[wp-trac] [WordPress Trac] #25137: Enable safe mode to run WordPress without loading plugins
WordPress Trac
noreply at wordpress.org
Mon Aug 26 04:31:04 UTC 2013
#25137: Enable safe mode to run WordPress without loading plugins
-----------------------------+------------------------------
Reporter: knutsp | Owner:
Type: feature request | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Plugins | Version: 3.6
Severity: normal | Resolution:
Keywords: dev-feedback |
-----------------------------+------------------------------
Comment (by knutsp):
Replying to [comment:6 toscho]:
> Safe mode should run a default WordPress. Especially security plugins do
strange things sometimes, they might be the reason for a broken site.
They certainly do. As some sites rely on some security enhancements, like
admin lock down for a period, we must not allow this to bypassed without
some strong, secret key.
> How it could work: the user sets a secret URL parameter in the back-end
to enable safe mode.
A long, secret parameter value seems best. No plugins loaded while this is
in place and verified, except mu-plugins. Admin users are advised to
bookmark this "safe mode" URL, after install or upgrade. When a user is
logged in with this parameter key/value present, and has the right
capability, all plugins are immediately deactivated, with a message and a
visit plugins page link.
This could even be enhanced through a two-step procedure. Step one is a
request for the secret URL to be emailed back to the admin user, in case
he has forgotten to bookmark it. This would have to happen outside of the
admin, but with username/password, through a `wp-get-safe-mode-url.php`,
and with no other indication of success rather than the email silently
being sent.
New features as plugin first.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/25137#comment:8>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list