They are not trying out nerdy pick-up lines (or if they are, I have missed the signals in my eagerness to get to the camembert). What they are talking about are programs that add extra capabilities to your WordPress site.
WordPress is like grown-up Lego. You have your core program, and then you add bits onto it to give it extra functions. These extra bits are called plugins.
There are plugins for every possible feature you may need, as well as a stack of features you never could think of a need for (… random strings of text from the musical Hello Dolly anyone?)
If you go the WordPress plugin directory, you can lose yourself for hours scrolling through the 48,636 free plugins on offer. Many developers also offer paid plugins for sale outside the WordPress directory that have additional features that can’t be found in a free plugin.
How to Choose the Best WordPress Plugins for Your Site
Before you race off and act like a kid in a candy shop with all this free stuff, take a step back and run a few checks.
While plugins add functionality, each one that you add provides a potential additional access point to hackers into your site.
I think of each plugin as a key to your house that you have handed to someone. Keep your plugins on your site to the absolute minimum to deliver the functions that you need, and delete any plugins that you aren’t actively using.
You need to run a few checks before installing your plugin
- Check if WordPress has any warnings at the top of the page about the plugin. WordPress mainly highlights if the plugin hasn’t been updated for a while.
- Check the last updated date. Any plugin that hasn’t been updated in over a year is questionable.
- Check the number of downloads. Only a handful of downloads is not a good sign. In this instance, you want to hang out with popular plugins as it is more likely that the popular plugin will have bugs ironed out quickly. Don’t be a guinea pig for plugins!
- Check the version of WordPress the plugin is tested against. You want your plugin to be tested against the current version or a very recent version of WordPress. If it is out of date, then it is unlikely to work the way you expect and is more likely to be targeted by hackers.
- Check the ratings and reviews. I read all the one-star reviews to see the problems that people had with the plugin, and if I could expect similar problems.
- Check out the support forum. You want to see that any problems people have are actively being responded to. While the plugins are free and the developer is under no obligation to answer questions, you want to see a decent level of support.
(Note: The illustrative images come from the new WordPress Directory Layout and not the old version).
What a Good Plugin Looks Like
Plugins can slow your site down, and slow loading sites are silent sites.
Some plugins slow your site more than others. I usually run a speed test on the website before and after installation. If the plugin slows the site down too much, then I delete it. Other things that slow your website down are
Want to run a speed test on your website? Pingdom offers a simple, free test that doesn’t need any sign-up details. https://tools.pingdom.com/
Not all plugins are created equal. Some have a dark streak where they take all your and your client’s data from your website and share it without your consent to other providers. Others seem to be more vulnerable to hacks that alternative plugins.
You need to know what is on your website and keep informed about potential problems and how to fix them. In some instances, all you need to do is to keep the plugin updated to fix any vulnerabilities, in other cases you need to find an alternative plugin.
An excellent source of information about plugins and their problems is my colleague MaAnna from BlogAid. Get onto her mailing list and stay up to date with breaking news and changes in WordPress.
5 Essential Small Business Plugins
I have a list of essential plugins that go onto every website I build or maintain.
Wordfence is a premium security plugin, and it is the first plugin I install and configure on every website before doing anything else. I then run a scan to identify any problems with the site and resolve those issues before going any further. While the free version is brilliant, I recommend the paid version. (Here are the Wordfence security settings I recommend to configure).
Every now and again, a plugin update goes feral and breaks your site. WP Rollback allows you to roll back the plugin to the earlier version and get your site back up and running.
This is a nice simple plugin that hides your email address from bots. It won’t stop humans from manually writing down your email address and sending you their latest scam, but it stops all the mechanical scrapers.
Check out this article to stop your contact form from being used by spammers.
Yoast SEO is the number one SEO plugin to help you optimise your site’s SEO. There are paid upgrades and
You want your Google tracking code to be in place on your website and effectively tracking all your site visitors. This plugin allows for easy integration with your Google Analytics account and basic reporting from within your WordPress dashboard.
Favourite specialist paid plugins
Digital Products: I use Easy Digital Downloads as my preferred eCommerce plugin for delivering ebooks and digital products. The user manuals are very confusing, but the actual system is brilliant.
Caching & Performance. I use WP Rocket.Affiliate link: Which means if you purchase anything I will receive a small commission. Thanks for your support. It makes your site lighting fast and has a host of inbuilt performance tweaks to keep your WordPress database clear of crud (although nothing can save your site from images that have not been compressed!).
If you use a free WordPress plugin and love it, remember to give the developer a 5-star rating in the WordPress store in thanks. Also, consider making a donation to the developer to help them maintain the plugin into the future.
No matter how great the plugin, all plugins need care and maintenance. I pop in a few times a week into every site we maintain to check if any plugin needs updating and to run the updates. It is not time-consuming, but it is an essential task that must be done to reduce the risk of hackers using out of date plugins on your site to gain access.
I also do a plugin audit a few times each year, to ensure that all the plugins on our sites are still being maintained by the developer and that there are no better options available.
After all, your website is the most important piece of your online marketing. All your online presence leads back to your website.