It’s hard to imagine WordPress being as successful as it is without plugins. Plugins are modular pieces of code for WordPress that are created and maintained by third party developers. They contain new features that anyone can easily download to add to a WordPress system, all with the click of a button.
Add new features to WordPress instantly
Creating a new website is largely a unique process as every business has it’s own goals and needs. However, there are many high-level features that are the same, in general, and can be brought to a system using a plugin.
Things like e-commerce can be easily added to a system by using the WooCommerce plugin. By installing this plugin you get a checkout, payment gateways and consignment tools to help you run an online store. The unique part comes when we style the store and also if there are customisations to the way the store needs to run.
The key point to this is that some features are taken care of by a third-party and therefore we don’t need to allocate project resource to develop it ourselves. In turn this means we can deliver a system quicker and at a more competitive price.
What’s the difference between a good and bad plugin?
But, these amazing benefits of plugins come with a warning, which needs to be respected in order to ensure you don’t fall victim to the dark side of WordPress plugins.
The pedigree of a plugin is all down to the developer and the quality of code they’ve written. If they’ve done a good job then we can take confidence that the plugin will perform well, have a low error rate and hopefully be secure.
As the internet changes, so does the security aspect of plugins. This is why the second important part of a plugin is the quality of ongoing support. If a great plugin goes unsupported, as many sometimes do, then there is no-one to patch security leaks when they arise.
How to tell if a plugin is secure
There isn’t a guaranteed way to tell if a plugin is going to be safe or not, but there are some clues that will certainly help.
Popularity of the plugin or the developer is usually a good sign as this usually has to be earned. The more times you’ve heard of either the plugin or the developer, the more likely it’s because they’re doing something right.
Documentation for a plugin can be found on the plugin website and reflects the type of support a developer is going to give you when you need them. If it’s non-existent or poor quality, then they either don’t have the time or would rather be doing something else. Neither are a good sign and you may not get the help you need when you’re in a jam!
Reviews aren’t as reliable as they should be, because not everyone rates their experiences in the same way and each person’s priorities will be different. Not to mention you can buy 5 star reviews these days for a small fee. But, that doesn’t mean they should be disregarded completely.
Check recent reviews and read the feedback, paying attention to the content of negative reviews. You’ll have to use your own judgement here, but you should get an impression of whether previous users have had a good experience.
Combine all of this together and you should have a good idea whether you’ve found a good plugin or whether its better left far alone.
Need some help securing your WordPress?
We specialise in maintaining WordPress systems to ensure they are always up to date, secure, fast and reviewed regularly for improvements. Our maintenance package is a low cost and fixed price service that will give you peace of mind that your system is always in good working order. Or if you need some new features, but can’t find the plugin we can help with that too!