Pop quiz: How many WordPress plugins do you have on your WordPress website? Go look.
Got more than 4 plugins? More than 10? Did you know that every plugin lowers your site speed on Google SpeedTest by 3 points?
The best WP plugins can provide a magical experience – add features and functions to your WordPress site with just the click of a button.
And the WordPress plugin repository offers a seemingly endless treasure trove of options to extend your WordPress website and create a better experience for your users. Need help setting up your SEO? There’s a plugin for that. Want to feed your latest Instagram posts into your footer? Just search for a plugins, install and activate, right? Well, not so fast.
Not all WP plugins are healthy for your WordPress site, and too many “junky” plugins can really slow things down (beware the yucky WP plugin bloat). It’s important to pick your WP plugins wisely, because some can really hurt your site. They’re snippets of code authored by strangers, after all. The open source community that created and grew WordPress is largely wonderful, but it does require a roadmap.
Here’s a handy checklist to help you pick the best plugin for your WordPress site:
- Has it been tested with the current version of WordPress? Or at least, the version your site is running? How to tell what WordPress version your site is running >
- When was the plugin last updated? If it’s been more than 4 months or so, that might be a sign no one is manning the controls or keeping it up-to-date.
- How many support tickets are there? Has the plugin developer been replying? It’s always wisest to choose plugins that clearly have a team behind them, paying attention to the ever-changing security and code landscape.
- Does it have a good star rating? Plugins in the WordPress plugin repository are rated, just like restaurants on Yelp. Click through to read the issues reported by the best and worst reviewers just like you might before buying an Amazon mattress.
- Can it be accomplished without a plugin? The fastest sites are the leanest, and the web loves speed. Your site visitors are giving you 15 seconds, max. They don’t want to wait for a splashy graphics show with music – they just want you and what you have to offer.
- Will I remember to keep it up-to-date? Because nothing is more dangerous to the health of your WordPress website than an out-of-date plugin. Skipping updates leaves the back door open to hacks and other threats. Adopt a system or reach out for help, we’re here for you
Plugins also invite hackers and can wreck site security
According to Google’s Safe Browsing tool, hacking is on the up-trend, taking an unprecedented spike when the world shut down for the COVID pandemic in March 2020.
The thing is, hackers love plugins, and the nature of the open source WordPress community means that there are hundreds of poorly managed plugins out there that could literally invite hackers to your doorstop.
Google, in the data analysis, blames WordPress, citing stats that point a very clear finger at out-of-date and infected WP plugins:
“75% of [infected websites] were on the WordPress platform and over 50% of those websites were out of date. Many infected websites are attacked through old security vulnerabilities in just three WordPress plugins that have not been updated.”
By keeping your plugin list lean and light, and using only the most impactful and secure plugins to enhance your site, you can stay safe from hacks that will inject unwelcome content onto your site – or worse, crash it altogether.
So go review your plugin list again, and delete or uninstall and that you’re not actively using right now.
And if you have any of these known insecure plugins, delete those too, as they’ve recently been identified as unsafe for site security:
- Duplicator – WordPress Migration Plugin
- Profile Builder Plugin by Cosmoslabs
- Flexible Checkout Fields For WooCommerce
- Modern Events Calendar Lite
- and any plugin flagged as not tested with your version of WordPress!
You only get one launch
Make it count.
Do you have the right services set up for your site?
Learn to filter through the noise and focus on what counts.
Are you optimized for search engines with SEO?
Check off the easiest, no-nonsense fixes that have the biggest impact on your site’s search visibility.
Will your site look good on social and mobile?
I call out those can’t-miss things like social share previews, mobile responsiveness settings, and other best practices.