WordPress plugins are powerful tools that expand what you can do with your WordPress site, without having to know how to write or edit code. But with nearly 60,000 WordPress plugins available in the WordPress repository alone, and the growing list of premium and free plugins available from other online sources, how can you find the best WordPress plugins that can power your website?
In this beginner’s guide to WordPress plugins, we’ll take a look at everything related to the plugins that help power WordPress. Now, let’s take a look.
Since its inception, the WordPress platform has come a long way. Because of its ease of use and powerful website-building capabilities, more web developers are using WordPress to power their sites than ever before. The number of WordPress plugins available only continues to make WordPress more versatile.
Because of the popularity of WordPress as a content management system, the ecosystem of available WordPress plugins has grown to meet the development demands of WordPress users looking for highly flexible and customizable ways to build a unique website.
But what exactly are WordPress plugins and how do you use them? Where can you go to find the best WordPress plugin options for your individual site development needs? Let’s cover a few of these questions and more.
What is a Plugin In WordPress?A WordPress plugin is essentially “add on” software that you can upload to your WordPress website to make it do more things. Essentially, a WordPress plugin is a string of code created by a developer that “plugs in” and interacts behind the scenes of your WordPress website.
In layman’s terms, a WordPress plugin adds new features and functionalities to your site. Some WordPress plugins extend the existing functionality of WordPress core or even other plugins.
Enterprising WordPress developers have written and deployed tens of thousands of plugins that you can quickly and easily add to your WordPress site. A WordPress plugin can do everything from making a minor site improvement to massive, all-encompassing changes that completely alter the way your website is displayed and used.
For example, you can easily find WordPress plugins that will turn your site into a fully-functioning social network, eCommerce store, or user forum, just to name a few.
Conversely, a plugin can add a small feature to your site, such as displaying your Twitter feed on the homepage. Beyond that, many of the available WordPress plugins don’t have any front-facing impacts on your website. For example, you can find plugins that will help improve site performance or help you get better SEO rankings.
Are WordPress Plugins Free?
Yes! One of the amazing things about WordPress is the free WordPress.org plugin directory, also known as the WordPress repository. Here, you’ll find nearly 60,000 free WordPress plugins that you can download and add to your website.
It’s certainly possible to build an entire WordPress site using entirely free plugins from the WordPress repository. Many free plugins offer robust features and don’t require you to pay anything to get access to everything the plugin does.
Why Should I Buy Premium or Pro WordPress Plugins?
The free version of a WordPress plugin may not always give you the full functionality of the plugin. Depending on the requirements and specifications of what you need the plugin to do, opting for a premium, paid, or “Pro” version of the plugin can be well worth the cost.
One of the benefits of free WordPress plugins is that they allow you to experiment with the basic features of a plugin before committing to the purchase of premium features. This allows you to see how the plugin impacts your site without making an up-front monetary commitment. That’s a pretty good deal, isn’t it?
For example, take the iThemes Security plugin. This is a plugin that, when installed and implemented on your site, will harden your website against the most common WordPress security issues. This plugin is a perfect example of one that you can get for free, with its core functionality and basic features immediately available to use on your site.
When you’re ready to take your website security efforts to the next level, you’ll likely want to pay the $80 per year for the paid premium plugin upgrades, including things like two-factor authentication and WordPress security logging. Considering how much your website is worth, paying for the Pro version of the plugin is worth it.
Why use premium WordPress plugins? Free WordPress plugins also usually have limited or slower support. Most free plugins offer basic support through their individual plugin page on the WordPress.org plugin directory. Premium or Pro versions of plugins often include the addition of private, ticketed support, or support with faster response times. Paying for a plugin to get support can again be something that is worth the cost if you run into any issues while using the plugin.
Where Do I Find Plugins for WordPress?
To begin exploring all the WordPress plugins that can help power up your website, the best place to begin is at the WordPress.org plugin repository. At the time of this writing, there are 59,458 free plugins available for download in nearly any category you can think of, from contact form plugins to eCommerce plugins to SEO and more.
Many of the plugins you can download from WordPress.org are 100% free to use and will never ask you to upgrade to a premium version. Others offer their free versions to allow you to explore their usefulness before upgrading for additional features.
Keep in mind that some of the plugins in the WordPress repository are out-of-date and no longer function properly with the current version of WordPress core (currently v. 6.0). When browsing the free plugins available on the repository, always pay special attention to the fields on the plugin download pages that say “Last updated” and “WordPress Version.” If a plugin isn’t tested to work with the version of WordPress your site uses, downloading and installing it could cause harm to your site.
Most premium plugins (those that charge a fee before you can download and install them) can only be found if you know where to look or search for them.
For example, say your WordPress site isn’t loading as fast as it should, and you realize you need to put some effort into WordPress optimization. In that case, a simple Google search like: “best WordPress caching plugins” will turn up hundreds of third-party premium and free plugin options for you to explore to speed up your site.
There’s a saying in the WordPress community that goes something like this: “No matter what you want your site to do, there’s a plugin for it.”
And there’s a lot of truth to that. Before heading out and hiring a professional WordPress developer to build custom functionalities into your site, first do some simple Google searches to see what’s available at your fingertips. You’ll be surprised what you’ll uncover … and chances are there’s already a WordPress plugin out there to do what you need.
Which Plugins Are Best for WordPress?
Depending on the goals and objectives of your WordPress site, the “best WordPress plugins” may be different for you than they are for another WordPress user. As with most things in life, “best” is, at “best,” a subjective word.
Plugin Research & Reviews
In general, you’ll want to do a little research to find the best WordPress plugins for your particular situation. Read a few articles after searching for “best WordPress plugin for ______” or “best WordPress ______ plugin.” You’re likely to find pages of articles that have lists of the best plugins ranked by criteria of features, prices, user experience, and more.
Often, “best WordPress plugin” articles are a great source of information when it comes to knowing which plugins to download in the first place.
Ask People You Trust
The WordPress community is a rich resource of people who love what they do, have tested and tried many different WordPress plugins, and are eager to help out and share advice. Use their knowledge and experience if you have questions about a plugin.
For example, you could ask people on Twitter whether they like one plugin
or another. Use the hashtag #WordPress and you’re sure to get more advice than you expected!
Download and Test Plugins
Another way to find the best WordPress plugins is by actually tinkering with a plugin to see if it will do what you need. While testing plugins can be time-consuming, this approach may be worth it in the long run so you don’t waste time after you’ve committed to a particular WordPress plugin that you discover won’t actually do what you need (yes, this can happen.)
A good way of performing plugin tests is to set up a WordPress localhost installation that is essentially a copy of your existing WordPress site. In general, having a development version of your website will help you avoid any risks of installing a WordPress plugin that may break things. If you’re down for the challenge, it’s pretty easy to copy a WordPress site and then install WordPress locally.
Say you’re running a small political blog to share your thoughts about politics in 2022 and beyond. You’re not looking to sell any merchandise or promote any paid services. Your main objective is simply to share your ideas with as many readers as possible.
In this scenario, the best plugin for you might be one that helps you gather as many subscriber emails as possible so you can add them to your newsletter distribution list. You wouldn’t, however, need a plugin as robust as WooCommerce, because your site has nothing to sell.
Conversely, if you’re looking to build an all-in-one eCommerce site to sell a new clothing line you’ve just designed, WooCommerce may easily be the best plugin for WordPress that you can download and install.
Two Essential WordPress Plugins for Every Website
As you can see, when it comes to overall site design and functionality needs, the “best plugins” is certainly subjective. However, every WordPress site owner, no matter how large or small, needs to pay close attention to certain WordPress utility plugins that beef up website security and website backups.
When it comes to WordPress development, plugins that focus on safety and security are the best plugins for every site owner. Once you’ve settled those two fundamental issues, you can begin searching for new plugins that can expand site functionality and improve user experience.
The first two WordPress utility plugins that every WordPress site owner should download and install before digging further into functionality plugins are BackupBuddy and iThemes Security Pro.
BackupBuddy is a WordPress backup plugin that continuously and automatically creates backups of your entire WordPress site, including your WordPress database and all relevant WordPress core and site-specific files, including your themes and plugins.
If the worst should happen and your site gets hacked, becomes corrupted, or completely crashes, BackupBuddy gives you the power to instantly restore your site back to a prior state before the issues arose.
A WordPress backup plugin saves you the time, money, and frustration of trying to troubleshoot technical problems that may be beyond your current scope of understanding. It will also save you a ton of time by not having to recreate content that may be lost during a breach.
iThemes Security Pro
Similarly, iThemes Security Pro is a WordPress security plugin that puts layers of protection between your WordPress site and the dangers of outside security breaches, hacks, attacks, and malware.
By continually monitoring the security activity on your site, iThemes Security Pro will keep dangers at bay while alerting you to new threats as they arise.
How To Install a WordPress Plugin
Installing WordPress plugins is a lot simpler than you may think. There are a few different methods to install a WordPress plugin, so let’s cover the three most common approaches:
- Install a plugin directly from the WordPress admin dashboard’s plugin search
- Upload a plugin zip file via the WordPress admin dashboard
- Upload a plugin via sFTP or FTP
How to Install with Plugin Search
The easiest way to do it is right within your WordPress admin dashboard.
The install a WordPress plugin, go into the Plugins section of your WordPress dashboard. You’ll find this menu item on the left side of your screen.
From there, click on “Add New.”
From the WordPress Add Plugins page, you can run a search for any specific plugin on the WordPress repository that you’d like to install.
Let’s take the example of installing the Yoast SEO plugin to help improve your site’s rankings on search engines. All you need to do is type in the words “Yoast SEO” and find what you’re looking for.
You can also browse popular, featured, or recommended plugins. Once you’ve decided on the plugin you want to install, click on “Activate.”
That’s literally all there is to it. Your new plugin is now fully installed and activated. You can begin using the new plugin immediately.
Most plugins will then display an options menu that will appear within your WordPress dashboard, on the left-hand side of the screen. For example, with Yoast SEO you would now see “Yoast SEO” as a menu option in your dashboard. From there, you can start to dig into the plugin settings and customize it for your individual use.
How to Install a WordPress Plugin with a Zip File Upload
If you find a premium or third-party plugin that you’d like to install, simply download it from the third-party website where you purchased it.
In almost all cases, WordPress plugins come packaged as zip files.
Once the plugin zip file is downloaded, take note of where it was saved on your local device.
You can then upload a plugin zip file directly to your WordPress site using the Upload Plugin button on the same Plugins > Add New page. Here, you’ll notice the option to upload the new plugin.
Simply select your plugin zip file and upload the entire zip file.
After the upload is complete, click on “Activate” and you’re all set.
How to Install a WordPress Plugin via FTP or sFTP
If you use an FTP or sFTP client (and have the correct WordPress file permissions), you can upload a WordPress plugin directly to your website’s server. The method of installing a WordPress plugin allows you to do it from outside of the WordPress admin dashboard.
Connect to your website’s server using the credentials provided to you by your WordPress hosting company. Navigate to the file listing (usually in the public_html directory). Here, you’ll see all the WordPress core files that power your website.
Locate the wp-content folder and expand it.
You’ll then see a plugins folder. Expand this directory to see all the folders of any plugins you currently have installed on your site (the names should match the plugin’s name)
This time, you’ll unzip any plugin zip file you have downloaded. Upload the unzipped version of the file into the plugins folder.
After the files finish uploading, you’ll see the new folder in this directory for the plugin. You’ll then want to log in to your WordPress admin dashboard to continue activating and setting up the plugin.
How To Update a WordPress Plugin
WordPress updates are an important part of keeping your WordPress website safe and healthy. WordPress plugins should be actively maintained and improved with new version releases by the person or team who created the plugin. This means you need to update WordPress plugins.
Installing and activating a new plugin isn’t the end of your responsibilities once you enter the world of plugins for WordPress. In fact, consistently updating each and every plugin you have installed is absolutely essential to keeping your website secure and functioning on all cylinders.
Plugin updates or new version releases mean WordPress plugins get better through bug fixes, added features, and hardened security. You should take advantage of WordPress plugin updates as often and as quickly as possible.
When new versions of WordPress plugins are released, you’ll receive a notification in the WordPress dashboard that an update is available. You’ll see several icons in your WordPress dashboard that indicate available WordPress plugin updates.
Similar to the plugin install process, you’ll typically be able to update plugins right within the WordPress dashboard. Within the plugins section of your dashboard, you’ll be clearly alerted each time a new version of a plugin you’re using releases a new update.
Before running the update, you’ll be able to review the details of what changes come with the update and how they may impact other areas of your site.
From the WordPress dashboard, if you visit the Plugins page, you’ll see the details of the available updates. From this page, you can see the next available version number and the option to update the plugin.
If you are familiar with any form of social media, you will recognize the red notification circle with the number of notifications in the center. The same notification method applies here for available WordPress updates.
1. From your WordPress dashboard, click on “Updates” and you will be guided through a process to install any available updates. Get into the habit of installing updates to WordPress core, WordPress plugins, and WordPress themes as often as they are available.
2. Select the plugins you wish to update and click the “Update Plugins” button. Before you update, be sure to run a WordPress backup with a WordPress backup plugin such as BackupBuddy.
3. All done! Once the updates have been completed, you’ll receive a success notice.
Using iThemes Sync for WordPress Plugin Updates
While it’s important to update WordPress plugins, both for the security of your site and to take advantage of the latest features and improvements, updates can happen pretty frequently. If you’re managing multiple WordPress sites, keeping them all updated can take up a lot of valuable time. You have to log in to each individual site and perform updates on a daily or weekly basis.iThemes Sync is an easy way to perform updates on your WordPress website for all of your websites from one place.
Instead of logging in to each website individually, with iThemes Sync, you have one place to view and install available updates, making managing multiple WordPress sites easy.
After you log in to the Sync dashboard, you can get a quick look at all available updates, including core updates, plugin updates, theme updates, and a total for all updates. You can run these updates all at once from the Sync dashboard.
If you’d like, you can also set up automatic plugin updates. This way, you don’t need to worry about running manual updates every time new versions are released.
However, in most cases, it’s better to update your plugins manually. Doing so will give you full control over when the updates happen and will help you ensure that you’re prepared for any potential errors or site corruption.
WordPress Plugin Auto Updates
Updates occur all the time and that might get a little annoying. The good news is that you have the option to automatically update WordPress plugins, also referred to as WordPress Auto Updates.
Previously, you would have to have used a plugin like iThemes Security’s Version Management feature to handle auto-updates for you.
Why would auto-updates be rolled into WordPress core? Again, outdated plugins and themes are still the #1 reason WordPress sites get hacked. Version releases often include important security patches to close vulnerabilities (just check out how many security issues with themes and plugins are disclosed from month to month in our WordPress vulnerability roundup). That’s why always running the latest version of any plugin or theme you have installed on your site is a security best practice.
Now WordPress core allows you to set plugins and themes to update automatically from your WordPress admin > Plugins > Installed Plugins and Appearance > Themes pages. This way, you can always know your site is running the latest code available.
How to Turn On Auto-Updates for Plugins
On the Plugins > Installed Plugins page, you’ll see a new column for “Automatic Updates.” Click the link to Enable auto-updates or disable auto-updates for each plugin you have installed. You can also use the bulk selector to apply the bulk action of enabling/disabling auto-updates.
Reasons to Update WordPress Plugins
Let’s say your WordPress website is working seamlessly and you couldn’t be happier with the performance. Why bother updating WordPress plugins when you have a good thing going?
Plugin updates are for your benefit. Plugin updates provide the following:
- New plugin features
- Bug fixes
- Improved WordPress security
Maybe you don’t need new features, but bug fixes and improved security are critical components of plugin updates.One of the easiest ways to reduce the risk of your WordPress website being hacked or compromised is to keep WordPress core, plugins and themes updated to the latest version.
WordPress plugin updates are critical to maintaining the functionality and security of your WordPress website, so neglecting to update WordPress plugins puts your site at risk and increases the potential for hackers to exploit plugin vulnerabilities.
Update WordPress Plugins to Increase Security
When plugin updates are released, developers include an overview of the update. Hackers watch release notes and as soon as they learn of a vulnerability, they immediately begin to exploit it.
Your WordPress site may be working just fine and dandy, but you may not realize the security risk your site faces when you neglect to install updates.
Running updates can be tedious and time-consuming, but it absolutely needs to be done.
The vast majority of hacked WordPress sites have not been updated.
So now that we all understand the seriousness of updating WordPress plugins, how do you go about running these updates?
Again, backing up your site is a must before updating plugins to new versions or releases. No matter how safe or harmless it may seem, the developers that push these updates out can’t possibly test them for every situation or individual application.
WordPress Plugin Tips
After over a decade of building, selling, and using plugins ourselves, here is some of the best knowledge we can share about WordPress plugins.
1. Sometimes (well, usually), Less is More
Plugins are great resources because they allow your site to do things it otherwise wouldn’t be able to do. But, the more plugins you have, the greater the risk of problems occurring within your site.
Plugin problems can be random and unexpected, or more specific issues related to plugin or WordPress upgrades. Plugins can also conflict with other plugins or even themes.
In addition, each active plugin will slow down your site by some amount. Imagine that each active plugin slows down the site by 5 milliseconds (some more and some less). If you have 20 active plugins, that means every page will take a tenth of a second longer to load than if no plugins were active.
If you catch yourself asking “Do I have too many plugins installed?”, then you probably do. Just remember to keep the number of plugins reasonable.
2. If You’re Not Using It, Delete It
Many people keep a library of inactive plugins sitting on their site. Since you have the option of deactivating a plugin, it may seem tempting to leave it on your server. But even disabled plugins can pose a major security risk, so if you aren’t using the plugin, remove it entirely. You can always reinstall the plugin if you change your mind later.
3. Plugins Should Always Have A Purpose
There are tons of cool plugins that do fun things. But since plugins slow your site, and could pose some security issues, it’s important to make sure the plugin serves a genuine purpose–and isn’t installed just because it’s cool.
Cool is OK, of course, but probably not a strong enough reason to use a plugin. Each plugin you use should do something important to enhance your visitor’s experience at your site. The way you use plugins affects your site’s design and ultimately affects your brand.
4. Ovoid Overlapping Plugin Functionality & Features
Plugins that overlap in features, functionality, and services are just taking up valuable space and bandwidth, and potentially posing plugin conflicts and security risks. You simply don’t need 4 plugins that handle redirections, 6 plugins that create SEO, and 8 different social networking sharing plugins In addition to slowing your site down, it’s just more you have to keep up with. And who wants that?
5. Avoid Nulled or Bootleg Copies of Premium Plugins
Only use plugins that come from either the WordPress Repository or from a trusted premium plugin developer or marketplace. Since plugins have the potential to create security gaps in your site, you want to be sure they have been vetted by knowledgeable developers who stand behind their work with professional support.
Trusted WordPress plugin providers will provide updates to address any bugs or security issues, as well as updates to keep pace with the latest version of WordPress.
6. Keep Your Plugins Up To Date
Developers provide updates to their plugins to:
- Add new functionality
- Patch security holes and fix bugs
- Leep up with the ever-changing WordPress core
If you aren’t updating your plugins when the developer provides it, you are exposing yourself to potential frustrations and possible breaches. As plugin developers, we can honestly tell you that we don’t update plugins just for the fun of it (well, it is fun), but we ultimately want to ensure that our plugins function at their peak levels of performance. And that’s what we want for you and your site—peak performance!
7. Consider Coding Minor Plugin Functions
If a plugin only performs a minor function, the code may be better off residing on the theme’s functions.php file rather than within a stand-alone plugin.
Plugins are great because they provide the coding for you, but if
the function is really simple, why not save your plugin “bandwidth” for more critical functions? Just remember that if you place the functionality in the theme file, it stays with the theme.
If you change themes, that functionality goes away, too. Make a note to remember these details and recreate them for your new theme. Another (advanced) option is to code an all-inclusive plugin that has your common functions and just use that.
Learning how to write code in your theme files can seem daunting, but with the right guidance and WordPress training, doesn’t have to be difficult.
8. When Your Site Stops Working… It’s Usually Because of a Plugin
If some part of your site just all of a sudden isn’t “working as it did before”, then it’s likely a conflict between plugins or between a plugin and your theme.
If you’ve recently added a plugin, you can bet a plugin conflict is the source of the problem. This doesn’t mean you can’t use the plugin–but you’ll have to figure out what’s going on so you can make an informed choice about how to proceed.
The best way to “find the problem” is to deactivate all your plugins… and slowly (one-by-one) reactivate the plugins to find the plugin causing the issue. Once you know which plugin is the culprit, you can then evaluate the importance of that particular plugin.
9. Practice Respect
Sometimes with WordPress plugins, it’s a matter of “you get what you pay for”. If you use a free plugin, remember that you haven’t paid for all the hard work the developer did – work that makes your site better. You also haven’t paid for support, so be reasonable in what you expect or request.
With premium plugins, you will receive upgrades and support based on the terms of your license (often an annual license). Make sure you know the terms – and definitely take advantage of the great support being offered. The WordPress community is a close one. Word about how you treat one developer will spread, so we still recommend practicing respect in all your interactions.
At iThemes, we take support seriously and have built our business around providing world-class support to accompany our premium plugins. We are so committed to this that we have full-time employees around the globe available to serve and assist. With that kind of dedication and financial outlay, we offer our plugins with an annual license to cover upgrades and support. Without it, well, we wouldn’t be able to provide support and upgrades, which in our book, would be disrespectful toward our customers.
If we haven’t harped on it enough already, we’d like to reiterate the importance of backing up your site before installing and activating new plugins. This concept is WordPress 101 for a good reason: Any site owner who’s lost any or all of their work due to running a plugin update has already learned this important lesson the hard way.
The point is that this isn’t a lesson you want to learn on your own. Get the BackupBuddy plugin and make sure your site is fully backed up before running every update.
Additional Help for WordPress Plugins
As a new WordPress developer, chances are that you feel like you’re on somewhat of an island. With so much to learn and so many questions about a variety of concepts (including plugins), where can you turn for free and qualified help?
The amazing thing about the WordPress community is that it’s filled with thousands of knowledgeable developers that are ready to help and answer your most detailed questions. For free.
The WordPress Support Forums are one of the most valuable tools you’ll find when you have questions about how a plugin works, what to do if there’s an obvious conflict, or which plugins can offer solutions for your unique needs.
What’s best, the existing knowledge base already contained with the WordPress Support Forums will often lead you to the answer to your question without needing to post a new thread.
The chances are, if you’re having a problem with a plugin, someone else has had the same identical problem.
Don’t hesitate to reference the Forums any time you have a question or feel stuck on a specific plugin process.
With free plugins, you’ll often find that direct customer support from the plugin developer is shoddy at best. True, they may answer a few questions via email when you first download the free plugin.
But after a while, you’ll be on your own.
A major benefit of buying premium plugins is that most of them come with direct, one-on-one support when you need it. Some developers may offer free phone, chat and email support for a month. Others for a year. Yet others for a lifetime.
When looking into premium plugins, make sure you have an understanding of the customer support level you’ll receive after you make the purchase.
Sometimes, the support alone is more than worth the price of admission.
Wrapping Up: Put the Power of WordPress Plugins To Work
WordPress, in and of itself, is an extremely powerful platform for nearly anyone to build a useful, professional, powerful website. And while WordPress core will get you well on your way, the plugins available for WordPress will help land you at your desired destination.
For those that manage multiple WordPress sites for different clients, finding niche plugins that you can quickly employ can save a ton of time and help rocket you toward expert WordPress developer status in the eyes of your clients.
Start digging into the world of WordPress plugins today and find what you need to build a site that meets and exceeds the expectations of your vision.
Each week, the team at iThemes team publishes new WordPress tutorials and resources, including the Weekly WordPress Vulnerability Report. Since 2008, iThemes has been dedicated to helping you build, maintain, and secure WordPress sites for yourself or for clients. Our mission? Make People’s Lives Awesome.