WordPress plugins (a.k.a. extensions) are probably the best thing about WordPress.
Its ecosystem wouldn’t thrive without the sheer amount of available plugins, both free and premium. If you need something in WordPress, there is probably a plugin for it.
However, not all plugins are made equal and sometimes they can do more harm than good if you are not careful which ones you are using and in what configuration.
In this post, we’ll learn the right way to choose WordPress plugins and how excessive and reckless usage of them can damage your website.
How to Choose WordPress Plugins Effectively?
Stick with the popular ones
Popular plugins tend to be better maintained and coded and receive bigger support from the community.
Lesser known plugins come with higher risk and uncertainty, so whenever possible, try to stay away from them, and only use the ones with many downloads and reviews.
Download plugins from trusted sources only
Try to always download your plugins from the wordpress.org website. If the plugin you’re looking for is available on another website, make sure it is trusted and secure.
I would say sites on this list are pretty safe:
Keep them up-to-date
Now that WordPress comes with an auto-update feature for plugins, don’t feel afraid to use it.
This feature will update your plugins automatically whenever a new update is available.
If you are actively managing your website and making backups regularly, there is nothing you should worry about.
WordPress will even send you an email to notify you in case of a PHP error.
Premium is not always better than free
A plugin that has a price tag is not necessarily better than the free alternatives.
Premium plugins are usually packed with more features and come with better support and documentation.
But for most cases, the free ones will work just fine.
A 30 day moneyback guarantee is a blessing
Many WordPress sellers nowadays offer a 30 day moneyback guarantee. Don’t feel ashamed to use that to your advantage as long as you don’t break any laws or do it intentionally to get the plugins for free. If you buy a plugin and it’s not working for you, I think it’s OK to request a refund.
How Reckless Usage of Plugins Can Damage Your Site?
Easy to exploit and spread malware
Frankly, this is not an issue exclusive to plugins. WordPress themes also suffer from the same problem.
Since the PHP code is fully accessible. It is very easy to inject malicious code in a legit plugin and re-distribute it on sites and forums online usually for free but with a catch; By installing such a plugin on your website you open the door for an attacker to gain admin access to your site, or redirect incoming traffic to his website, just to name a few.
Bad code all over the Internet
Aside from the most popular ones with a large development budget, most plugins are developed by small teams or solo developers. These developers maybe don’t have the time or the budget to optimize their code and test it thoroughly or maybe they are just accustomed to writing poor code.
You don’t need 100 plugins
Do you really need 100 WordPress plugins active at the same time? You only need a couple of wisely-picked plugins that are truly required.
Or you can hire a developer that will integrate all the functionalities you need into a custom plugin or theme and choose the necessary plugins for you.
The more plugins you install, the more trouble you will have in the future. Aside from the performance hit of course.
What works now is not a guarantee that it will keep working in the future so choose your plugins wisely.
But they are inactive… What harm can they do?
Even if a plugin is not currently active, it’s still can cause an issue if it gets exploited by an attacker or a malicious code. Especially outdated plugins.
If you don’t need that plugin, delete it. Your website will thank you for it. Also, you can re-upload it if you ever needed it again.
Too many plugins serving the same purpose is not a bad thing, it gives the user the freedom of choice. However, this sometimes can cause a headache when picking a plugin among 100 alternatives.
This is like buying a gaming console at the end of its life cycle. There are simply too many games to choose from for every genre and style. Sorry I couldn’t find a better example!
Because there are too many plugins to choose from you may end up choosing the wrong ones or nothing altogether.
Many are just a shameless cash grab
How many times did you install a plugin just to be greeted with a welcome page with a huge “Buy now”, or “Go premium” button? Happens so often I know.
Don’t get me wrong, I am not against selling WordPress themes and plugins. Heck, I have done it myself (check my themes and plugins).
But when the plugin itself is just a flashy ad that’s when I would say its author took it too far.
What makes WordPress very powerful is the ability to extend its core features or add new features to it via themes and plugins.
However, this is a double-edged sword as the same plugins that help WordPress become the site-building tool we all love and use today, can be its downfall. At least the instance you installed on your server!
So always think twice before installing any plugin on WordPress.