If your website was your phone, then WordPress plugins are your apps. Straight out of the box, a WordPress website has limited functionality. Plugins are powerful applications that are used to expand and enhance the functionality of your website.
According to WordPress.org, there are close to 50,000 plugins that have been developed to date.
Some plugins can enhance the experience for your visitors by adding interactive elements such as contact forms, event booking calendars, newsletter signups, photo galleries, shopping carts, and much more!
Other plugins are used to improve your website’s security, enhance its performance and schedule nightly backups.
That’s great! But how do we know which plugins are safe to install?
While it’s very tempting to start installing plugins without a second thought, you need to be aware of the dark side of plugins!
Some plugins can actually break your website. An old plugin that has not been updated in some time may not be compatible with your version of WordPress. If installed, an incompatible plugin can bring your website down to its knees!
More importantly, plugins can be used by hackers to compromise your website. Sitelock, a leading website security company, recently discovered a malicious WordPress plugin that was disguising itself as a legitimate SEO (Search Engine Optimization) plugin. Without going into the technical details, the fake plugin provided backdoor access that allowed the hackers to run malicious code from your website.
Tips for Safely Installing WordPress Plugins
So how do you know which plugins are safe to install and which ones to steer away from?
1) Compatibility Check
The first criteria to consider when evaluating a WordPress plugin is whether or not the plugin is compatible with your version of WordPress.
Consider for example, a search for a “database backup” plugin.
The results shown above are for the top two plugins that provide backup for the WordPress database. One of them was updated 4 weeks ago and the developer indicated that plugin is compatible with the version of WordPress installed on the website.
The 2nd plugin was updated 6 months ago and the developer has not tested their plugin with our version of WordPress. This is not to say that the plugin will not work on your website.
But why risk it?
When you have plugin options that provide the same functionality, it’s safer to pick the one that is listed as “Compatible with your version of WordPress”.
2) Number of Active Installs
Active installs refers to the number of websites a plugin is currently installed and activated on. Take a look at the search results we get when we search for “WP SEO”:
Yoast SEO, a very popular plugin for search engine optimization currently has over 1 million active installs. Meanwhile, WP Meta SEO only has around 20,000 active installs.
WP Meta SEO may be a very good WordPress SEO Plugin. It is possible that the reason they only have 20,000 installs is because it is new to the market.
However, this also means the plugin with 1 millions installs has been around longer and had the opportunity to fix any bugs or issues that users have found in the plugin.
3) User Reviews
In our example of the SEO Plugin in the previous section, active installs might not have been enough to help us decide which plugin to install. After all, 20,000 active installs is still a lot of installs.
That’s when we turn our attention to the reviews submitted by the users.
The first thing to compare is the number of reviews submitted and the average rating. It’s safe to assume a plugin with lots of reviews and a high average rating generally has a lot of satisfied users.
To read the actual reviews, click on the plugin’s name. This will open a window showing all the details about the plugin. Now, click on the Reviews tab to see a list of the most recent reviews.
It’s a good idea to spend a couple of minutes reading through some of the reviews to see what people are saying and the type of problems they have encountered.
4) Plugin Documentation
Finally, be sure to look for detailed documentation before you go ahead and install the plugin.
The last thing you want is to install the plugin, get stuck setting it up and not have access to any documentation or instructions to help you figure out the issue.
A good developer will usually provide documentation directly in the plugin’s description area.
Take a look at this popular Contact Form plugin:
The developer of the plugin provides a detailed description of the plugin and includes links to the their documentation and FAQ section on their website.
Having detailed documentation and answers to frequently asked questions will help put your mind at ease in case you run into problems when installing and using the plugin.
5) Install Only What You Need
Your website is not a testing ground. Only install plugins you need to accomplish the functions necessary by your website. The fewer the plugins, the less chance there is something to go wrong. Not to mention, fewer plugins generally mean a faster website.
Start by evaluating what your website’s objectives are and who your target audience is.
Do you need an eCommerce plugin when you’re not selling products on your website? You might have purchased a theme that came bundled with the popular wooCommerce plugin. If you don’t plan on selling any products online, then go ahead and remove the plugin.
How To Uninstall A Plugin
Note: Before you start uninstalling plugins, make a backup of your website in case you accidentally remove a plugin you actually need. If you’re not sure, contact your web developer first.
Step 1: Deactivate the Plugin.
You will first need to login to your website. Once logged in, click on the “Plugins” link in the main navigation menu (that’s the column on the left side of the screen). This will open up a screen with a list of the installed plugins. Scroll down the list to find the plugin you wish to remove.
Now click on the “Deactivate” option that appears below the name of the plugin.
Step 2: Delete the Plugin
Deactivating the plugin does not completely remove it from your website. When you deactivate a plugin, WordPress will stop loading its files on your website, and its functionality will stop to work. However, the plugin itself and its associated files are still installed on your website.
When you deactivate the plugin, the page should have reloaded and scrolled back to the top. Scroll back down to the plugin you deactivated in step 1, and click on the “Delete” link that now appears below the plugin name. This will completely remove the plugin from your website.
There you have it! WordPress plugins are great apps that can add a lot of great functionality to your website. When looking for a plugin to install, make sure to check the plugin compatibility with your version of WordPress, check the number of active installs, read the user reviews and spend some time reading the developer documentation. If you follow these simple instructions and pay attention to the details associated with every plugin, you should be able to safely enhance the functionality of your website without risking breaking your site.