WordPress plugins add functionality and features to your website, but some hide malicious code or are no longer maintained by the creator. Choosing the wrong plugin can cause lots of problems with your website. You want to make sure the plugin you select works well, is safe, and will be maintained in the future.
Here are some quick tips on how to carefully select a plugin.
1. Review the ‘last updated’ information for the plugin
Plugins that are regularly updated mean that they are being well-maintained. If the date of the last update is more than a few months, this is a plugin to avoid installation on your website. Choose a plugin with frequent updates. You can check the Development tab for more information on updates and changes.
2. Check the number of active installations
When many people have installed a plugin, they trust it. I usually avoid using plugins that have low numbers of installations. In my opinion, the higher the number of installations, the safer the plugin is. Even if it is currently maintained, a developer may decide to abandon a plugin in the future if it doesn’t get wide adoption. This is another factor to consider when selecting your WordPress plugin.
3. Read the support inquiries for each plugin
At the top right of each plugin page is a button for Support. When you review these inquiries, here are a few questions to ask yourself: Is the author responsive to support requests and problems? Are support requests addressed relatively quickly? If you see recent threads on a support topic, that is a good sign that the plugin is maintained.
4. Read the review for the plugin
If most reviews are good for a WordPress plugin, even if there are a handful of negative reviews, that reflects well on the plugin. Of course, the more reviews there are, the better. If you see less than 10 reviews on a plugin, consider not installing the plugin. Also, if the reviews are dated years in the past, this might be a bad sign.
5. Check for known vulnerabilities
Before installing any WordPress plugin, you want to check for known vulnerabilities. At some point, most plugins will have one, but for active plugins, usually, it is quickly addressed and patched. However, checking this list by WordFence will help you determine if a plugin has been abandoned.
6. Make sure the plugin has been safely tested with the latest version of WordPress
If the plugin you are reviewing is one version behind, that’s not too bad. If it is more than one version behind the current WordPress version, it may be that the developer is no longer maintaining it.
Need help?
If you would like help with social media marketing, content creation, content marketing, email marketing, or web development for your Business, Chamber of Commerce, or Tourism Organization, get in touch with us today!
7. Is the WordPress plugin offered by a person or company that didn’t create it?
You can check this on the Development tab of the plugin page. This doesn’t always imply a problem, but it can be of concern in some cases. Weigh this against the other factors that you have reviewed before deciding on whether to install a plugin.
8. Check the Contributors and Developers List
As you work more with WordPress, you will get familiar with certain people who contribute a lot to plugins and core files. If that person or group is associated with a plugin, you can bet it is trustworthy.
If you don’t see any familiar names, click through to their author page and read up on them. You can see what other plugins and themes the developer has contributed to, their activity, how long they have been a WordPress member, and more. All this background can help you identify people producing high-quality plugins.
9. Use the WP Plugin Repository
The repository home page has divisions set up for Featured Plugins, Popular Plugins, Beta Plugins, and Block-Enabled Plugins. If you don’t know where to start, this is a good place. Looking through featured plugins and popular plugins can help you whittle down your selections by automatically meeting the criteria for #2 and #8 above.
If a plugin is in the WordPress repository, it has been vetted by WordPress. Plugins that have a security vulnerability, are outdated, or have other criteria may be removed from the repository. Using a plugin that is in the repository adds another layer of security for your selection of a plugin.
Summary
Be careful when selecting WordPress plugins to use on your website. Choose each one carefully by following the guidelines above to help you pick a reliable, secure, and useful plugin.