WordPress Plugins: Just Because You Can, Doesn’t Mean You Should

Have you identified a need on your WordPress website and think you’ve found a plugin that will provide it? It’s so easy to just hit install and get going, right?

Not so fast. Although WordPress plugins are plentiful, and easy to add to your website, there are several important things you need to know about them first. Things that can affect the security and performance of your website.

What is a WordPress Plugin?

Since we’re focusing on WordPress in this post, plugins are third-party add-ons that expand the functionality of your site. In other website Content Management Systems such as Drupal, these add-ons are called modules.

What are plugins used for? Examples include changing visual elements, adding extra information or content, and smoother integrations between your site and a third-party tool. You might use a plugin to achieve a special look with the mega menu on your site. Or, there are SEO plugins, plugins that automatically reduce the size of images on your site, and plugins that provide special functionality for how a photo gallery displays.


Why You Should Check with Your Webmaster Before Installing a Plugin

Your webmaster is there for a reason. They understand the complexities of maintaining website so that you don’t have to. Plus, if you have fully managed hosting and maintenance this is exactly the kind of thing in which you want your webmaster involved.

First, clearly know the goal you are trying to achieve on your website. Next, talk to your webmaster about what you need. If you have already researched plugins, show them the ones you think might fit the bill.

A word about researching plugins: make sure to check out the reviews, the number of active installations, and note how often it is updated. A plugin with low active installations (relative to other plugins), poor reviews, and hasn’t been updated in over a year, is a poor choice and can pose a security risk to your site. Additionally, when reading reviews, note any repeated comments about being hacked after implementing the plugin.

A plugin with 300,000 active installations may seem impressive . . .

WordPress plugin bad reviews

Until you notice the 2-star overall rating, and compare it to another similar plugin . . .

WordPress plugin active installations

Also, when viewing potential plugins in WordPress, look for the message “compatible with your version of WordPress” at the bottom right of the plugin info box to ensure a reliable tool.

WordPress plugin compatible

You want to avoid plugins with this message:

WordPress plugin not compatible


Following are reasons you should talk to your webmaster before installing a plugin.

A plugin is not always the best way to solve a need.
Your savvy webmaster may have a developer on the team who can code the changes right into the site, avoiding using a plugin at all. As you will read in a moment, the less plugins you have on your site, the better.

Every plugin has the potential to be a security concern.
Think of a plugin as if you are adding another door to your website. The more doors, or access points on your website, the more locks and hinges you need to maintain, and the quality and stability of those doors must be continually assessed. If a plugin has a weak point and the creators have stopped maintaining it, hackers will exploit that weakness and gain access to your site. They will sneak in through any vulnerability in one of the doors.

See related video: Why a Neglected Website is Like a Ticking Time Bomb

Every plugin must be maintained (updated) along with the rest of your site.
When viewing the main left-hand menu in WordPress, you will see Plugins in the list. Sometimes, you will see a little red number next to it.

WordPress plugin notification

This number indicates how many updates are currently available for plugins on your website. Once you go into the plugins menu, you can sort them to see which ones require updates. These updates are important; you or your webmaster should not ignore these.

WordPress plugin updates

Each plugin is made by different companies and just like any software, updates and patches are regularly required. In today’s world of critical cyber security issues, hackers are continually looking for access into the back end of websites. All they need is to identify a vulnerability in the code, something outdated that they can hack, or a domain that is allowed to expire, and they are in. This is why plugins frequently have updates: the company learned of a vulnerability or hole that hackers could access, and they have to update their software, then deploy it to their thousands of users. But with an open source CMS such as WordPress, those updates don’t just automatically go into effect on your site. Someone has to see them, execute them, and then test them after they are installed.

Related blog post: How Fully Managed Hosting and Maintenance Saves You from Website Woe

Multiple plugins, and duplicate functionality, may cause a performance penalty.
With website plugins, less is better. Because plugins are independently created, they don’t always play nice together. You may end up with multiple plugins doing slightly different variations of the same thing, which just bogs down your site unnecessarily. Or, too many plugins can actually impact your site performance, slowing it down and penalizing you in search.

Plugins interact with each other. Incompatibility between plugins can cause a site to crash.
Remember our analogy about plugins being like doors to your site? Imagine you have three plugins that offer some version of the same functionality across all three. Your doors are now overlapping. And maybe one of those doors is a half door, while the others are made of steel, and wood, and one has a window. None of these elements work together as doors placed on top of each other, and your house (site) will break (crash). You’ll be calling your webmaster and the first thing they will ask is “did you add any new plugins to the site?”. This is when you will sheepishly admit you went rogue.

Your webmaster can properly assess how plugins will work (or not) together, and avoid significant issues on the site.

Get the Right Plugin the First Time

The bottom line is that your webmaster will help implement the best solution for your site. Often, they will already have certain plugins in mind that are the most helpful, reliable, and safe. Since they work on sites all the time, webmasters are familiar with many plugins and know which ones to use, and which ones to avoid.

Remember, the fewer plugins on your site the better. It means less maintenance, less chance of cross-incompatibility, and less security risk.


Interested in a webmaster who has your back? Learn about our fully managed hosting and maintenance services.


Learn about good design

More Articles