTTP_HOST'];

SmartCrawl Pro

Last reviewed: Oct 17 2018

Issue: The sitemap URL linked by the SmartCrawl Pro plugin produces a 500 Internal Server Error on Test and Live environments. This results in a PHP error: class not found WP_Filesystem_Direct. See more details about the issue.

Solution: Define FS_METHOD.

Alternative plugins that have an XML sitemap feature that works well on the platform include:


Smush Pro

Last reviewed: Mar 24 2022

Issue: The Smush Pro plugin requires NGINX configuration for WebP image support. This results in issues with assuming write access. In some cases, there is also an issue with the image library processing using a temporary filesystem. Both scenarios are incompatible with Pantheon's platform.

Solution: Consider using Pantheon's AGCDN as an alternative. AGCDN provides image optimization that saves PHP resources without the need for a plugin.


Timthumb

Issue: Timthumb is no longer supported or maintained.


TubePress Pro

Issue: Sites running PHP version 5.3 produce a WSOD after activating the TubePress Pro.

Solution: Upgrade your site's PHP version to 5.5, 5.6, or 7.0.


Unbounce Landing Pages

Last reviewed: Feb 13 2019

Issue: For the Unbounce Landing Pages plugin, clicking to call conversions aren't tracked even if the pages are not cached because the cookies are stripped.

Solution: Usually these type of issues can be solved if the cookie name can be renamed with a prefix starting with STXKEY_, but it is inadvisable to modify the plugin directly. It is suggested by the Unbounce team to separate your Pantheon site domain (eg. example.com) and the Unbounce landing page in a subdomain (e.g., unbounce.example.com), because your Unbounce landing pages can't live at exactly the same URL as your homepage. See the outlined solution here or get in touch with Unbounce support for more help.


UNLOQ Two Factor Authentication (2FA)

Last reviewed: Oct 08 2018

Issue: This widget does not work on this domain error message shown after deploying the UNLOQ Two Factor Authentication (2FA) plugin across environments on Pantheon. This is because the API credentials used on the original environment are being used on a new environment URL, which is not allowed by the plugin. This is by design.

Solution: Manually change unloq_credentials key in thewp_options table. Alternatively, you can re-create an application by resetting your plugin installation (deactivate, delete entries, etc.).

For an alternative 2FA plugin, see Secure Your Site with Two-Factor Authentication.


Unyson Theme Framework

Last reviewed: Oct 05 2018

Issue: The Unyson Theme Framework plugin has an internal extension system which installs additional files aside from the plugin itself. Some of those extensions have an additional .gitignore file that prevents it from being deployed to Test and Live environment. See this GitHub issue for more information.

Solution: When using these Unyson Extensions, manually delete the .gitignore files in the corresponding locations:

Page builder:

  • wp-content/plugins/unyson/framework/extensions/shortcodes/.gitignore
  • wp-content/plugins/unyson/framework/extensions/shortcodes/extensions/page-builder/.gitignore

WordPress Shortcodes:

  • wp-content/plugins/unyson/framework/extensions/shortcodes/.gitignore

Translate Press:

  • wp-content/plugins/unyson/framework/extensions/shortcodes/.gitignore

Events:

  • wp-content/plugins/unyson/framework/extensions/events/.gitignore

Brizy:

  • wp-content/plugins/brizy/vendor/twig/twig/.gitignore

Updraft / Updraft Plus Backup

Last reviewed: Jul 18 2022

Issue: Updraft can create large archives and cause issues with the tools in the Database / Files tab of the Dashboard. Refer to Backup Creation for more information.

Solution: Use the platform's automated backups from the Site Dashboard. Consider using a bash script if you want to access your backups and copy it to your own repository (for example, Amazon S3, FTP server, etc.). You can do this by:

  • Running the bash script in your local system

  • Using an external server

  • Using a service that runs cron jobs for you

Refer to the Access Backups documentation for more details.


Visual Composer: Website Builder

Last reviewed: Aug 27 2018

Issue: The Visual Composer: Website Builder plugin fails to download additional assets during the internal plugin activation procedure on Test and Live environments.

Solution 1: New sites, without existing Test and Live environments: If this plugin is installed and activated on a new site before the Test and Live environments are created, it will properly transfer all assets and database settings to the additional environments.

Solution 2: Sites with existing Test and Live environments: To activate the plugin on sites with existing Test and Live environments, define FS_METHOD.


WebP Express

Last reviewed: Apr 07 2022

Issue 1: WebP Express assumes write access to paths in the codebase that are read-only in non-development environments. The plugin uses is_dir to check for the path and a symlink to files/ does not resolve the issue.

Solution: Create a symlink for wp-content/webp-express in the wp-content directory and then run the following line of code:

 ln -s ./uploads/webp-express ./webp-express

Refer to the documentation on Using Extensions That Assume Write Access for more information.

Issue 2: Broken WebP images are served from the wrong directory.

Solution 1: Set the WebP Express settings for Destination Structure to Image Roots in /wp-admin/options-general.php?page=webp_express_settings_page and then clear the cache.

Solution 2: Use the Advanced Global CDN Image Optimization feature. This add-on has WebP auto-conversion at the edge, and is more performant than a plugin relying on PHP or WordPress.


Weather Station

Issue: The Weather Station plugin uses php-intl, which is not currently supported by Pantheon.


WooCommerce

Last reviewed: Jan 10 2018

Issue: For the WooCommerce plugin, the "batch upload" process can fail during large uploads. The platform has a 120 second timeout limit for scripts, and large upload processes can hit this limit.

Solution 1: The suggested workaround is to clone the site locally, import the items, then sync the database back up to the platform.

Solution 2: If you don't have a local copy, SFTP into any environment's wp-content/uploads folder and upload the CSV file that you wish to import. Under the advanced settings of the WooCommerce import, specify the exact path where you uploaded the CSV file and import from there:

Enter the path to the CSV on the Import products from a CSV file page

There is a feature request on WooCommerce's GitHub page for a WP-CLI import command which would be less prone to timeouts. To express your interest to the developers, click the thumbs up on the feature request.


Issue 2: A change introduced in WooCommerce 3.6.0 breaks template loading in environments with multiple application containers.

Solution: The issue and a few workarounds possible are described in this WooCommerce Issue We hope this issue will result in future code changes to WooCommerce so mitigations are not needed.


WooZone

Issue 1: The WooZone plugin checks WP_MEMORY_LIMIT, which defaults to 40MB, instead of ini_get('memory_limit'), creating this notice:

WooZone WP_MEMORY_LIMIT Error

Solution: Add the following line to wp-config.php:

wp-config.php
  define('WP_MEMORY_LIMIT', '256M');

Wordfence

Last reviewed: Jun 20 2023

Issue 1: Wordfence can't write configuration and log files to the codebase.

Wordfence assumes write access to several files in the codebase to store configuration and log files.

Solution: Prepare your environment before installing Wordfence with the proper symlinks and configuration files:

Wordfence Assumed Write Access Solution
Code:
Exports

This process uses Terminus commands. Before we begin, set the variables SITE and ENV in your terminal session to match your site name and the Dev (or Multidev) environment:

export SITE=yoursitename
export ENV=dev
  1. Set your Dev (or Multidev) environment to Git connection mode in the dashboard or via Terminus:

    terminus connection:set $SITE.$ENV git
  2. Clone your site's codebase locally if you haven't already. You can get the path to your codebase from the Site Dashboard:

    git clone ssh://[email protected]:2222/~/repository.git my-site
  3. Change your current directory to the location where the site's Git clone is stored:

    cd $SITE
  4. Navigate to /wp-content and check if the /wp-content/wflogs folder exists. If it does, remove it before you create the symlinks in the next steps:

    cd wp-content
    rm -rf wflogs
  5. Return to the root directory of the Git clone:

    cd ..
  6. Create the following symlinks:

    ln -s ../../files/private/wflogs ./wp-content/wflogs
    ln -s ../files/private/wordfence-waf.php ./wordfence-waf.php
    ln -s ../files/private/.user.ini ./.user.ini
  7. Open pantheon.yml and add a protected web path for .user.ini:

    pantheon.yml
    protected_web_paths:
      - /.user.ini
  8. Set the FS_METHOD to direct in wp-config.php.

  9. Commit and push the changes to the platform:

    git add .
    git commit -m "Prepare environment for Wordfence"
    git push origin master #Or Multidev branch name
  10. Create the empty files wordfence-waf.php and .user.ini to push to the site. In this example, we're using touch to create them in the /tmp directory:

    touch /tmp/wordfence-waf.php /tmp/.user.ini
  11. Connect to your environment over SFTP, create the required directories, and push the new files. You don't need to switch the environment back to SFTP mode, since you're not changing anything in the codebase. You can get the SFTP path from the Site Dashboard under Connection Info. Complete this step in Dev, Test, and Live Environments.

    sftp -o Port=2222 [email protected]
    mkdir files/private
    mkdir files/private/wflogs
    put /tmp/wordfence-waf.php /files/private
    Uploading /tmp/wordfence-waf.php to /files/private/wordfence-waf.php
    /tmp/wordfence-waf.php                           100%    0     0.0KB/s   00:00
    put /tmp/.user.ini /files/private/
    Uploading /tmp/.user.ini to /files/private/.user.ini
    /tmp/.user.ini                                   100%    0     0.0KB/s   00:00
    exit
  12. Set the environment connection mode to SFTP, then install and activate Wordfence. You can do both with Terminus:

    terminus connection:set $SITE.$ENV sftp
    [notice] Enabled on-server development via SFTP for "env"
    terminus wp $SITE.$ENV -- plugin install --activate wordfence
    Installing Wordfence Security – Firewall & Malware Scan (7.4.9)
    Warning: Failed to create directory '/.wp-cli/cache/': mkdir(): Read-only file system.
    Downloading installation package from https://downloads.wordpress.org/plugin/wordfence.7.4.9.zip...
    Unpacking the package...
    Installing the plugin...
    Plugin installed successfully.
    Activating 'wordfence'...
    Warning: fopen(/code/wp-content/wflogs/rules.php): failed to open stream: No such file or directory in /code/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 325
    Warning: flock() expects parameter 1 to be resource, bool given in /code/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 326
    Warning: include(/code/wp-content/wflogs/rules.php): failed to open stream: No such file or directory in /code/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 328
    Warning: include(): Failed opening '/code/wp-content/wflogs/rules.php' for inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /code/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 328
    Warning: flock() expects parameter 1 to be resource, bool given in /code/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 329
    Warning: fclose() expects parameter 1 to be resource, bool given in /code/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/waf.php on line 330
    Plugin 'wordfence' activated.
    Success: Installed 1 of 1 plugins.
    [notice] Command: wordpress-docs-testbed.waf5 -- wp plugin install [Exit: 0]

    You can safely ignore the warning messages.

  13. Navigate to the Wordfence plugin in the site's WordPress Admin and Resume Installation if prompted, or click CLICK HERE TO CONFIGURE. The plugin requires that you download .user.ini to continue. As this file is blank at this point, you can delete it after downloading.

Issue 2: Error connecting to the database.

Occassionally, when configuring the Web Application Firewall (WAF), it can result in an "Error connecting to the database" message, in which the Wordfence plugin generates a bad wordfence-waf.php file. This results in two problems:

  • __DIR__ is not providing the proper path for Wordfence
  • Wordfence cannot find your database credentials

Solution if __DIR__ is not providing the proper path for Wordfence: Modify Wordfence to use relative paths.

  1. Change the following code within wordfence-waf.php over SFTP from:

    wordfence-waf.php
    if (file_exists(__DIR__.'/wp-content/plugins/wordfence/waf/bootstrap.php')) {
        define("WFWAF_LOG_PATH", __DIR__.'/wp-content/wflogs/');
        include_once __DIR__.'/wp-content/plugins/wordfence/waf/bootstrap.php';
    }

    To:

    wordfence-waf.php
    if (file_exists('../../code/wp-content/plugins/wordfence/waf/bootstrap.php')) {
     define("WFWAF_LOG_PATH", '../../code/wp-content/wflogs/');
     include_once '../../code/wp-content/plugins/wordfence/waf/bootstrap.php';
    }
  2. Add Wordfence constants in between conditions in the wordfence-waf.php file. The file should resemble the following when complete:

    wordfence-waf.php
    // Before removing this file, please verify the PHP ini setting `auto_prepend_file` does not point to this.
    // This file was the current value of auto_prepend_file during the Wordfence WAF installation
    
    if (file_exists('/includes/prepend.php')) {
      include_once '/includes/prepend.php';
    }
    
      define('WFWAF_DB_NAME', $_ENV['DB_NAME']);
      define('WFWAF_DB_USER', $_ENV['DB_USER']);
      define('WFWAF_DB_PASSWORD', $_ENV['DB_PASSWORD']);
      define('WFWAF_DB_HOST', $_ENV['DB_HOST'] . ':' . $_ENV['DB_PORT']);
      define('WFWAF_DB_CHARSET', 'utf8mb4');
      define('WFWAF_DB_COLLATE', '');
      // Note the table prefix should reflect your WordPress application's table prefix. Update accordingly.
      define('WFWAF_TABLE_PREFIX', 'wp_');
    
    if (file_exists('../../code/wp-content/plugins/wordfence/waf/bootstrap.php')) {
      define("WFWAF_LOG_PATH", '../../code/wp-content/wflogs/');
      include_once '../../code/wp-content/plugins/wordfence/waf/bootstrap.php';
    }

Further Considerations with Wordfence: Utilizing data storage over files

If you experience degraded performance with Wordfence active, using Wordfence's data storage option might be appropriate. Modify wordfence-waf.php to include the MySQLi storage engine constant. Combined with the constants previously mentioned, the plugin will write to your database instead of your file system. If you do this, we recommend wrapping the constants in a condition that checks wp-config.php for a conflicting constant. The end result of your modified wordfence-waf.php should resemble the following:

wp-config.php
<?php
// Before removing this file, please verify the PHP ini setting `auto_prepend_file` does not point to this.
// This file was the current value of auto_prepend_file during the Wordfence WAF installation (Sun, 21 Nov 2021 23:40:56 +0000)

if (file_exists('/includes/prepend.php')) {
include_once '/includes/prepend.php';
}

if(! defined('WFWAF_STORAGE_ENGINE')) {
// define WF constants if not set in wp-config.php
define('WFWAF_STORAGE_ENGINE', 'mysqli');
define('WFWAF_DB_NAME', $_ENV['DB_NAME']);
define('WFWAF_DB_USER', $_ENV['DB_USER']);
define('WFWAF_DB_PASSWORD', $_ENV['DB_PASSWORD']);
define('WFWAF_DB_HOST', $_ENV['DB_HOST'] . ':' . $_ENV['DB_PORT']);
define('WFWAF_DB_CHARSET', 'utf8mb4');
define('WFWAF_DB_COLLATE', '');
// Note this table prefix should reflect your WordPress application's table prefix. Update accordingly.
define('WFWAF_TABLE_PREFIX', 'wp_');
}

if (file_exists('../../code/wp-content/plugins/wordfence/waf/bootstrap.php')) {
define("WFWAF_LOG_PATH", '../../code/wp-content/wflogs/');;
include_once '../../code/wp-content/plugins/wordfence/waf/bootstrap.php';

Advantages: Customers have reported improved file system performance without having to compromise on Wordfence's features.

Disadvantages: Due to the nature of the plugin, binary logs and insertion queries will increase. Performance gains in one area may be sacrificed in another.

How do I confirm I am using data storage with Wordfence?

You can confirm usage by navigating to the Wordfence menu within your WordPress dashboard. Select Tools, on the the Tools page click the Diagnostic tab. In the Diagnostic tab, below the Wordfence Firewal section, search for the "Active Storage Engine". This query will display either "File System" or "MySQLi". For this instance, choose "MySQLi". An additional table will be added called wp_wfwafconfig (assuming your table prefix is wp_) and queries will increase based on blocked traffic.


WordPress Download Manager

Issue: The WordPress Download Manager plugin wpdm-cache directory may grow excessively large with generated files.

Solution: We recommend that you research an alternative download manager plugin that fits your needs.


WordPress Social Login

Issue 1: The WordPress Social Login plugin attempts to access PHP native sessions before WordPress has been bootstrapped, which prevents the Pantheon PHP native sessions plugin from being called. This leads to a 500 error when authenticating with external services.

Solution: While not recommended, you can add the following lines to wp-config.php before the first call to session_start:

wp-config.php
if (defined( "PANTHEON_BINDING" )) {
  include_once( "/srv/bindings/". PANTHEON_BINDING ."/code/wp-blog-header.php" );
}

You will need to make this change every time the plugin is updated.

Issue 2: This plugin creates a session on every page, which can prevent page level caching.


WP Reset

Last reviewed: Nov 04 2021

Issue 1: Some features of the WP Reset plugin can not be used on the Pantheon platform. Features such a file reset and restore do not work because staging and production environments are immutable, and backups help with restore and data rollbacks.

Solution: Use an alternate plugin that resets the WordPress database to the default installation.


WP Rocket

Last reviewed: Oct 25 2022

Issue 1: As with other caching plugins, WP Rocket's HTML caching feature conflicts with Pantheon's page caching. The caching feature can be disabled to allow other features, like file optimization, media, etc. to be used side-by-side.

Solution 1:

  1. Set your development mode to SFTP.

  2. Install the WP Rocket plugin to the Dev environment by uploading via SFTP or from the WP dashboard.

  3. Install the helper plugin WP Rocket | Disable Page Caching to the Dev environment by uploading via SFTP or from the WP dashboard.

  4. Activate both plugins from the dashboard.

    WP Rocket will automatically make two changes as long as your environment is in SFTP mode.

  5. Commit both changes to your site's codebase. If your environment is in GIT mode, you'll need to make these changes yourself.

    • The following definition will be added in wp-config.php. This enables advanced caching capabilities.

      wp-config.php
      define('WP_CACHE', true); // Added by WP Rocket
    • The wp-content/advanced-cache.php drop-in file will be created.

Issue 2: WP Rocket assumes write access to read-only file paths in Pantheon.

Solution 2a: If you are running version 3.5 and higher, you can set a custom cache folder and config path:

wp-config.php
define( 'WP_ROCKET_CONFIG_PATH', $_SERVER['DOCUMENT_ROOT'] . '/wp-content/uploads/wp-rocket/config/' );
define( 'WP_ROCKET_CACHE_ROOT_PATH', $_SERVER['DOCUMENT_ROOT'] . '/wp-content/uploads/wp-rocket/cache/' );
define( 'WP_ROCKET_CACHE_ROOT_URL', WP_SITEURL . '/wp-content/uploads/wp-rocket/cache/' ); // Assumes you have WP_SITEURL defined earlier in the file.

Solution 2b: If you are runnning a version between 3.2 and 3.4, you can only set the cache path through constants.

  1. Create symlinks for the other paths.

  2. Make sure to manually create the folders below in ALL environments.

    files/cache/wp-rocket
    files/cache/busting

    or

    code/wp-content/uploads/cache/wp-rocket
    code/wp-content/uploads/cache/busting

Solution 2c: If you are running a version below 3.2, your only option is to upgrade the plugin to a newer version.


WPBakery: Page Builder

Last reviewed: Sep 14 2018

Issue: The Custom CSS and Design Options pages of the WPBakery: Page Builder plugin (?page=vc-custom_css, ?page=vc-color) try to create new files when saved. Due to problems related to incorrect FS_METHOD, files are not created or saved in the expected folder, wp-content/uploads/js_composer.

Solution: Define FS_METHOD.


WPFront Notification Bar

Last reviewed: Oct 20 2020

Issue: WPFront Notification Bar sends a set-cookie header in each response, which breaks caching on Pantheon's Global CDN. For example:

curl -I https://www.example.com
HTTP/2 200
cache-control: public, max-age=600
content-type: text/html; charset=UTF-8
link: <https://www.example.com/wp-json/>; rel="https://api.w.org/"
link: <https://www.example.com/wp-json/wp/v2/pages/47>; rel="alternate"; type="application/json"
link: <https://www.example.com/>; rel=shortlink
server: nginx
set-cookie: wpfront-notification-bar-landingpage=1strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-a-789d66bff9-tztp6
x-styx-req-id: 7f93c166-53fe-11ea-803e-b26d7703e33f
date: Tue, 20 Oct 2020 21:16:09 GMT
x-served-by: cache-mdw17356-MDW
x-cache: MISS
x-cache-hits: 0
x-timer: S1603228567.134579,VS0,VE2847
vary: Accept-Encoding, Cookie
age: 0
accept-ranges: bytes
via: 1.1 varnish

Solution: You can apply this patch to disable landing page tracking and fix caching.


WP All Import / Export

Last reviewed: Jun 15 2020

Issue 1: With WP All Import / Export,large batch processes can fail if they take longer than the platform will allow. See Timeouts on Pantheon for more information.

Solution: To avoid hitting a timeout, you can try:

  • Clean up temporary files

  • Lower the chunk size to fewer than 100 records:

    A screenshot showing the Chunk Size setting under Advanced Settings for WP Import All

  • Cron Processing Time Limit should be set not more than 50 seconds to be safe with the 59 second platform PHP timeout.

  • Set the plugin to only process 1 record at a time:

    A screenshot of the Iterative, Piece-by-Piece processing option under Advanced Settings for WP Import All

The optimal number of records to process at one time depends on how many post_metas and custom functions are associated with each post imported.

  • Instead of importing one large file, it is best to set it up as recurring cron import as outlined in WP All Import's documentation.

  • If this will be a recurring import, increasing this number may help speed the completion of the task.

  • For busy sites while doing recurring cron, you can add cron sleep of at least 10 seconds to free up some php workers on recurring cron imports.

Issue 2: Getting invalid file paths when importing / exporting on environments with multiple appservers like test and live.

Solution: Upload the import file directly to the plugin's designated writable path wp-content/uploads/wpallimport/files/. When creating a new import using existing file, the file uploaded should appear there as an option.

Issue 3: Upload count does not match the import file.

Solution: Under WP All Import Settings:

  • Check the Enable Stream Reader
  • Cron Processing Time Limit should be set not more than 50 seconds
  • Clean up temporary files
  • Lower the chunk size to less than 100

WP-Ban

Last reviewed: Feb 23 2021

Issue: WP-Ban returns a 200-level response code to banned IPs. These responses are cached and count towards Site Visits. In addition, the Pantheon Global CDN may cache the result as successful, leading future visitors to think they've also been banned.

Solution: See the doc on how to Investigate and Remedy Traffic Events for alternative methods.


WP Migrate DB

Last reviewed: Oct 17 2018

Issue: When using the WP Migrate DB plugin on Test and Live environments, the Compatibility settings cannot be configured because this feature requires write access to wp-content/mu-plugins. This issue prevents plugins from being included in DB exports and search-and-replace tasks.

Solution: The normal search-and-replace and DB export functions of this plugin work, but will leave all plugins disabled while in operation. If a specific plugin is required to remain active during the DB export and search-and-replace operations, add a filter for it as described in the plugin's debugging page.


WPML - The WordPress Multilingual Plugin

Last reviewed: Jul 28 2023

Issue 1: Locking an environment prevents the WPML - The WordPress Multilingual Plugin plugin from operating and returns the following error: It looks like languages per directories will not function.

Solution: Make the environment public within the Site Dashboard. For details, see Security on the Pantheon Dashboard.


Issue 2: When registering the plugin, accessing /wp-admin/plugin-install.php?tab=commercial returns "Sorry, you are not allowed to access this page".

Solution: Activate the plugin individually for each environment you want to use the plugin with, as it requires a separate key for each domain. Instead of clicking on Purchase a subscription or enter an existing site key, use the Configure WMPL button:

The Configure WMPL Button

You can also add the registration keys to wp-config.php:

wp-config.php
define( 'OTGS_INSTALLER_SITE_KEY_WPML', 'your-site-key' );

Learn more in the WPML Guide.


Issue 3: Your wp-admin becomes too slow or upon activating WPML String Translation plugin, you may see this error:

WPML String Translation is attempting to write .mo files with translations to folder:

/srv/bindings/***/code/wp-content/languages

This folder appears to be not writable. This is blocking translation for strings from appearing on the site. To resolve this, please contact your hosting company and request that they make that folder writable. For more details, see WPML's documentation on troubleshooting .mo files generation.

Solution 1:

  1. In wp-config.php, add the following above the line /* That's all, stop editing! Happy Pressing. */:

    wp-config.php
    if ( !defined('WP_LANG_DIR') ) {    
    	define( 'WP_LANG_DIR','/files/languages/wpml' );
    }
    if ( !defined('WP_TEMP_DIR') ) {
    	define('WP_TEMP_DIR', sys_get_temp_dir() );
    }
  2. Create a symlink for wp-content/languages pointing to wp-content/uploads/languages. See Using Extensions That Assume Write Access for more information.

  3. Create the languages/wpml directory inside /files for each environment.

  4. Define the FS_METHOD in the wp-config.


WP phpMyAdmin

Last reviewed: Jan 30 2024

The WP phpMyAdmin plugin is not supported on Pantheon and will not work correctly.

Alternative: Please see https://docs.pantheon.io/guides/mariadb-mysql/mysql-access for more information on accessing your database directly.


YITH WooCommerce Extensions with MPDF Library

Last reviewed: Mar 09 2023

Affected Plugins

Issue: Various YITH WooCommerce extensions use the MPFD library. This practice assumes write access to the site's codebase within the wp-content/plugins directory. This is applicable to the caching of PDFs, which is not granted on Test and Live environments on Pantheon. For additional details, refer to Using Extensions That Assume Write Access.

Solution: Change the location where the plugin stores the PDF cache. Configure YITH WooCommerce Request a Quote to write files within the wp-content/uploads path for WordPress (wp-content/uploads/yith-mpdf-tmp) by adding the following code sample to functions.php:

functions.php
/**
 * Changes PDF cache location for YITH WooCommerce extensions.
 *
 * @param array $args The configuration for MPDF initialization.
 * @return array The updated config with writable path.
 */
if ( ! function_exists( 'yith_mpdf_change_tmp_dir' ) ) {
   function yith_mpdf_change_tmp_dir( array $args ): array {
      $upload_dir      = wp_upload_dir();
      $upload_dir      = $upload_dir['basedir'];
      $args['tempDir'] = $upload_dir . '/yith-mpdf-tmp/';

      return $args;
   }
}

// Request a Quote
add_filter( 'ywraq_mpdf_args', 'yith_mpdf_change_tmp_dir', 20, 1 );

// PDF Invoice
add_filter( 'yith_ywpdi_mpdf_args', 'yith_mpdf_change_tmp_dir', 10, 1 );

// Gift Cards
add_filter( 'yith_ywgc_mpdf_args', 'yith_mpdf_change_tmp_dir', 10, 1 );

Yoast SEO

Last reviewed: Jun 12 2018

Issue: The redirects for the Yoast SEO plugin setting will detect two options for redirect methods, "PHP", and "Web Server". The Web Server option expects write access to the nginx.conf file, which is not writable on Pantheon.

Solution: Only use the "PHP" redirect method.


Yoast Indexables

Last reviewed: Jun 14 2022

Issue: Yoast Indexables can cause performance issues on large sites. Sites with 100,000+ posts might find that indexing the table with wp yoast index will time out. Sites might also see slow load times in both the frontend and wp-admin areas due to queries on the wp_yoast_indexables table.

Solution: Disable saving data to the wp_yoast_indexables table to improve wp-admin performance. However, if you have 1,000,000+ posts you might see extremely poor performance on the frontend with indexables disabled. Use the code below to disable data saving for Yoast indexables.

plugin.php
/** Tell Yoast not to save indexable data to the wp_yoast_indexables table. */
add_filter( 'Yoast\WP\SEO\should_index_indexables', '__return_false' );

Pantheon's Professional Services team has tooling available to help index large sites. Reach out to your Customer Success Manager to get more information about tooling.


YotuWP Easy YouTube Embed

Last reviewed: Nov 27 2019

Issue: The YotuWP Easy YouTube Embed plugin asks for SFTP credentials after installation.

Solution: Define FS_METHOD.


WordPress Themes

Self-Updating Themes

Several WordPress themes, including Jupiter, Nanosoft, and Uncode, present a form requesting FTP credentials in order to automatically update its components. This will appear on Dev, Test and Live environments and can be hidden with CSS, but is still present.

The form can be disabled by adding the following to wp-config.php, above the line /* That's all, stop editing! Happy Pressing. */:

wp-config.php
/** Disable theme FTP form */
define('FS_METHOD', 'direct');
define('FS_CHMOD_DIR', ( 0755 & ~ umask() ) );
define('FS_CHMOD_FILE', ( 0755 & ~ umask() ) );
define('FTP_BASE', __DIR__);
define('FTP_CONTENT_DIR', __DIR__ .'/wp-content/');
define('FTP_PLUGIN_DIR', __DIR__ .'/wp-content/plugins/');

Uncode

Last reviewed: Jun 19 2019

Issue: The Uncode theme throws a PHP Fatal error in its settings page for Dev's and Multidev's Git mode, Test and Live.

Solution: This theme assumes write access to theme folders wp-content/themes/uncode/core/assets/css and wp-content/themes/uncode/library/css for it to work properly in git mode. For additional details, see Using Extensions That Assume Write Access.


WordPress Functions

add_management_page()

Issue: For the add_management_page(), adding a submenu page to the Tools main menu using WordPress roles and capabilities that would read or write files to core, themes, or plugins, is not supported.

For example, the install_plugins capability isn't present on the Test or Live environment, therefore menus created with it will not display. For example:

hook = add_management_page( 'My WP Tool Page', 'My WP Tool',
  'install_plugins', 'mywptool', array( $this, 'admin_page' ), '' );

add_action( "load-$hook", array( $this, 'admin_page_load' ) );

This is because write permissions are restricted in Test and Live per the Pantheon Workflow.

Solution: You can use another capability such as read_private_posts instead.

The list of WordPress roles and capabilities that should not be relied upon include:

  • update_core
  • update_plugins
  • update_themes
  • install_plugins
  • install_themes
  • upload_plugins
  • upload_themes
  • delete_themes
  • delete_plugins
  • edit_plugins
  • edit_themes

wp_filesystem->get_contents()

Issue: With wp_filesystem->get_contents(), the function wp_filesystem->get_contents() can fail when an environment is in Git mode (as Test and Live always are) because it is aware of filesystem-level permissions which are restricted in this mode.

Solution: As described in this StackExchange answer, for cases where file ownership doesn't matter this function could be replaced with file_get_contents(). This is true of most cases where the file in question is only being read, not written to.

Other Issues

Plugins and themes will not work on Pantheon if they:

  • Require Apache.
  • Require customized .htaccess files.
  • Need to modify Nginx configuration files.
  • Require PostgreSQL or other non-MySQL compatible databases.