WordPress Plugins: How to Choose Good Plugins
Choosing good WordPress plugins is essential – they are the most often used route to compromise a WordPress installation, so using plugins which are safe, well maintained and efficiently coded are essential to the safety of your website.
When choosing a plugin for a particular task, check the number of reviews, the average review score, that the plugin is considered safe to be used with your version of WordPress – and that it was updated in the last 2 years. Any plugin that has been ‘abandoned’ by the developer should not be used.
Any plugin that has got a lot of low scores (1-2) in the last year should also be discarded. Plugins which are ‘premium’ – or paid for, are not always the best options. Some are difficult to upgrade, some don’t notify you that there are updates for your plugin, and some are just expensive versions of free plugins.
Plugins by task:
Social Media Integration:
- MailChimp for WordPress – Free Plugin
- Constant Contact for WordPress – Free Plugin
- aWeber for WordPress – Free Plugin
- – alternate aWeber Plugin – Free Plugin
- MailPoet Newsletters – Free Plugin
- Contact Form 7 – Free Plugin
- Fast Secure Contact Form – Free Plugin
- Gravity Forms – a paid, but very powerful forms plugin
- Wordfence Security – Free Plugin with Paid Pro Version
- iThemes Security (formerly Better WP Security) – Free Plugin with Paid Pro Version
- Login Lockdown – Free Plugin
Search Engine Optimization – SEO
- WordPress SEO by Yoast – Free Plugin with Paid Pro Version
- That’s it for SEO – the others aren’t as good – we’ve tried them all.
Do the community a favor – take 5 minutes to write a review + rate a plugin. You may find great plugins, but without community feedback, the whole system falls apart.
The most important part of using plugins, is to keep them up-to-date – if there is a release from the plugin provider, please review the RELEASE NOTES. If those notes mention security, XSS, exploit, ‘issue’ – something that sounds remotely SECURITY related, please backup your site, update the plugin, and then test the site (including the plugin functionality).
If this seems like a lot of work, that’s because it is. WordPress is not a ‘set-it-and-forget-it’ – the strength of open-source, is also a double-edged sword. Exploits happen, so make sure your plugins get updated and avoid that pitfall. If this still seems like a lot of work – contact us – we can offer Managed WordPress Hosting – where we will take care of your site backups, and plugin updates for you!