It’s great you found a web host for your WordPress blog… now what?
What makes WordPress so powerful is its extendability via WordPress Plugins.
In many ways, plugins are a killer feature for using WordPress. They can add nearly any imaginable functionality to WordPress: eCommerce, social networking to even dancing unicorns . But what are the truly must-have WordPress plugins?
There’s a balance. Since the most popular and needed features get added to core WordPress, WordPress already comes with tons of functionality out of the box.
And as a general rule of thumb with WordPress, the fewer plugins you have, the better.
Plugins add a lot of overhead to your installation and can be a drag on performance. In fact, some WordPress plugins are banned by hosting providers.
Many aren’t coded very well, so it’s critical to be picky about which plugins to install.
But which WordPress plugins should you install?
Always try to use WordPress’ core features or manually add snippets to the functions.php file instead of adding yet another plugin. This is why any post that has more than 6 “essential” plugins isn’t really helping things.
That said, there are 6 must-have WordPress plugins that every blogger must install.
Security – Sucuri
According to the website BuiltWith, WordPress runs on 42% of all websites on the Internet.
With the popularity comes a big bullseye for hackers.
For the most part, if you keep WordPress and the plugins you use updated you should be secure. Unfortunately, most don’t keep their WordPress updated. Typically bloggers are busy with other things and not checking daily for updates.
A defaced blog can not only look bad in front of your audience, but in many cases, you don’t even know your website is hacked. This allows hackers to gather all sorts of information on you and your website visitors. Personal information like emails, names, and worse yet credit cards.
The hackers can install code on your website which could trigger Google deindexing your blog. Literally, overnight your search traffic can dry up.
Cleaning up what a hacker has done can take hours, if not days, to fix… if you even know what to fix.
Hackers can install multiple backdoors and modify WordPress so they can come back.
Fortunately, the best method to prevent a hack in the first place.
This is where the plugin Sucuri comes in.
Sucuri monitors your blog daily for any changes in website code. They make sure your site is secure from top to bottom. They offer:
- Security Scans
- Malware Detection
- DNS Monitoring
- SSL Monitoring
- Web Application Firewall
- Intrusion Detection System
- DDoS Attacks
And if you do get hacked, they will clean your site for you.
Sucuri pricing starts at $199 per year. It might seem like a lot of money but I can assure you it would easily cost you much more to remove a hack later.
Akismet is an anti-spam plugin for WordPress (it’s built into JetPack ). If you’ve been on the Internet for even a short time, you know that spam is a ridiculous problem. Akismet is essential, especially if you accept comments, forms, or any sort of user-generated content on your website. It comes bundled with every install of WordPress. All you need to activate it is an API key from the Akismet website.
The API key allows the plugin to do 2 things. First, it helps Akismet filter all the incoming spam based on its database of spam signals. It also allows your site to share new information with Akismet to help it identify more signals and filter spam more efficiently. It’s free for a personal blog. If you are using it commercially, it’s just $5/mo.
At some point, whether through user error, hack, data center disaster or a bad developer – you will probably lose your website. It’s not a certainty, but it is likely enough that it’s essential you prepare.
And nothing helps you prepare and keep a peace of mind like a backup plugin. To backup and restore your website, you need your site’s database and your site’s files. You can do this manually . But let’s face it, anything you do manually on a regular interval will be procrastinated.
There is a halfway point where you can manually download your files by FTP and rely on iThemes Security to automatically backup your database.
For this plugin, I use VaultPress which is built into my JetPack subscription . It’s seamless, simple, and automatic. They include storage and one-click restore. For larger sites, it’s worth every penny.
Both are simple to use with options to backup files and database. WordPress Backup to Dropbox also solves the storage issue if you don’t want your backups in your email (and certainly don’t just put backups on your hosting server).
SEO – SEOPress
Organic search is around 80% of all website traffic. If you aren’t optimizing your blog for search, you are missing out on a huge audience.
WordPress is one of the most SEO-friendly content management systems out of the box. It does, however, have plenty of room for improvement and customization.
That’s what makes the SEOPress SEO plugin so essential. It’s the same plugin installed on this very blog.
In 2019, I switched to SEOPress due to its lean code, bundled features, incredible onboarding, and Yoast’s continued update issues.
Speeding Up WordPress – WP Rocket
WordPress is fairly lean and fast out of the box. However, once you start adding posts, images, plugins, themes, and everything else – website speed can quickly become an issue, regardless of hosting.
Website speed is a core metric used by Google to rank your site in organic search.
WP Super Cache is one of the original and most popular “caching” plugins for WordPress. It creates a static HTML version of web pages requested by users so that your server doesn’t have to do work “creating” each page from the database every single time it’s requested. The concept gets complicated, but the short story is that you need WP Super Cache…especially for that day your website gets featured on CNN or something.
It’s simple to use. It’s owned and maintained by WordPress.com/Automattic (aka it has a business model to keep it updated). It does what it says it will do. It’s also used by some of the largest blogs on the Internet .
Some (actually, a lot) of people argue for Total Cache . It is solid, and offers a lot of functionality…but too much in my opinion. Functionality is only good as far as it can be used, and WP Super Cache wins on that count.
If you want a few extra features and better performance – I’d still recommend against Total Cache. Instead, I’ve started using WP Fastest Cache. It’s fast, amazing and has many more advanced features than Super Cache without the overwhelming clutter and instability of Total Cache.
Spying Plugin (aka Analytics)
Google Analytics is a free enterprise level analytics package offered by Google for any website. You can easily implement the Google Analytics code without a plugin. However, the Google Analytics for WordPress plugin is essential for a few reasons.
- It makes setting up Google Analytics straightforward
- It unlocks all sort of features for Google Analytics that are difficult to put in place consistently without a plugin (ie, event tracking on links)
- It makes implementing the newest version of Analytics seamless
That is all the essential WordPress plugins there are. The type of site you have will dictate all the other plugins you need. And remember, for the sake of security, speed, and simplicity, keep plugins to the minimum.
Now, as a publisher, there are a few other plugins that I use in a few cases. They are safe, free and do things that I love to profile.
Non-Essential Plugins I Love
I get a ton of emails about different plugins I use. Here’s a list of my favorite non-essential plugins that I use on this site.
Even though WordPress is free open-source software, there are a lot of advantages of being part of an “ecosystem.” That is, apps and services that all work seamlessly together. WordPress.com and Automattic created JetPack, which is like an umbrella plugin that allows a self-hosted WordPress website to access many of the services and apps that run on the WordPress.com ecosystem.
There are plenty of detractors of JetPack . It’s also definitely not required. However, it does have a lot of easy-to-use functionality that you can roll out as you like. It’s not essential, but I love it.
NB: JetPack does have an annoying habit of automatically activating modules. Keep an eye on it .
Redirection is a simple, but powerful plugin that permanently redirects a URL to another URL. It’s essential because, over time, your links within your site and to your site will change. When they change, users and search engines get a 404 Not Found page, which is no fun for anyone.
With Redirection, you can take the old URL and permanently 301 redirect it to another URL. It helps preserve user experience and search engine signals .
If you use RankMath as your SEO plugin, though Redirection is unnecessary since it includes a redirection manager.
Although the creator of WordPress used to call share buttons the “mullets of the Internet”, the now ubiquitous share buttons are essential for getting traffic and visibility. WordPress does not come bundled with the functionality. While it’s possible to install share buttons manually without a plugin, it’s tedious, easy to break when networks change their code, and doesn’t allow you to focus on things that matter.
The problem is that 98% of share button plugins (especially the ones in the WordPress repository) are awful – really awful.
I’ve used every hundred and used to love Social Warfare…but now I’m back to using Simple Share for Genesis (my theme). It’s basic and does the job.
The other alternative is JetPack’s Share that you can install on any WordPress site via JetPack.
I’m not a fan of pop-ups or interrupted user experience…but I am a fan of email and segmentation. OptinMonster is lead collection & call to action software made by the same folks behind Google Analytics for WordPress.
It’s not strictly a WordPress plugin, but their WordPress plugin makes the software even more powerful. I use it on this site – and many of my client’s sites. It’s as classy as you want it to be and worth the cost compared to other competitors due to versatility, scalability, and ease of use.
Compress JPEG & PNG images
Images are awesome – but they can also slow down your site. Every time someone navigates to a webpage, they have to request and download the images on the page. The smaller file size that you can make your images, the better.
There’s a ton of options out there to “losslessly compress” (in the jargon) your images. This plugin is by far and away the best in terms of quality, quantity of reduction and usability.
Fast Secure Contact Form
Contact forms. For the user, they seem so simple. But if you’ve ever tried to implement one, they can be deceptively tricky. I’m a fan of Fast Secure Contact Form because of its feature set depth and versatility. It’s not the prettiest plugin in the world, but it consistently gets the job done.
If you want something super simple, the contact form within Jetpack is solid.
Display Widgets allow you to define where and when to show certain widgets. Simple, but super handy.
JetPack recently added a module called “Visibility” that does something very similar. I still like the super-specific control that Display Widgets provides.
Really Simple CSV
Sometimes I need to bulk upload a lot of information to WordPress. This plugin is how I get it done.
Whether I’m rewriting hundreds of titles or adding thousands of new pages, Really Simple CSV is how I work smart, not hard within WordPress.
Syntax Highlighter Evolved for WordPress
If you don’t have the must-have WordPress plugins installed, I recommend heading right to your Plugins section and getting them all downloaded and configured.
When finding new plugins with specific functionality, filter them with these questions:
- What is the core functionality you need?
- Can you do that within WordPress or with a snippet of code?
- Can you do that functionality with a plugin that is already installed?
- Is the functionality you want better stand-alone or as part of a more comprehensive plugin?
Once you’ve found some potential plugins:
- Are they well-maintained? How are is the plugin supported?
- Can you test it out?
- How are the reviews insightful?
- Are the ratings insightful?
- Is it listed in the WordPress plugin repository? Why or why not?
- What are common issues with the plugin?
- Is it compatible with your current plugin set?
- Have you compared it to alternatives?
Once you’ve installed it:
- Is your site performance still good?
- Did any features or design break?
Have fun building your site! If you have any comments or feedback, please leave them below. If it’s 60 days after the publishing date – let me know via contact form and I’ll manually add it to the comments.