Note: all information will be transferred to

I can haz?

Is Git present?

Yes, SVN is also present (don't ask..)

Can I use SSH?


Is WP-cli present?

Yes, command is wp as well as wp-cli

Are exec(), system() and other system calls available?


My theme needs AJAX calls, but does not need all the plugins to be loaded

Read how to disable loading the plugins on an AJAX event:


Yes, WP_ENVIRONMENT_TYPE is available on our staging servers, set to 'staging'.

Is XMLRPC enabled?

No, it is disabled by default. See the .htaccess file _twice_ for the instructions to enable.

Rest/wp-json firewalling

Getting a 403 response ? Sent us: your _full_ : useragent, IP adress, domain, path. Before you do, check your home directory for managedwp_[date].txt logs. Do note that we block common bot user-agents such as curl or wget. Make sure your user-agent is human readable and unique.

I want to use my own logo for backend notices

Use the filter mp_get_logo

I want to hide your notices

Read how to filter the $is_dismissed boolean here:

I want to overwrite WP Core (wp-admin, wp-includes, twenty-x themes and so on), may I?

No you may not. We run, secure and update all WP Core files. Do not modify any WP Core file, it will be automatically overwritten.

Preview before going live

If your domain is domain.ext and hosted on server the preview url is so the syntax is : ${domain}${ext-without-any-dots}-w{$serverid}
Note that the WP domain setting has to be renamed by you, it is not set dynamically.
Also note that varnish caching is disabled on the preview url.

Disable email spam checks

We do automated word filters on outgoing mails via wp_mail. To disable, make sure that your plugin of theme de-registers these actions and filters:
add_action( 'woocommerce_checkout_process', 'mp_woocommerce_checkout_process' );
add_filter( 'gform_validation', 'mp_gform_validation' );
add_filter( 'ninja_forms_submit_data', 'mp_ninja_forms_submit_data' );
add_filter( 'avf_form_send', 'mp_avf_form_send', 10, 1 ); // Enfold
add_filter( 'pre_comment_approved', 'mp_pre_comment_approved', 10, 2 );
add_filter( 'wp_mail', 'mwp_wp_filter_mail' );
Or even whitelist your domain using define( 'MP_SPAM_EMAIL_DOMAIN_WHITELIST' , [ 'your.domain', ] );
Or .. stop all filtering ( except for IP blacklisting ) using define( 'MP_NO_MAILFILTER', 'true' );
Check the error logs for denied emails.

User our spam checks for custom code

Checks will return true if spam is found.
Check a website: mp_is_spam_website( $website );
Check a phone-number: mp_is_spam_phone( $phone );
Check an email-address: mp_is_spam_email( $email );
Check a name: mp_is_spam_authorname( $name );
Check generic text of email body: mp_is_spam_body( $body );

Disable technical text in password-reset mails

To disable, make sure that your plugin of theme de-registers these actions and filters:

How to opt out for auto plugin updates

Create a file named wpcli_ignore in your user homedir. Example: /home/myuser/wpcli_ignore

I need to see if you are blocking a request

Firstly check the full response headers. Next check the error log as we use error_log() on the webservers. In some places we use a wp_die(), preceded by an error_log()

Auto TLS for development

If your development server is vps052 and your domain is domain.ext ->

Auto clear all WooCommerce sessions older than 7 days

cd /home/myuser/public_html && wp-cli mp_wc clear_sessions >/dev/null 2>&1

Cleanup autoscheduler tables

cd /home/myuser/public_html && wp-cli mp_wc clear_actionscheduler >/dev/null 2>&1

I want your must-use plugins to use a subfolder of mu-plugins

Sure thing, hit us up and we will make it happen

Staging IP/DNS

Most of the times you will use *

Allow online PHP editor again

While we do not encourage this at all, add a define true for MP_NO_DISALLOW_FILE_EDIT in your wp-config

Deny IP via WP

Create an array in wp-config ( only here allowed ) with $mwp_block_ip_address as variable name. This will allow for proxy blocking.
Related: htaccess allow only, and
<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{HTTP:X-Forwarded-For} !^12\.12\.18\.1
  RewriteCond %{HTTP:X-Forwarded-For} !^12\.12\.28\.2
  RewriteCond %{HTTP:X-Forwarded-For} !^12\.12\.24\.3
  RewriteRule ^ – [F]

No REST for the wicked