VIP Go FAQ

Below you can find shorter answers, which don’t warrant a documentation page to themselves (see our documentation for VIP Go), to some frequently asked questions about VIP Go. If you cannot find what you need to know here, or by searching, please feel free to contact us and we’ll be happy to help.

What version of PHP is VIP Go running?

We’re running 7.2.x

Where do themes and plugins go on VIP Go?

This is covered in our documentation on the VIP Go Codebase.

Can we add third-party plugins and libraries/SDKs inside the plugins directory?

Yes. These still need to go through code review. Note that you can use git submodules where the source repository is public, but we do not support private submodules.

How does deploying code work?

This is covered in our documentation about the PR Review process.

Do static files (CSS, images, etc) auto-deploy like they do on WordPress.com VIP?

No, there is not currently any automatic deployment of files based on file type. We may add this in the future.

Can I use capital letters in file paths?

Yes.

How does file concatenation and minification work on VIP Go?

VIP Go will concatenate both Javascript and CSS code and also minify CSS code. If you minify files in your theme, you should also include the source files for code review.

How does setting permalinks work?

You can set permalinks normally. Permalinks do not get flushed on deploy, instead you can use our Rewrite Rules Inspector to flush the rewrite rules.

Can we use the “www” version of a domain, or do we have to use the non-www/root version?

You can use the “www” version of a domain (and the root/non-www version will also work). You can set up any needed redirects directly in the vip-config.php file for your website, or from within WordPress.

Please note “www” sub-subdomains are not supported at this time. If this is a critical requirement for your site, please get in touch with details.

When redirecting in the vip-config.php file, please omit the /cache-healthcheck? URI from your redirects. This URI is used by the VIP Go platform to check the health of your site, and a redirect response will cause issues with your site being served correctly. The code snippet below demonstrates how to avoid affecting the healthcheck when redirecting in the vip-config.php file:

if ( '/cache-healthcheck?' !== $_SERVER['REQUEST_URI'] ) {
// Put your redirects here, and they will omit our cache healthcheck
}

Can I get a SQL dump of my site?

You can log into VaultPress and get a SQL backup of your site. Note, it is required to remove the jetpack_options option before MySQL exports/imports into a local development or staging environment, otherwise this will create Jetpack issues on your production site.

How do I make a VIP Go site private and/or discourage search engines from indexing it?

We automatically add a Disallow: / robots.txt for sites using a go-vip.co domain, but otherwise do not handle blocking/managing access for private sites at a platform level. You’re welcome to include any plugins you want to use that meet your needs and that follow VIP code guidelines.

How do I enable sitemaps on VIP Go?

You can use the Comprehensive Sitemaps plugin (msm-sitemaps) or the Jetpack Sitemaps module.

Is there asynchronous job processing on VIP Go like there is on WordPress.com? What about asynchronous exports for large sites?

No, there are not currently any asynchronous job processing options on VIP Go – all cron calls will be processed in core WordPress. If you have a large site to export, please open a support ticket and we can perform that for you directly.

Can WP CLI commands be run on VIP Go?

Yes, please open a support ticket and we’ll be happy to run WP CLI commands on your behalf.

Can I tailor the new user signup flow?

Yes, because each VIP Go site is a standalone install of WordPress with its own database, including the user table, VIP Go site owners are able to configure their own signup flow as they require.

How do scheduled jobs (Cron) work on VIP Go?

Scheduled jobs on VIP Go use the WP Cron API provided by WordPress core. The cron jobs are initiated and regulated via the WP Cron Control plugin, and you can read more in our article on our VIP Cron infrastructure.

How does SSL/HTTPS work on VIP Go?

A VIP Go site must have an SSL certificate installed in order to be active. Because every site uses a custom domain for both the front-end and admin area, and because we want each site to have a secure admin area and login process at minimum, SSL is a requirement. Read more about SSL on VIP Go.

Does VIP Go support HTTP/2?

Yes. HTTP/2 is supported and enabled for all sites hosted on the WordPress.com VIP and VIP Go platforms. HTTP/2 requires that SSL be enabled to work. We currently do not support the server push functionality of the HTTP/2 specification.

Can we have access to the filesystem to support a build process?

No. We support a build process that does not require filesystem access by allowing you to deploy from a built branch on your repo. Read more about setting up automated build and deploy processes on VIP Go.

Does VIP Go have the “protected embeds” feature from WordPress.com?

No. The WordPress.com VIP protected embeds feature is specific to that platform. On VIP Go there are two alternatives: (1) convert your protected embeds to their standard HTML equivalents (we can help with this) and build shortcodes into the theme as needed (probably the safest option) or (2) implement your own protected embeds style solution for your site (here is a plugin used by some VIP Go clients for doing this).

How can I enable Query Monitor on my site?

Query Monitor (QM) is available by default and you can add the view_query_monitor capability to any role that should have access.

In addition to this, you can set an authentication cookie which allows you to view Query Monitor output when you’re not logged in (or if you’re logged in as a user without the view_query_monitor capability). See the bottom of Query Monitor’s output for details.

User Security Best Practices

We encourage all users on VIP sites to follow best practices when it comes to securing their devices, accounts and access to VIP tools. Two-factor authentication is required for all users with the ability to publish to a VIP site and we also recommend following at least these basic steps:

  1. Set a login password for all user accounts on your computer.
  2. Set a complex (more than 4 character) passcode to unlock your mobile devices. Do not use fingerprints or patterns.
  3. Enable a screen saver that activates after a short period of time and requires a password to turn off.
  4. Use only strong passwords. Never use the same password in more than one place.
  5. Use a password manager such as 1Password or LastPass.
  6. Never put passwords in text documents, Google Docs, intranet pages, post-it notes or other unencrypted forms of storage.
  7. Use two-factor authentication for any services that support it, including WordPress.com accounts, Google apps such as Gmail, Dropbox, Twitter, Facebook, Github, iCloud, LinkedIn, PayPal and others. Do not store 2FA backup codes anywhere online.
  8. Turn on device locating services such as “Find My Mac” for Apple laptops or “Find My iPhone” for iPhones.
  9. Encrypt your computer’s hard drive, and make sure any backups are encrypted too.
  10. Install and run anti-virus software with the latest virus definitions.
  11. Enable your computer’s firewall.
  12. Ensure that your home and office network routers are running the latest firmware and aren’t using default passwords.
  13. Be suspicious of any unusual requests to share sensitive information, such as usernames, passwords or other personal data. Report any such requests and “phishing” attempts.
  14. If working in public, use a privacy screen to prevent your activity being seen.

If you have any security-related questions about your WordPress.com account, your VIP site or any related service, please contact us via support ticket.

Ready to get started?

Drop us a note.

No matter where you are in the planning process, we’re happy to help, and we’re actual humans here on the other side of the form. 👋 We’re here to discuss your challenges and plans, evaluate your existing resources or a potential partner, or even make some initial recommendations. And, of course, we’re here to help any time you’re in the market for some robust WordPress awesomeness.