The WordPress plugin ecosystem is one of the many reasons I recommend the platform for my clientele. While there are plugins out there that contain spyware/adware or are poorly developed, others are built extremely well and can solve pain for your business. Today, I’ll help you cut through the noise so you can leverage some of the best plugins available today. Below are my five favorites that I install standard on almost every single website I touch. These have been proven to be major workhorses and have stood the test of time and traffic.
UPDRAFT
Updraft is the gold standard for WordPress backups. This plugin enables you to take recurring backups of your website both on a recurring cadence (daily, weekly, monthly, etc) and at key events such as before you update your theme or update WordPress. Restoring from these backups can be done with a few clicks and allows you to bounce back fast from a data loss or data corruption event. One of my favorite features is how it enables you to send those backups to remote locations such as the Backblaze’s B2 Business Storage. Backups have a configurable encryption option so that even if your backup provider account is compromised, personal information stays safe.
Website: https://updraftplus.com/
WP ROCKET
WPRocket is a caching and performance optimization plugin that solves two major problems especially on high-traffic websites: First, it slashes load time dramatically. We have observed our client website page load times going from 4-5 seconds to under 1 second just by activating this plugin. The second problem it solves is that it takes load off your server freeing it up for other performance-heavy tasks. After enabling this, we’ve observed key server load KPIs such as database queries-per-second or PHP FPM pool load both dropping significantly. If configured properly, this is one of those stalwart tools that is worth every penny if you value site load time. (You should!)
Website: https://wp-rocket.me/
WORDFENCE
WordFence is a God-send plugin in an age of nefarious actors constantly trying to bring WordPress websites and web applications down. If your site is hacked, you face many dangers such as leaking personal information of your visitors and proprietary information about your business – not to mention reputation damage or lost sales. With that in mind, this plugin does a few things for us that are useful: First, it implements “Brute Force Protection” with automatic blocking of bots trying to break into your WordPress admin login. This is important because without something like fail2ban enabled on the server level, you’re vulnerable to password-guess attempts from armies of scripts around the world. Perhaps more importantly though it brings a solid WAF, also known as Web Application Firewall, to your WordPress site. A WAF filters for viruses and hacks at the script level – preprocessing things before they run on your website – to keep hackers out. The WAF looks at attack vectors such as malicious file uploads or SQL Injection, and stops them before they cause problems on your site. Frankly this is only scratching the surface of what WordFence can do. Installing WordFence (and properly configuring WordFence!) is a solid step towards implementing a full security strategy for your WordPress site. I don’t run public-facing WordPress sites without it.
Website: https://www.wordfence.com/
TINYPNG
Images are big. Especially images that are not properly optimized for website usage. TinyPNG comes into play here by deploying solid compression technology on to your image files, dropping the final file size in no small manner. I’ve seen image size reductions as high as 70%-80% with no discernible difference in image quality. Of course, you can do this manually by visiting TinyPNG.com, dropping your images into the site, then downloading them and uploading them to WordPress – but this a lot of unnecessary manual work and can be forgotten by humans in your organization. The TinyPNG plugin eliminates all of the manual work entirely. Simply upload images to the WordPress Media Library as you’ve done in the past – and it kicks in and compresses them automatically – no manual work required! This has two benefits for your website. First, pages will load faster, especially for users on mobile devices. Second, your WordPress site will occupy less space on your webhost, leaving room for new content and other assets that will help your organization grow. From my experience, no matter how many times I tell website owners to compress images before they upload to WordPress — most forget to do this step. This plugin solves for that without adding complexity to your content upload process.
Website: https://wordpress.org/plugins/tiny-compress-images/
AKISMET
Comment spam has been a problem on the internet as long as I can remember. If you have a comment form open to the public on your WordPress site, you’ll soon be flooded with comments from many a Nigerian Prince prepared to give you and your site readers $10 million dollars in exchange for bank account information. Of course, this wouldn’t be a problem if the Nigerian Prince comments were legitimate, and you’d actually get the money. 🙂 But alas these are classic internet spam comments and a pain for any website operator. Comment spam can be a major burden on your website database and server. Worse still, an opportunity for you and your visitors to fall victim to a virus or phishing scam. You’ve got to get control of the spam and remove this problem from your website. The Akismet plugin is one of the “old and trusty” plugins, coming per-installed with WordPress, that solves this problem for you. Simply activate it, add an API key, and watch most of your spam fall to the wayside. In addition to blocking new spam, it has the ability to go through your existing comment database and filter out spam even from years back. From our experience, it’s solid, and our firm requires it be deployed on any of our client sites with public-facing comment forms.
Website: https://wordpress.org/plugins/akismet/
I hope you’ve enjoyed this list of my favorite WordPress plugins and found it helpful for your business. Please note, this list isn’t exhaustive. Depending on how your site is setup and configured, some of these may not be a good fit, or there may be other plugins you should use in your specific situation. It’s also worth pointing out that you could run into compatibility issues with existing plugins or themes on your site. I always advise caution and to check with an expert before you install these on your site. Nobody wants unexpected downtime or a performance impact!
One Comment