In this post, I will look at some plugins that should be on every WordPress site, and at some that you may think you need, but probably shouldn’t install.
Even the most basic Worpress site must be protected against hackers. In addition to a SSL certificate, a security plugin is therefore a must and with plenty of free options to choose from, there’s really no excuse!
We now use Shield security on all our sites. The free version is enough for a simple site, although if you are running a membership or e-commerce site, upgrading to pro is probably a good idea. Cost is 72 euros / year for a single site, but there are very good discounts for multiple sites. Should you run into trouble, their technical support is competent and very responsive.
Wordfence is another good option. The free version, while not as user-friendly as Shield, offers enough tools to efficiently protect most sites. WordFence Premium is a high-end security plugins for highly sensitive sites.
At the very least, you should instal WPS Hide Login, a simple way to protect your administrator login page against brute force attacks by changing its URL (a tool that is included in all version of Shield, but not with Wordfence).
Almost all site now have at least a simple contact form, and therefore will need a form plugin.
So it’ not surprising that, with over 5 millions installs, Contact Form 7 is one of the most popular plugins in WordPress. This simple, free plugin is well supported and there are many free and premium plugins to add functionalities to it (such as Paypal integration, Maichmimp integration, conditional logic, redirect, etc.). From simple contact forms to complex booking systems, Contact Form 7 can handle pretty much anything that needs input from your site visitors. Combined with Flamingo (another free plugin), Contact Form 7, will store all your contacts and messages in your WordPress databas, easily accessible from your WordPress dashboard.
If Contact Form 7 doesn’t suit you, for example because you are more comfortable with a visual form editor, then WPForms is a good choice. It offers both a free version (called WPForms lite) and a premium version (starting at $39.50 / year). With Drag and Drop form building, WPForms makes it easy to build any kind of responsive forms, but the free version is pretty limited, and you’ll probably end up with the premium version.
The ability to duplicate (or clone) pages and posts at the click of a button saves so much time that a duplicator plugin should be installed on every site as early as possible. We use Duplicate Pages, Posts and CPT, a free plugin which works very well and integrates seamlessly into WordPress without any bloat. There are many others plugins to choose from.
While WordPress is inherently SEO friendly, Yoast SEO is a great help in ensuring that your site includes all the information search engines will be looking for. Unless you are operating in a very competitive environment, the free version is good enough. Not surprisingly, Yoast SEO is one of the most popular plugin in WordPress.
Even though most websites are now designed using page builders, having a simple editor that allows you to easily get to the html code should you need it is most useful. The Classic editor is one of the most used plugins in WordPress for very good reasons.
While Google Analytics (and other plugins like MonsterInsights which are based on it) are the most widely used analytics tool and offers comprehensive analytics features for free, it all comes at the price of your and your visitors’ privacy. For this reason, I have never installed them on any site, and probably never will.
For sites that don’t need comprehensive reporting, Koko analytics is a free open-source analytics plugin that does not use any external services. It is therefore very fast and totally privacy-friendly.
If you need more comprehensive reporting, an alternative to using a Woprdpress plugin is to install AWstats on your hosting account.
Although you could rely on Softaculous Automated Backups or even your hosting provider backups, a backup plugin will offer a good bit more flexibility. Updraft is a good choice. The free version will automatically back up your site to a free Dropbox or Google drive account, and it’s easy to set up. The premium version, UpdraftPlus, offers far more storage options, automated scheduled backups, as well as tools for hassle-free duplication and migration of sites of all sizes.
As well as ranking higher in search engines, a fast loading site has better chances of keeping users on the site, so anything that speeds up loading is welcome. There comes caching and image optimisation. LiteSpeed Cache, WP Fastest Cache and WP-Optimize are all good, free choices.
A plugin you may not need
WooCommerce is by far the most popular e-commerce plugin for WordPress, used by over 5 million websites, WooCommerce comes with all the features that you need to build an online shop. However, it lacks flexibility, its complexity makes it difficult to learn, technical support is poor, and extensions, if needed, may be expensive.
It’s often easier, and possibly better, to build an online shop or a simple e-commerce site without it, simply using a form plugin with a Paypal and / or Stripe integration.
Popular plugins I would never install
Jetpack is a bloated plugin that has far too many functions, most of which you will never need. But the main reason I would never install Jetpack is big privacy problems. Jetpack sends your data to WordPress.com.
Akismet doesn’t work very well and stores data it collects on servers located all over the world, raising privacy concerns. A good security plugins will do a better job than Askinet at keeping spam at bay.
Gutenberg There’s a very good reason why Gutenberg has a 2 * rating on WordPress.org : it’s simply the worst WordPress editor ever.