WordPress Plugins – What To Look Out For

Ok, so you have installed WordPress and you’re ready to start customising your new website.  Many people turn to WordPress plugins to add that extra bit of functionality, but as with all things, there is a word of caution.

Although WordPress will work just fine without any additional plugins, there may be some specific function that you are looking for, such as an enhanced contact form, or fancy social sharing buttons.

Let us start with thinking about what a plug-in is, or what it does. People often use the car metaphor for describing the relationship between WordPress, Themes and Plugins. I prefer to think of it like a kitchen; here’s why:

Think of your Website as the basic kitchen in a new home.  You probably already have the cooker, the sink and a few cupboards.  However you may decide that you want to move things around a little, maybe decorate (the Theme).  But that’s not enough so may also want to add some extras like a dishwasher, toaster, kettle etc. (the Plugins).

Now, if you move house you will not necessarily take the cupboards down and the paint off the walls, but you may decide to take the dishwasher with you. Keeping with the metaphor you would, therefore, think about plugins in the same context i.e. am I going to take this with me when I move to a new website.

That being said, unless you are a developer you are most likely to look to plugins to provide any additional functionality you require, so here goes.

Be clear about what you want the plugin to do.

Jot down a few bullet points covering your main requirements. So for example if you’re looking for a contact form you may say:

  • I want to be able to design complex forms.
  • I want to be able to have replies sent to multiple people in my team.
  • I want the plugin to automatically check for spam

Armed with these points you will find the evaluation process much easier.

Use the WordPress Plugin Directory

This is not to say that every plugin in the repository is safe, it is still your responsibility to carry out further checks.  But it is the safest place to start.

Visit the WordPress Plugin Directory and start your search. Keeping with the “contact form” example you might type in “Contact From” in the search box and then be presented with a list of plugins and ratings.  You can also search by tag and most popular downloads.

It is possible to use Google to search the directory, and this option is presented at the foot of each result page.

Compare ratings to number of downloads

This is not an exact science so there is an element of gut feeling. But unless you’re looking for a really specific plugin you are going to need a way to differentiate the contenders.

Be suspicious of a plugin with 5 stars and only a handful of ratings. Plugins with hundreds of thousands of downloads will usually have picked up a few negatives along the way, this is not necessarily something to worry about.

Check the details

When evaluating a plugin’s homepage you are presented with some very useful information. At this stage you are looking for reasons NOT to try a plugin. So for example, you can see that the “Contact Form Maker” has been downloaded 62,518 times, and was last updated 11 days ago (from 21st September 2013). It is also compatible with the latest version of WordPress. You can also see that the developer has been involved in 12 other plugins. So far so good.

I would be concerned about a plugin that has not been updated for a long time, is not compatible with the latest version (as this means that the developer may have lost interest) or has few/no reviews.  Unless you know what you’re doing be very wary of brand new plugins, there is a strong chance that the developer is “live beta testing” and relying on feedback to tweak the plugin.

The plugin page also tells us a little about the history and provides installation instructions. There are usually some screenshots to give you a flavour of the plugin in action. The more comprehensive these are the more confident you should feel.

You can read through some reviews, and check out the developer’s response to support queries. In this case, the developer has elected to provide support outside the WordPress.org system. This is common practice, particularly with paid for plugins.

Checking the development log it is possible to get an idea how old the plugin is.  It is sometimes possible to see if the plugin has changed ownership at any point. This can be a cause for concern.

Test and Experiment.

Using the list of requirements against a shortlisting process you should end up with just two or three plugins competing for your attention. At this point the best thing to do is to install candidates in turn and test.

Ideally, you’d do this on a test installation of WordPress.  If you don’t have a test installation using your live site should not cause a problem but do take regular backups of your database. During testing you’re making sure that you can get on with the user interface and that it does everything you’re looking for.  At this stage you should be reasonably confident about the safety of the plugin.
The other advantage of testing is that you find out very quickly if the plugin is restricting the use of some features subject to purchasing a premium version.  This is becoming more common as developers are looking for ways to get paid for their efforts.

Don’t forget to deactivate and uninstall the rejected plugins.

The WordPress Plugin Directory is huge and will usually be the only place you need to look.  It is however worth remembering that there is no guarantee that all the plugins are safe even though submissions are checked and tested for malicious code.

As part of the agreement to list plugins the Directory requires that plugins are free, and that they conform to a specific type of licensing. Personally I’d be really cautious of downloading a plugin from an external site.

Remember that plugins have access to your site, and can in some circumstances create problems, either deliberately or accidentally. Always take a backup of your database before installing anything new.

It is easy to get carried away with installing plugins and not uncommon for sites overloaded with active and inactive plugin to start behaving in unexpected ways.  Take a bit of time thinking about what you want your site to do and use plugins sparingly.