WordPress plugins are helpful. But they can also slow a site down, invite hackers and even cause a Google penalty. These are my top five considerations when choosing a WordPress plugin.
Five WordPress Plugin Considerations
- Plugin is Vetted
- Changelog indicates fairly regular updates
- Support Feedback indicates a healthy plugin
- Doesn’t overlap with an installed plugin
Plugin is Vetted
A free plugin should ideally be vetted by WordPress. WordPress provides an official plugin repository where trusted free plugins can be downloaded.
If an issue is discovered with a free plugin, WordPress will remove the download from it’s repository. Typical issues can be coding that results in a vulnerability but can also be related to other issues as outlined in the WordPress Plugin Guidelines.
It’s not a perfect system for being assured that the plugin is safe to install. But it’s generally safer than downloading a plugin that is not available through the official WordPress depository.
The exceptions to this rule are premium paid plugins by reputable companies. Generally, the premium plugins have a free version and a paid version. The fact that a free version has been vetted by WordPress provides assurance (to me) that there is some kind of quality control.
There are premium plugins available and those plugins may undergo their own private testing. They are generally safe to purchase and download. However it may be useful to research the testing and vetting practices before purchasing.
Plugin is Popular
I’m generally not a believer in the wisdom of crowds. However I do feel some safety in knowing that a WordPress plugin is popular and well liked.
Popularity by itself does not guarantee that a plugin is not without issues. A few of the most popular plugins have been the sources of near catastrophic issues or larding up web pages with needless code.
Nevertheless, popularity along with other factors can contribute to an assurance that that the plugin is likely safe and works reasonably well.
Changelog Indicates Regular Updates
Some plugins may be abandoned. Every plugin’s WordPress page notes when the plugin was last updated. A plugin might not be updated because the function it performs is relatively simple. But in general this is a sign that a plugin has been abandoned.
Abandoned plugins should in most cases be avoided. WordPress is constantly evolving. Installing a plugin that hasn’t been updated could cause conflicts with the current version of WordPress or the version of PHP that your website runs in.
Every plugin page in the WordPress Plugin Repository has a support page. The support page may provide evidence if a plugin that has ongoing issues. Typical issues might be that the code conflicts with other plugins. Sometimes the WordPress template may need changes in order for the plugin to function.
The support page will reveal any potential issues you may face before discovering them the hard way.
Plugin Doesn’t Overlap with an Installed Plugin
A common issue I see is when two or more plugins designed to do similar things overlap. This generally happens with structured data and speed optimization plugins.
The usual result is that you have more plugins than you need. It’s important to use as few plugins as necessary. Overloading your site with plugins can slow down the server. Even a plugin designed to speed up your site may slow down your site if you are using too many of them at the same time.
Before you install a plugin, think hard about how this plugin will solve your problems. If it doesn’t solve all of them, will installing a second or third plugin cause a duplication in functions?
How to Choose a WordPress Plugin
These five considerations are not a complete list of considerations. There are other factors that can be added, like user reviews, the reputation of the company behind the plugin, if the plugin is over-engineered and slows down the site and so on.
Downloading plugins can seem like the shell game, where a pea is placed under a cup and then shuffled around. Are you making an educated guess or just guessing? These are what I consider important factors for judging if a WordPress plugin is trustworthy and will help take some of the guesswork out of choosing a trustworthy WordPress plugin.