The plugin ecosystem is one of WordPress’ major strengths. The free repository contains plugins that meet almost any need a WordPress site owner might have, and there is a thriving market for premium plugins. Without its diverse selection of plugins, it’s doubtful that WordPress would have achieved the astonishing popularity it enjoys today, but not all plugins are equally great and inexperienced WordPress users need some guidance when it comes to finding and choosing the right plugins for their site.
Don’t get me wrong, there are thousands of high-quality plugins created by dedicated developers available to WordPress site owners, but there are also lots of badly coded, out-of-date, and downright dangerous plugins out there.
Finding The Right WordPress Plugins
The Free Plugin Repository
Your first port of call should always be the WordPress Plugin Repository. The vast majority of high-quality free plugins are can be found there, but it doesn’t follow that every plugin in the repository is worth having. You can be sure that they don’t contain malware, but a presence in the WordPress repository doesn’t guarantee much else, so you will need to sanity check plugins before installing them.
Fortunately, most of the information you need is on the plugin pages.
You should pay attention to the following information:
- Has the plugin been updated recently? Half of the plugins in the repository haven’t been updated in the last two years. Old plugins may have numerous problems, including unpatched security vulnerabilities and incompatibilities with recent versions of WordPress. If the plugin doesn’t appear to be actively maintained, find an alternative.
- Is it compatible with your version of WordPress? As WordPress Core is updated, its API and other functionality that plugins rely on may change, creating incompatibilities. If the plugin is lagging behind your version of WordPress by a minor release, it might not cause obvious problems, but it’s probably better to wait until it’s updated.
- Does it have positive ratings and reviews? Plugins in the repository often have star ratings and reviews attached. Pay attention to what other users are saying.
- Is it popular? This isn’t always a good measure, but if a plugin has been in the repository for several months and only three people have installed it, be wary. With a huge userbase popularity is a good heuristic unless the plugin in question serves a very narrow niche.
Plugins Outside Of The Repository
Premium plugins are available from various marketplaces and direct from developers. Outside of the repository, you have almost no protection, so you should be especially careful about what you install.
Make sure that the plugin developer is trustworthy; check out reviews of their plugins and the support services they offer.
Avoid pirate plugins like the plague — they frequently contain malware. If you find a premium plugin offered for free, you take a big risk installing it. Hackers love to have WordPress users install their malware for them, and pirate premium plugins are a great Trojan Horse. This issue is complicated somewhat because most premium plugins are published under the General Public Licence, which makes it legal for third-parties to take the plugins and redistribute them for free, and some developers are making a “legitimate” business out of this process. It’s a controversial practice, and unless you know what you’re doing, it’s best to get plugins from their developer.
That said, I don’t want you to be discouraged from using premium plugins. Developers like Pippin Williamson, the team at Elegant Themes, and thousands of other solo and team WordPress plugin and theme developers are a vital part of the WordPress world and they do great work. Just take sensible precautions to obtain premium themes from reputable sources.
The WordPress community is a wonderful source of powerful tools to enhance your WordPress site. If you exercise a little caution and discretion, you will have no trouble finding the plugins and functionality you need.