Welcome!

AJAX & REA Authors: Noel Wurst, Elizabeth White, Trevor Parsons, ChandraShekar Dattatreya, Liz McMillan

Blog Feed Post

WordPress Plugins – Be Smart About The Ones You Install

WordPress PluginsOne of the great things about WordPress is the ability it gives us to extend the capabilities of the core software with plugins. The official WordPress Plugin Directory now has nearly 23,000 plugins. That’s an amazing amount of extra features we can add to our websites.

However the old adage is still true: with great power comes great responsibility. Unfortunately there’s a lot of junk in those 23,000 plugins. You can bog your site down to a crawl, expose your site to hackers or even worse if you aren’t careful.

So here are some things to think about when you are looking for plugins to install. If you pay attention to these things you will be much smarter about the plugins you install. And you will save yourself a ton of grief in the long run.

Plugin Guidelines

Before I get down to it, please know this. These are guidelines rather than hard and fast rules.

At the end of the day it is your website and you can do whatever you want. There may be other factors in your case that may cause you to disregard one or more of these considerations.

However, if you at least think through the potential consequences of your choices you will be making much more informed decisions. And it just might help you see some “gotcha’s” before they get’cha, if you know what I mean.

Do You Really Need That Functionality?

So you’ve got your new website. You’ve discovered how easy it is to add plugins from your WordPress dashboard. You went a little wild, didn’t you? You keep seeing cool features on other sites around the web and you want them for your site too.

Now you’ve got a hodgepodge of plugins installed. Dozens of them.

Don’t feel bad. We’ve all been there. The first step in recovery is admitting you have a problem, right?

I once had over 80 plugins installed on one of my sites. Now they weren’t all activated. But that’s still nuts!

My rationale was that I needed to “test” plugins to see what they did so I would know whether to recommend them to my clients. OK. Fair enough. But delete them after you’re done testing them.

That site’s down to 15 active plugins. Much better. Because at the end of the day you really don’t need all that crap (can I say that word here?) on your website.

Before you install a plugin ask yourself what the value of that feature really is. Will it attract more readers to your site? Will it add to the bottom line by helping to increase revenue somehow?

Is it necessary? Or is it just flashy and cool?

If it isn’t contributing to a better user experience, or actively furthering your website objectives delete the plugin. Or better yet, resist installing it in the first place.

Does the Plugin List Compatibility with the Current Version of WordPress?

This one is a biggie. I do a lot of WordPress support and am asked to add and configure specific plugins quite frequently. Assuming we crossed the first hurdle and the functionality is truly necessary, the first thing I look at is what version of WordPress is the plugin listed as being compatible with.

For every plugin in the WordPress Plugin Directory you will see an info box on the top of the right hand column. One of the pieces of info there says:
Compatible up to: 3.5

The number there is the version number of WordPress that the plugin developer says his plugin is compatible with. Ideally that number should be the most recent version of WordPress.

There are a ton of plugins in that 23,000 number that have been effectively abandoned by their developers. Many haven’t been updated in years. WordPress recognizes this as a genuine problem. That is why they started filtering out any plugins that haven’t been updated in the last two years so they don’t show in the search results when you use either the search box on the website or in the “Add New” plugin page of your WordPress dashboard.

Those plugins still show up in Google searches so they added a warning notice to let people know they haven’t been updated in a really long time.

Keep in mind out of date plugins is one of the more common attack vectors that hackers use to gain access to WordPress sites. So having an insecure out of date plugin on your website is a pretty big deal.

Now WordPress just pushed out one of their semiannual (approximately) major updates to the core software and it’s the holiday season. So if a plugin lists the previous version it might not be a show stopper in and of itself. However take that into account when you are evaluating the plugin.

What about paid plugins? Sometimes it’s hard to find any compatibility info listed on plugins available for purchase. If you can’t find the info listed publicly before you purchase the plugin, then reach out to the plugin developer. If they don’t give you a satisfactory answer, move on.

The only thing worse than installing a plugin that breaks your site because it hasn’t been updated in years is paying for a plugin that breaks your site.

Are Support Issues Being Addressed?

Every plugin in the Directory has a support forum where people can reach out for help. Since plugins are offered for free there, the plugin developer has no obligation to support their plugin.

However the best ones always do maintain an active presence and answer questions. That’s one of the things I love about the WordPress community. People are willing to help one another.

However if there are a ton of major issues being raised by users and the plugin developer is no where to be found then maybe that plugin is not the best one for your site.

While you are looking at that, see how many times the plugin has been downloaded. If a plugin has been downloaded hundreds of thousands of times and there are only a handful of people with problems, then it’s likely going to work on your site. But if it has only been downloaded a few hundred times and there are tons of people reporting problems, then steer clear.

Is the Plugin Likely to be Supported Moving Forward?

Now this question is obviously going to be a guess at best. What is the disclaimer that financial advisers use? “Past performance is no guarantee of future results.

That said going with a particular plugin because it looks good today, only to have it abandoned and have to change to anther solution down the road can be a major pain. This is doubly true if the plugin has a shortcode associated with it that you use. Going through and changing out shortcodes because you need to switch plugins can be pretty tedious, especially if you have a big site with lots of posts using that shortcode.

So what are the indicators that a plugin is likely going to be supported moving forward?

You can look at how long the plugin has been available. If it has a track record of being updated hopefully that means the developer is committed to keeping it going.

How many other plugins does the developer have in the Plugin directory? You can click through the developer’s name on the plugin page and see. If he has several and he seems to be keeping them up to date, then hopefully he’ll keep this one updated too.

That brings us to the last (finally!) big question I look at.

Does the Plugin Developer Have a Profit Base?

To me this question is a big one. A plugin developer that has a reliable income stream that is WordPress related is much more likely in my eyes to keep up with developing a plugin they upload to the Directory than someone who is just playing around.

Sometimes this profit base looks like a premium version of the plugin. Some people get frustrated by paid plugins. But to me that indicates the author is serious about maintaining and improving their plugin. They’ll have to keep it up if they expect new people to pay for it.

Other times the plugin is related to the developer’s main service. For example the NextGen Gallery plugin is now maintained by a company that specializes in developing WordPress websites for photographers. The plugin is free for anyone to use and the developer maintains it because it ties directly in with their own business. It’s in their own best interest to keep up with the plugin.

Or maybe the plugin developer runs a WordPress development/design business. If they’ve been working with WordPress for a few years and it’s now a major income stream for them, then odds are they will likely continue developing the plugin moving forward.

Bottom Line

The bottom line is really pretty simple. Taking just a little bit of time to think about your site’s needs and researching the plugin just a little can save you some significant frustration. It can save you from installing a plugin that immediately breaks your site because it hasn’t been updated in years. And it just might keep you from having to go through a painful transition down the road when plugin that is mission critical for your website has been abandoned.

Read the original blog entry...

More Stories By Rebecca Gill

Founder and President of Web Savvy Marketing, a Michigan based internet marketing firm that specializes in website design, organic SEO, social media marketing, and WordPress consulting.

@CloudExpo Stories
In high-production environments where release cycles are measured in hours or minutes — not days or weeks — there's little room for mistakes and no room for confusion. Everyone has to understand what's happening, in real time, and have the means to do whatever is necessary to keep applications up and running optimally. DevOps is a high-stakes world, but done well, it delivers the agility and performance to significantly impact business competitiveness.
"Our premise is Docker is not enough. That's not a bad thing - we actually love Docker. At ActiveState all our products are based on open source technology and Docker is an up-and-coming piece of open source technology," explained Bart Copeland, President & CEO of ActiveState Software, in this SYS-CON.tv interview at DevOps Summit at Cloud Expo®, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
ScriptRock makes GuardRail, a DevOps-ready platform for configuration monitoring. Realizing we were spending way too much time digging up, cataloguing, and tracking machine configurations, we began writing our own scripts and tools to handle what is normally an enormous chore. Then we took the concept a step further, giving it a beautiful interface and making it simple enough for our bosses to understand. We named it GuardRail after its function - to allow businesses to move fast and stay sa...
The Internet of Things is not new. Historically, smart businesses have used its basic concept of leveraging data to drive better decision making and have capitalized on those insights to realize additional revenue opportunities. So, what has changed to make the Internet of Things one of the hottest topics in tech? In his session at @ThingsExpo, Chris Gray, Director, Embedded and Internet of Things, discussed the underlying factors that are driving the economics of intelligent systems. Discover ...
SYS-CON Media announced today that Sematext launched a popular blog feed on DevOps Journal with over 6,000 story reads over the weekend. DevOps Journal is focused on this critical enterprise IT topic in the world of cloud computing. DevOps Journal brings valuable information to DevOps professionals who are transforming the way enterprise IT is done. Sematext is a globally distributed organization that builds innovative Cloud and On Premises solutions for performance monitoring, alerting an...
"BSQUARE is in the business of selling software solutions for smart connected devices. It's obvious that IoT has moved from being a technology to being a fundamental part of business, and in the last 18 months people have said let's figure out how to do it and let's put some focus on it, " explained Dave Wagstaff, VP & Chief Architect, at BSQUARE Corporation, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The major cloud platforms defy a simple, side-by-side analysis. Each of the major IaaS public-cloud platforms offers their own unique strengths and functionality. Options for on-site private cloud are diverse as well, and must be designed and deployed while taking existing legacy architecture and infrastructure into account. Then the reality is that most enterprises are embarking on a hybrid cloud strategy and programs. In this Power Panel at 15th Cloud Expo (http://www.CloudComputingExpo.com...
Verizon Enterprise Solutions is simplifying the cloud-purchasing experience for its clients, with the launch of Verizon Cloud Marketplace, a key foundational component of the company's robust ecosystem of enterprise-class technologies. The online storefront will initially feature pre-built cloud-based services from AppDynamics, Hitachi Data Systems, Juniper Networks, PfSense and Tervela. Available globally to enterprises using Verizon Cloud, Verizon Cloud Marketplace provides a one-stop shop fo...
Leysin American School is an exclusive, private boarding school located in Leysin, Switzerland. Leysin selected an OpenStack-powered, private cloud as a service to manage multiple applications and provide development environments for students across the institution. Seeking to meet rigid data sovereignty and data integrity requirements while offering flexible, on-demand cloud resources to users, Leysin identified OpenStack as the clear choice to round out the school's cloud strategy. Additional...
The move in recent years to cloud computing services and architectures has added significant pace to the application development and deployment environment. When enterprise IT can spin up large computing instances in just minutes, developers can also design and deploy in small time frames that were unimaginable a few years ago. The consequent move toward lean, agile, and fast development leads to the need for the development and operations sides to work very closely together. Thus, DevOps become...
SYS-CON Events announced today that IDenticard will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. IDenticard™ is the security division of Brady Corp (NYSE: BRC), a $1.5 billion manufacturer of identification products. We have small-company values with the strength and stability of a major corporation. IDenticard offers local sales, support and service to our customers across the United States and Canada...
SYS-CON Events announced today that Windstream, a leading provider of advanced network and cloud communications, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Windstream (Nasdaq: WIN), a FORTUNE 500 and S&P 500 company, is a leading provider of advanced network communications, including cloud computing and managed services, to businesses nationwide. The company also offers broadband, p...
SYS-CON Events announced today that AIC, a leading provider of OEM/ODM server and storage solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. AIC is a leading provider of both standard OTS, off-the-shelf, and OEM/ODM server and storage solutions. With expert in-house design capabilities, validation, manufacturing and production, AIC's broad selection of products are highly flexible and are conf...

ARMONK, N.Y., Nov. 20, 2014 /PRNewswire/ --  IBM (NYSE: IBM) today announced that it is bringing a greater level of control, security and flexibility to cloud-based application development and delivery with a single-tenant version of Bluemix, IBM's

The BPM world is going through some evolution or changes where traditional business process management solutions really have nowhere to go in terms of development of the road map. In this demo at 15th Cloud Expo, Kyle Hansen, Director of Professional Services at AgilePoint, shows AgilePoint’s unique approach to dealing with this market circumstance by developing a rapid application composition or development framework.
SYS-CON Events announced today Isomorphic Software, the global leader in high-end, web-based business applications, will exhibit at SYS-CON's DevOps Summit 2015 New York, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Isomorphic Software is the global leader in high-end, web-based business applications. We develop, market, and support the SmartClient & Smart GWT HTML5/Ajax platform, combining the productivity and performance of traditional desktop software ...
AppZero has announced that its award-winning application migration software is now fully qualified within the Microsoft Azure Certified program. AppZero has undergone extensive technical evaluation with Microsoft Corp., earning its designation as Microsoft Azure Certified. As a result of AppZero's work with Microsoft, customers are able to easily find, purchase and deploy AppZero from the Azure Marketplace. With just a few clicks, users have an Azure-based solution for moving applications to the...
“In the past year we've seen a lot of stabilization of WebRTC. You can now use it in production with a far greater degree of certainty. A lot of the real developments in the past year have been in things like the data channel, which will enable a whole new type of application," explained Peter Dunkley, Technical Director at Acision, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The cloud is becoming the de-facto way for enterprises to leverage common infrastructure while innovating and one of the biggest obstacles facing public cloud computing is security. In his session at 15th Cloud Expo, Jeff Aliber, a global marketing executive at Verizon, discussed how the best place for web security is in the cloud. Benefits include: Functions as the first layer of defense Easy operation –CNAME change Implement an integrated solution Best architecture for addressing network-l...
“We help people build clusters, in the classical sense of the cluster. We help people put a full stack on top of every single one of those machines. We do the full bare metal install," explained Greg Bruno, Vice President of Engineering and co-founder of StackIQ, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.