WordPress plugins can help you manage your WordPress website and add valuable features and functionality.
But WordPress plugins are not “set-it-and-forget-it.” It’s very important that they be kept up-to-date.
Hackers typically look for outdated plugins and take advantages of security weaknesses in them to compromise WordPress websites.
WordPress plugins also create performance overhead at your website and they don’t always work well with other plugins. Sometimes they even conflict with WordPress themes.
Generally speaking, and a WordPress best practice, plugins should be kept to a minimum.
Today’s question is: How do you select a good WordPress plugin?
The answer is simple.
(1) Only use plugins that are in the WordPress repository. https://wordpress.org/plugins/
(2) Avoid new plugins or plugins without a significant number of installs (5,000+).
(3) Proceed with caution if the plugin you are looking at has not been updated within the past year.
(4) Always create a complete backup of your website BEFORE you install a WordPress plugin.
(5) Avoid plugins that have less than a 4 star rating.
(6) A plugin should be tested with a current version of WordPress.
If you install a plugin and it crashes your website, or it creates other problems, you’ll want to DISABLE it.
If it REALLY creates problems, and maybe you can’t login to your WordPress administrative dashboard, login to your hosting Cpanel and use the File Manager to delete the plugin (all plugins are found in your /wp-content folder).
An alternative to deleting the plugin is to rename the plugin folder on your hosting server. I usually add an “x-” at the beginning of the folder name. This requires some more advanced technical knowledge, or help from technical support at your hosting company, but it effectively disables the plugin.
Here’s an example of what we’re talking about (and one of our recommended WordPress plugins). https://wordpress.org/plugins/wp-updates-notifier/