Click here to close now.

Welcome!

AJAX & REA Authors: XebiaLabs Blog, Carmen Gonzalez, Jackie Kahle, Elizabeth White, Cloud Best Practices Network

Blog Feed Post

WordPress Plugins – Be Smart About The Ones You Install

WordPress PluginsOne of the great things about WordPress is the ability it gives us to extend the capabilities of the core software with plugins. The official WordPress Plugin Directory now has nearly 23,000 plugins. That’s an amazing amount of extra features we can add to our websites.

However the old adage is still true: with great power comes great responsibility. Unfortunately there’s a lot of junk in those 23,000 plugins. You can bog your site down to a crawl, expose your site to hackers or even worse if you aren’t careful.

So here are some things to think about when you are looking for plugins to install. If you pay attention to these things you will be much smarter about the plugins you install. And you will save yourself a ton of grief in the long run.

Plugin Guidelines

Before I get down to it, please know this. These are guidelines rather than hard and fast rules.

At the end of the day it is your website and you can do whatever you want. There may be other factors in your case that may cause you to disregard one or more of these considerations.

However, if you at least think through the potential consequences of your choices you will be making much more informed decisions. And it just might help you see some “gotcha’s” before they get’cha, if you know what I mean.

Do You Really Need That Functionality?

So you’ve got your new website. You’ve discovered how easy it is to add plugins from your WordPress dashboard. You went a little wild, didn’t you? You keep seeing cool features on other sites around the web and you want them for your site too.

Now you’ve got a hodgepodge of plugins installed. Dozens of them.

Don’t feel bad. We’ve all been there. The first step in recovery is admitting you have a problem, right?

I once had over 80 plugins installed on one of my sites. Now they weren’t all activated. But that’s still nuts!

My rationale was that I needed to “test” plugins to see what they did so I would know whether to recommend them to my clients. OK. Fair enough. But delete them after you’re done testing them.

That site’s down to 15 active plugins. Much better. Because at the end of the day you really don’t need all that crap (can I say that word here?) on your website.

Before you install a plugin ask yourself what the value of that feature really is. Will it attract more readers to your site? Will it add to the bottom line by helping to increase revenue somehow?

Is it necessary? Or is it just flashy and cool?

If it isn’t contributing to a better user experience, or actively furthering your website objectives delete the plugin. Or better yet, resist installing it in the first place.

Does the Plugin List Compatibility with the Current Version of WordPress?

This one is a biggie. I do a lot of WordPress support and am asked to add and configure specific plugins quite frequently. Assuming we crossed the first hurdle and the functionality is truly necessary, the first thing I look at is what version of WordPress is the plugin listed as being compatible with.

For every plugin in the WordPress Plugin Directory you will see an info box on the top of the right hand column. One of the pieces of info there says:
Compatible up to: 3.5

The number there is the version number of WordPress that the plugin developer says his plugin is compatible with. Ideally that number should be the most recent version of WordPress.

There are a ton of plugins in that 23,000 number that have been effectively abandoned by their developers. Many haven’t been updated in years. WordPress recognizes this as a genuine problem. That is why they started filtering out any plugins that haven’t been updated in the last two years so they don’t show in the search results when you use either the search box on the website or in the “Add New” plugin page of your WordPress dashboard.

Those plugins still show up in Google searches so they added a warning notice to let people know they haven’t been updated in a really long time.

Keep in mind out of date plugins is one of the more common attack vectors that hackers use to gain access to WordPress sites. So having an insecure out of date plugin on your website is a pretty big deal.

Now WordPress just pushed out one of their semiannual (approximately) major updates to the core software and it’s the holiday season. So if a plugin lists the previous version it might not be a show stopper in and of itself. However take that into account when you are evaluating the plugin.

What about paid plugins? Sometimes it’s hard to find any compatibility info listed on plugins available for purchase. If you can’t find the info listed publicly before you purchase the plugin, then reach out to the plugin developer. If they don’t give you a satisfactory answer, move on.

The only thing worse than installing a plugin that breaks your site because it hasn’t been updated in years is paying for a plugin that breaks your site.

Are Support Issues Being Addressed?

Every plugin in the Directory has a support forum where people can reach out for help. Since plugins are offered for free there, the plugin developer has no obligation to support their plugin.

However the best ones always do maintain an active presence and answer questions. That’s one of the things I love about the WordPress community. People are willing to help one another.

However if there are a ton of major issues being raised by users and the plugin developer is no where to be found then maybe that plugin is not the best one for your site.

While you are looking at that, see how many times the plugin has been downloaded. If a plugin has been downloaded hundreds of thousands of times and there are only a handful of people with problems, then it’s likely going to work on your site. But if it has only been downloaded a few hundred times and there are tons of people reporting problems, then steer clear.

Is the Plugin Likely to be Supported Moving Forward?

Now this question is obviously going to be a guess at best. What is the disclaimer that financial advisers use? “Past performance is no guarantee of future results.

That said going with a particular plugin because it looks good today, only to have it abandoned and have to change to anther solution down the road can be a major pain. This is doubly true if the plugin has a shortcode associated with it that you use. Going through and changing out shortcodes because you need to switch plugins can be pretty tedious, especially if you have a big site with lots of posts using that shortcode.

So what are the indicators that a plugin is likely going to be supported moving forward?

You can look at how long the plugin has been available. If it has a track record of being updated hopefully that means the developer is committed to keeping it going.

How many other plugins does the developer have in the Plugin directory? You can click through the developer’s name on the plugin page and see. If he has several and he seems to be keeping them up to date, then hopefully he’ll keep this one updated too.

That brings us to the last (finally!) big question I look at.

Does the Plugin Developer Have a Profit Base?

To me this question is a big one. A plugin developer that has a reliable income stream that is WordPress related is much more likely in my eyes to keep up with developing a plugin they upload to the Directory than someone who is just playing around.

Sometimes this profit base looks like a premium version of the plugin. Some people get frustrated by paid plugins. But to me that indicates the author is serious about maintaining and improving their plugin. They’ll have to keep it up if they expect new people to pay for it.

Other times the plugin is related to the developer’s main service. For example the NextGen Gallery plugin is now maintained by a company that specializes in developing WordPress websites for photographers. The plugin is free for anyone to use and the developer maintains it because it ties directly in with their own business. It’s in their own best interest to keep up with the plugin.

Or maybe the plugin developer runs a WordPress development/design business. If they’ve been working with WordPress for a few years and it’s now a major income stream for them, then odds are they will likely continue developing the plugin moving forward.

Bottom Line

The bottom line is really pretty simple. Taking just a little bit of time to think about your site’s needs and researching the plugin just a little can save you some significant frustration. It can save you from installing a plugin that immediately breaks your site because it hasn’t been updated in years. And it just might keep you from having to go through a painful transition down the road when plugin that is mission critical for your website has been abandoned.

Read the original blog entry...

More Stories By Rebecca Gill

Founder and President of Web Savvy Marketing, a Michigan based internet marketing firm that specializes in website design, organic SEO, social media marketing, and WordPress consulting.

@CloudExpo Stories
The speed of software changes in growing and large scale rapid-paced DevOps environments presents a challenge for continuous testing. Many organizations struggle to get this right. Practices that work for small scale continuous testing may not be sufficient as the requirements grow. In his session at DevOps Summit, Marc Hornbeek, Sr. Solutions Architect of DevOps continuous test solutions at Spirent Communications, will explain the best practices of continuous testing at high scale, which is r...
Modern Systems announced completion of a successful project with its new Rapid Program Modernization (eavRPMa"c) software. The eavRPMa"c technology architecturally transforms legacy applications, enabling faster feature development and reducing time-to-market for critical software updates. Working with Modern Systems, the University of California at Santa Barbara (UCSB) leveraged eavRPMa"c to transform its Student Information System from Software AG's Natural syntax to a modern application lev...
Plutora provides enterprise release management and test environment SaaS solutions to clients in North America, Europe and Asia Pacific. Leading companies across a variety of industries, including financial services, telecommunications, retail, pharmaceutical and media, rely on Plutora's SaaS solutions to orchestrate releases and environments faster and with integrity. Products include Plutora Release Manager, Plutora Test Environment Manager and Plutora Deployment Manager.
Hosted PaaS providers have given independent developers and startups huge advantages in efficiency and reduced time-to-market over their more process-bound counterparts in enterprises. Software frameworks are now available that allow enterprise IT departments to provide these same advantages for developers in their own organization. In his workshop session at DevOps Summit, Troy Topnik, ActiveState’s Technical Product Manager, will show how on-prem or cloud-hosted Private PaaS can enable organ...
The world's leading Cloud event, Cloud Expo has launched Microservices Journal on the SYS-CON.com portal, featuring over 19,000 original articles, news stories, features, and blog entries. DevOps Journal is focused on this critical enterprise IT topic in the world of cloud computing. Microservices Journal offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. Follow new article posts on T...
When it comes to building applications, one database definitely does not fit all. Traditional SQL databases are great for storing highly structured, normalized data and performing analytics and reporting. NoSQL has attracted developers with its awesome flexibility, and JSON-centric document stores like Cloudant make web developers incredibly productive by offering a JavaScript environment from end-to-end. Recent Big Data challenges have driven the need for a distributed approach to analytics e...
SYS-CON Events announced today the IoT Bootcamp – Jumpstart Your IoT Strategy, being held June 9–10, 2015, in conjunction with 16th Cloud Expo and Internet of @ThingsExpo at the Javits Center in New York City. This is your chance to jumpstart your IoT strategy. Combined with real-world scenarios and use cases, the IoT Bootcamp is not just based on presentations but includes hands-on demos and walkthroughs. We will introduce you to a variety of Do-It-Yourself IoT platforms including Arduino, Ras...
SYS-CON Events announced today that SafeLogic has been named “Bag Sponsor” of SYS-CON's 16th International Cloud Expo® New York, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. SafeLogic provides security products for applications in mobile and server/appliance environments. SafeLogic’s flagship product CryptoComply is a FIPS 140-2 validated cryptographic engine designed to secure data on servers, workstations, appliances, mobile devices, and in the Cloud....
SYS-CON Events announced today that the DevOps Institute has been named “Association Sponsor” of SYS-CON's DevOps Summit, which will take place on June 9–11, 2015, at the Javits Center in New York City, NY. The DevOps Institute provides enterprise level training and certification. Working with thought leaders from the DevOps community, the IT Service Management field and the IT training market, the DevOps Institute is setting the standard in quality for DevOps education and training.
SYS-CON Events announced today the DevOps Foundation Certification Course, being held June ?, 2015, in conjunction with DevOps Summit and 16th Cloud Expo at the Javits Center in New York City, NY. This sixteen (16) hour course provides an introduction to DevOps – the cultural and professional movement that stresses communication, collaboration, integration and automation in order to improve the flow of work between software developers and IT operations professionals. Improved workflows will res...
Even though it’s now Microservices Journal, long-time fans of SOA World Magazine can take comfort in the fact that the URL – soa.sys-con.com – remains unchanged. And that’s no mistake, as microservices are really nothing more than a new and improved take on the Service-Oriented Architecture (SOA) best practices we struggled to hammer out over the last decade. Skeptics, however, might say that this change is nothing more than an exercise in buzzword-hopping. SOA is passé, and now that people are ...
Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities. Accordingly, attendees at the upcoming 16th Cloud Expo at the Javits Center in New York June 9-11 will find fresh new content in a new track called PaaS | Containers & Microservices Containers are not being considered for the first time by the cloud community, but a current era of re-consideration has pushed them to the top of the cloud agenda. With the launch ...
The WebRTC Summit 2014 New York, to be held June 9-11, 2015, at the Javits Center in New York, NY, announces that its Call for Papers is open. Topics include all aspects of improving IT delivery by eliminating waste through automated business models leveraging cloud technologies. WebRTC Summit is co-located with 16th International Cloud Expo, @ThingsExpo, Big Data Expo, and DevOps Summit.
SOA Software has changed its name to Akana. With roots in Web Services and SOA Governance, Akana has established itself as a leader in API Management and is expanding into cloud integration as an alternative to the traditional heavyweight enterprise service bus (ESB). The company recently announced that it achieved more than 90% year-over-year growth. As Akana, the company now addresses the evolution and diversification of SOA, unifying security, management, and DevOps across SOA, APIs, microser...
The webinar, hosted by XebiaLabs, will feature 4 experts including Special Host Gene Kim, author of The Phoenix Project, along with IT thought leaders Gary Gruver, Randy Shoup and XebiaLabs' Andrew Phillips. The panel brings more than 30 years of collective experience surrounding microservices transformations at major companies including Google, eBay and Tripwire. "The story around microservices and containers is pretty compelling and the attraction of more flexibility is obviously alluring,"...
SYS-CON Events announced today that Creative Business Solutions will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Creative Business Solutions is the top stocking authorized HP Renew Distributor in the U.S. Based out of Long Island, NY, Creative Business Solutions offers a one-stop shop for a diverse range of products including Proliant, Blade and Industry Standard Servers, Networking, Server Options and...
SYS-CON Events announced today that FierceDevOps will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. FierceDevOps keeps software developers and IT operations personnel updated on the latest news and trends around the rapidly evolving role of the traditional IT worker.
GENBAND has announced that SageNet is leveraging the Nuvia platform to deliver Unified Communications as a Service (UCaaS) to its large base of retail and enterprise customers. Nuvia’s cloud-based solution provides SageNet’s customers with a full suite of business communications and collaboration tools. Two large national SageNet retail customers have recently signed up to deploy the Nuvia platform and the company will continue to sell the service to new and existing customers. Nuvia’s capabili...
WHOA.com has announced the newest addition to its data center footprint with the expansion into Equinix's newest state-of-the-art facility: DC-11 Washington, DC IBX+. Located in Ashburn, VA, this data center expands Whoa.com's presence to meet rapidly expanding customer demand for secure cloud solutions. Equinix, Inc. operates International Business Exchange™ (IBX®) data centers in 32 markets across 15 countries in the Americas, EMEA, and Asia-Pacific. Equinix is committed to operating faciliti...
SYS-CON Media announced today that @WebRTCSummit Blog, the largest WebRTC resource in the world, has been launched. @WebRTCSummit Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. @WebRTCSummit Blog can be bookmarked ▸ Here @WebRTCSummit conference site can be bookmarked ▸ Here