Why is a WordPress Plugin with no Description Installed on my Client’s Site?

Whenever I have a client with an existing WordPress site, the first thing I do is a site assessment.

Where I review the settings, configuration, security and backup services, plugins, and theme for the website.

I document the information for myself as well as my client, so we both have basic knowledge of the site.

For a recent client with an existing WordPress website, I discovered a plugin that had me troubleshooting what the plugin was about.

The plugin had no:

  • Description
  • Link to the plugin site
  • Default options to delete or update

Listed in the “Must Use” plugin section, the only info I found was the names of the plugin developers.

My client told me their site was created by a developer two years earlier.

But my client never received any website documentation on how the site was developed.

And my client no longer had contact with their developer.

So I didn’t have any background on the plugin.

With the SSO name of the plugin, I suspected it was related to single sign-on, but I wasn’t sure.

Off I went to search online for the plugin, using the author’s names to narrow my search. Read on to learn what I discovered.

What I Learned about the SSO Plugin

Surprisingly, I found info about the plugin in the support files for the codeforum-sso plugin, a no-longer maintained WordPress plugin in the official repository.

As of March 2022, codeforum-sso hasn’t been updated for the past three major WordPress releases.

I expect the plugin (and the support topic) will soon be removed from the repository.

Which is why I want to document the info before it’s deleted.

A support topic started in 2018 by a user of the code-forum-sso plugin asked specifically about the SSO must-use plugin.

I’m not sure why the support topic wasn’t removed, since the question had nothing to do with the codeforum-sso plugin.

I read the various threads in the support topic and learned the SSO version 0.3 plugin was originally developed by Garth Mortensen.

From Mortensen’s February 2019 reply in the support forum:

Hi, I’m Garth Mortensen.

I wrote this plugin years ago when I worked at Bluehost. Since I haven’t worked there for years, I don’t know if the plugin code has changed or not, but when I wrote it, it’s sole purpose was to allow someone to login to their WordPress site from the Bluehost control panel. That’s it. It had nothing to do with updating sites.

I don’t know what the current process is, but last I knew it was completely safe to remove the plugin. However it would be reinstalled if you ever used the WordPress section of the Bluehost control panel.

Like I said, I have no clue how things currently work.

I appreciated the explanation.

Except.

It didn’t explain how the plugin was installed on my new client’s site.

My client doesn’t use Bluehost for web hosting.

And never has.

My guess?

The original developer of my client’s site may have created the site on a Bluehost test server.

When they migrated my client’s site to the different web host, the developer didn’t remove the SSO must use plugin.

Who knows?

I removed the plugin from the mu-plugins folder in my client’s WordPress installation.

Summary

Troubleshooting plugins installed on a new client’s WordPress site is part of the job of managing the client’s website.

Discovering a plugin with no description, link to the plugin site, or default options is worth taking the time to investigate.

If you discover the SSO must use plugin on your WordPress site, or a site you’re working on, confirm whether it’s been installed by the web host.

And learn whether the plugin is still being maintained.

Be aware, it’s not uncommon for web hosts to have single sign-on options on the web hosting dashboard.

Photo of author

About the Author

Deborah Edwards-Oñoro enjoys birding, gardening, taking photos, reading, and watching tennis. She's retired from a 25+ year career in web design, usability, and accessibility.

2 thoughts on “Why is a WordPress Plugin with no Description Installed on my Client’s Site?”

  1. Thanks for the article. Trying to uninstall it for the same reason, migrated form bluehost to my server. Can I just delete the file in mu-plugins folder?

Comments are closed.