Work With Us

Blog

August 29, 2024

By Daniel Devereux in Best practices, Business, Education, Future-proof

WordPress Plugin Best Practices

How to Properly Optimize Your Plugins for Security and Performance

It’s quite easy to get into the weeds with WordPress plugins. Plugins have their place, but “just because you can” shouldn’t be your reasoning. The question you should be asking is, “Can I achieve the features or functionality I need without one”? Most of the time, the answer is “yes”.

If and when you use a plugin, follow these simple practices to ensure you choose the right one.

1. Choose Your Plugins Wisely

Who created the plugin?

Plugins can be developed by large agencies, small teams, or single developers. Due to this, releasing plugins on the WordPress Marketplace — while they have quality control systems in place — is a bit of a hit or miss. Ratings and reviews can’t always save you, but they’re a good indicator of future reliability.

Sure, a top-rated plugin with a reliable agency behind it may go out of business one day; after all, no one can predict the future. But, it’s much more likely that a poorly-rated plugin that hasn’t been updated in 6+ months and isn’t compatible with the latest WordPress version will break your site.

Choosing your plugins wisely is a big part of technology independence and IP ownership. It may cost more to build the functionality you’re looking for upfront, but over time, owning the IP means no licensing fees, no relying on third-party developers for support and maintenance, no hidden costs or premium upgrades, and all the control you need to make it work exactly how you need it to.

When was the plugin first released?

On the plugin’s profile page, if you click the “Development” tab and scroll to the very bottom of the page, you’ll see the release date of version 1.0. This is the same for every plugin ever released. This date tells you how long the plugin’s been active. In combination with the “Last updated” date on the main profile page, these two dates can be used as a good metric of long-term reliability.

The formula we use internally goes something like this:

Step 1: Current Year (a) v1.0 Release Date (b) = Multiplier (c)
Step 2: Multiplier (c) x Total Number of Releases (d) = Result

Example:

The current year is 2024.

The plugin we’re assessing was first released in 2018. Since then, there have been 20 total releases.

Step 1: 2024 (current year) – 2018 (v1.0 release date) = 6 (multiplier)
Step 2: 6 (multiplier) x 20 (total number of releases) = 120 (result)

A good rule of thumb: any plugin with a final result of 99 or below is considered risky. Anything between 100 and 119 is considered moderately safe. Anything 120+ is considered safe. There are exceptions to every rule, but this metric helps us make more informed decisions about the types of plugins and technologies we recommend to our clients.

When was the last major update?

WordPress requires developers to list certain information when releasing plugins on its Marketplace. One of these pieces of information is the “Last updated” date. This date tells us clearly when the plugin was last updated. Even if a plugin is not currently compatible with the latest version of WordPress (more on that next), if it was updated a week ago chances are the developer is actively working on the plugin. However, if it hasn’t been updated for a few months, this is probably a good indicator of a lack of dedication and support from the developer. Steer clear of any plugins like this.

Is it compatible with the latest WordPress version?

Compatibility with the latest WordPress version really should be a requirement. WordPress does not have an automatic termination policy in place for plugins that remain incompatible with several releases of WordPress, but it should.

Like most technologies, PHP and the frameworks that support WordPress change frequently. New WordPress releases are usually centered around security patches, new feature releases, and framework optimizations. Updates are vital to your website environment’s operability, reliability, and security. Using incompatible plugins increases your security and operability risk.

2. Are you running the latest version of WordPress?

Before installing a new plugin check what version of WordPress you’re running. If a new release is available, update it. But, not so fast! Speak with your Site Manager or web host before running any site updates. Updating any files or plugins on your site may cause errors, downtime, or security vulnerabilities. At the very least take a backup of your site and database before running updates.

If you are running the latest version of WordPress and the plugin you want to install is compatible, it’s safe to install and test on your site. Once you’ve installed a new plugin, run front-end and back-end tests to ensure nothing broke. If you notice anything is broken, deactivate the plugin.

3. How many active installations does the plugin have?

The plugin’s Active Installations metric tells users how popular a plugin is amongst the WordPress community. A higher number doesn’t necessarily correlate to a better plugin. Some plugin’s target audience is small depending on its usages. For instance, an SEO plugin may have 100,000 active installations while an AI chatbot plugin may have only 1,000 active installations. The difference of 99,000 active installations may seem like a red flag but it isn’t so cut and dry. The other information listed above matters just as much if not more when deciding which plugin to use or whether to use one.

4. How active is the plugin’s support page?

When viewing a plugin’s profile page, check out the Support tab. Some questions to consider are:

  1. How many “open” support tickets are there? High rates of open or unresolved tickets may signify a lapse in communication or increased turnaround times. This is typically a bad sign.
  2. How many repeat topics are there? If there are a lot of repeat topics, it may be that the plugin developer hasn’t yet fixed the issue or that the particular topic isn’t a priority. Either way, this can become problematic if it’s affecting your website.
  3. When was the last support ticket added? If it’s been a month since a support ticket was added but the plugin has thousands of active installations, that’s a good sign that it works well and does what it says it’s supposed to do.

5. What happens if the plugin’s developer seizes operations?

The more plugins you install on your website the more difficult it becomes to manage. Plus, do you ever really “own” your website’s IP if most of it relies on plugins and third parties to function? The answer is, “no”. What if plugins you rely on suddenly become obsolete? The developer discontinues updates or stops answering support questions. Suddenly, the repercussions become much bigger and the solution becomes more complex.

Unfortunately, there’s absolutely nothing you can do about it if a plugin becomes obsolete. The final solution to avoiding this scenario is to build the features or functionality you need as part of your native theme. But, this presents its own set of pros and cons.

What does all it mean?

This is all just a bunch of tech mumbo-jumbo for, “do your research and stay up-to-date”. If you choose your plugins wisely, refrain from installing plugins just because you can, and maintain your plugins properly, you’re already miles ahead of most.

82 responses to “WordPress Plugin Best Practices”

  22. Really insightful article! It’s great to see platforms prioritizing player well-being – iaron play games seems to be leading the way with its psychological assessments & responsible gaming focus. A balanced approach is key! 👍

  25. We’re a group of volunteers and starting a new scheme in our community. Your web site offered us with useful information to paintings on. You’ve done a formidable activity and our entire group might be grateful to you.

  31. hello!,I like your writing very much! proportion we be in contact extra about your article on AOL? I require an expert in this house to resolve my problem. May be that is you! Taking a look forward to see you.

  33. Great – I should certainly pronounce, impressed with your web site. I had no trouble navigating through all tabs and related information ended up being truly simple to do to access. I recently found what I hoped for before you know it in the least. Reasonably unusual. Is likely to appreciate it for those who add forums or anything, site theme . a tones way for your customer to communicate. Nice task.

  34. Hurrah, that’s what I was searching for, what a information! existing here at this blog, thanks admin of this website.

  65. When I originally left a comment I seem to have clicked the -Notify me when new comments are added- checkbox and from now on each time a comment is added I receive 4 emails with the same comment. Is there a way you are able to remove me from that service? Kudos!

  66. When I initially left a comment I seem to have clicked the -Notify me when new comments are added- checkbox and from now on whenever a comment is added I receive 4 emails with the same comment. Perhaps there is a way you can remove me from that service? Many thanks!

  67. After I initially left a comment I seem to have clicked the -Notify me when new comments are added- checkbox and now whenever a comment is added I recieve four emails with the exact same comment. Is there a means you are able to remove me from that service? Thank you!

  68. After I originally commented I seem to have clicked on the -Notify me when new comments are added- checkbox and from now on every time a comment is added I receive 4 emails with the same comment. There has to be a means you can remove me from that service? Thanks!

  69. I’ve been exploring for a little bit for any high-quality articles or blog posts on this sort of area . Exploring in Yahoo I at last stumbled upon this website. Reading this info So i am happy to convey that I have a very good uncanny feeling I discovered exactly what I needed. I most certainly will make certain to don’t forget this website and give it a look regularly.

  70. After I initially left a comment I appear to have clicked the -Notify me when new comments are added- checkbox and now every time a comment is added I recieve 4 emails with the exact same comment. Perhaps there is a means you can remove me from that service? Cheers!

  71. When I originally left a comment I appear to have clicked on the -Notify me when new comments are added- checkbox and now every time a comment is added I receive four emails with the exact same comment. There has to be a means you are able to remove me from that service? Appreciate it!

  72. When I originally commented I appear to have clicked the -Notify me when new comments are added- checkbox and from now on each time a comment is added I receive 4 emails with the same comment. There has to be a way you can remove me from that service? Thanks!

  73. When I originally commented I appear to have clicked on the -Notify me when new comments are added- checkbox and now every time a comment is added I get 4 emails with the exact same comment. Is there an easy method you are able to remove me from that service? Thanks a lot!

  74. When I initially left a comment I appear to have clicked on the -Notify me when new comments are added- checkbox and from now on each time a comment is added I get 4 emails with the exact same comment. Is there a means you are able to remove me from that service? Many thanks!

  75. Hey there! I’ve been reading your web site for some time now and finally got the bravery to go ahead and give you a shout out from Porter Texas! Just wanted to mention keep up the excellent job!

  76. 中華職棒賽程台灣球迷的首選資訊平台,運用大數據AI分析引擎提供最即時的中華職棒賽程新聞、球員數據分析,以及精準的比賽預測。

  77. When I originally left a comment I seem to have clicked the -Notify me when new comments are added- checkbox and from now on each time a comment is added I receive four emails with the same comment. There has to be a way you can remove me from that service? Cheers!

  81. That’s a great point about RTP – crucial for long-term enjoyment! Seeing platforms like jili58 prioritize that, plus quick payouts via GCash, is a big plus for PH players. Definitely streamlining the experience!

  82. Excellent post. I used to be checking constantly this blog and I’m impressed! Very helpful info specifically the final part 🙂 I handle such info a lot. I was seeking this certain information for a long time. Thanks and best of luck.

Leave a Reply

Your email address will not be published. Required fields are marked *

Go back to Blog

Subscribe to Site Assembly News

Get WordPress and Site Assembly news straight to your email inbox.

Write An Expert Guest Post

Interested in sharing your thoughts around WordPress, Al, or automation? We'd love to hear from you!

Inquire Today