WordPress is well known for its stability, as well as the plethora of developers actively creating powerful plugins. However, there’s also a downside to WordPress. Sadly, many developers abandon their plugins and stop supporting them, so you may not even realize some plugins are hurting the overall health of your WordPress website.
Asking yourself: Are your WordPress plugins harmful or helpful? You aren’t alone! To find the answer, it’s important to do periodic plugin audits, before your website starts to lag or starts throwing 503 errors. We recommend doing an audit a few times a year whether you incur problems with your WP site, or not.
It’s important to make sure your current installed plugins are updated, working properly with not just other plugins but also with your WordPress theme. It’s also important if a plugin has not been touched by the developer in years, it might be a security risk and a great portal for hackers to enter and damage your website.
There’s Plenty to Review During a WP Plugin Audit
There are plenty of developers in the WP universe churning out plugins, and many support them, update them, and really devote themselves to taking feedback from users and improving them.
Other developers design, and dump. We’ve been around the block, and we know plugins get stale and end up obsolete. It might be time to look for an alternative one to replace what’s currently downloaded!
We also know the needs of a website owner change, so it might be time to find ones that fit a company’s needs in the here and now. Remaining relevant means keeping up with the evolution of website design, and that includes removing harmful plugins and keeping helpful plugins!
What to Do Before an Audit
Before making changes on your site, always perform a backup. Even if you have them automated, and downloaded to cloud storage, you always want to backup right before diving into a big project. It’s the best way to provide peace of mind – and allows you to really play without fear. Because, working on WP should be fun!
Having a recent backup provides freedom to do what you have to do without worrying about screwing up your livelihood. As we often say at Preflight WP “that’s what backups are for”.
After the backup is complete, look for these things during your WordPress Plugin Audit:
- Developers support them (if there’s an issue, they listen to users and provide fixes in a timely fashion).
- Updates are regularly released (old plugins are security risks, like little hacker portals).
- They work with your other plugins and theme (sometimes conflicts happen).
Once you’ve made it through the audit, and you are sure you have your backup files handy, go ahead and:
- Remove plugins that no longer serve a purpose on your WP website.
- Delete harmful plugins. Either find an alternative that’s updated, or if you don’t need it anymore, delete and move on.
- If the plugin is helpful, but isn’t performing as well as you would like it to, look around for an alternative.
Congrats, you’ve finished your first plugin audit!
Avoid Problematic WP Plugins
After years of working in WordPress, we know some plugins cause problems. Unfortunately, some of them can’t be avoided, but you can hold off on updating them until the “fixes” are published a few days after the initial update release. But a good rule of thumb when choosing which ones to install is avoiding WP Plugins:
- That allow file management directly in WordPress, as it opens more possibilities for third-party access to your file system.
- With forms that allow uploads you can restrict to only text, images, videos, or documents/PDFs because it unlocks a door that malicious uploads can walk right through!
Also be vigilant when downloading plugins for caching. Many plugins provide multiple tools. If the tools cover caching, there’s no need to download a separate caching plugin. It’s inefficient and can cause an inability to clear caching for newly changed content or design.
Maintenance can be overwhelming – and having seasoned pros on your side will make it a lot easier to focus on growing your business instead of handling the day-to-day operations. We’re happy to lend a hand!
WordPress Plugins We Recommend
In a sea of thousands of WordPress plugins, it’s definitely difficult to suss out the good from the bad, the safe from the dangerous. Understandable! We have a few we install on almost every project we develop and design, because they’re created by trusted programmers (and, truly do pack a lot of punch):
- UpdraftPlus: Your host company usually performs backups, but you should also have a way to do your own backups, too! UpdraftPlus is a powerful option that’s easy to use and well-supported!
- WP Rocket: Using this cache plugin to help speed up your website performance is your best option. If you have another plugin that incorporates caching amongst the other tools in offers, you can often turn off certain tools within a plugin allowing WP Rocket to run smoothly without competing with the other multi-purpose plugin.
- SolidWP (formerly iThemes Security): Tried and true security plugin providing exactly the right functionality with ease of use.
- Yoast SEO: It does have some issues when updating, but it is well supported and if you have a solid maintenance partner, you’ll always be taken care of.
- Redirection: Redirects are vital for a healthy website. 404s are terrible for UX and hurt a brand’s reputation online.
- WooCommerce: If you want to sell online, WooCommerce is a powerhouse and their development team is always working to improve their plugin integration.
As luck would have it, our team has a fantastic programmer who can make magic happen. As the co-owner of PreflightWP, I have a lot of ideas and my partner makes my visions come to life. So if you have an idea for your site, coding it straight into a child theme is a far better option than a plugin.
What to Know Before Downloading a Plugin
Owning, designing, maintaining, and understanding a WordPress website is overwhelming. Before you download any plugin, it’s important to dig into whether the plugin is supported by the developer. Support means they’re listening to users, updating the plugin, testing the updates before releasing the updates, and have a good plan of action if glitches happen. They didn’t just design it, and dump it into the repository.
Having WordPress professionals in your corner doing the day-to-day work frees you up to work ON your business, not IN your business!
