25 Jan Things to Consider Checking Before Installing a WordPress Plugin
Wish to protect your blog from HACKING?
The best way to do that is by taking care of what plugins you’re installing and lots of related things. Here I’ll let you know things to consider checking before installing a plugin.
Although there are many reasons why you’ve chosen self-hosted WordPress, but Plugins are always on top of my mind. Being compatible with third-party Plugins is the beauty of self-hosted WordPress driven blog. But you need to be aware of a lot of things.
Be sure to read our guide on:
- How To Secure Your WordPress Website From Hackers
- How To Check Your WordPress Website For Hidden Malware with these 5 Methods
- 6 Things to Consider Checking Before Buying Premium Themes
How Plugins affect security?
As a blogger or internet entrepreneur (or may be SEO in any firm or WordPress developer on the last) you need to be curious about knowing various aspects behind different elements of a WordPress script.
If you’re not curious enough and always following the trend then chances of getting trapped in any malicious event are really high. Since WordPress is an open-source platform, it’s really easy for any hacker (or pretending person) to get access to your website and use it for his/her own purpose.
Another reason behind hacker’s wide interest in WordPress driven website is that more than 60 million websites around the web are driven by this open-source script. I hope you understood the two primary reasons.
Now since I’ve opened the wound of your WordPress driven website so you must be eager to know the way of building protection.
Well, the easiest way for any hacker to put any malicious code that can lead to hacking or any related activity is through plugins. Plugins add a specific functionality to native WordPress code and they are usually written by third-party developers.
Get 20% off on the Best WordPress Themes & Plugins
But without using plugins, the beauty of self-hosted WordPress blog is hurt. So we have to take certain precautions that can help us sail on the safe side of the ocean.
Things to Consider Checking Before Installing a Plugin
Following are the things you need to note down in mind or in your note-taking diary or application (I recommend using Google Keep for that) and don’t forget to follow them at time of installing any new plugin.
#1 Developer profile and reviews
This is the first thing you need to consider checking. Every plugin is developed by some WordPress developer and you need to check his/her profile on the first.
Check whether that guy is really professional and how best he had reacted to user’s problems and issues (regarding plugin) in past. You can find all these things on landing page of that plugin you found and wish to use on the website.
Also, check reviews done by other users of that plugin itself. Whether it can perform the task it’s promising or not and how well it’s designed. Whether its code is secured or not.
These are certain questions you need to be looking for those reviews.
One of the great and always recommended sources of getting plugins is WordPress.org own store. You can find hundreds of them without any cost along with developer’s profile, reviews, and plugin reviews as well.
You can even research for review of any individual plugin over the web as we got great WordPress community, sharing their views and reviews on related subjects.
#2 Check support page
On the WordPress.org plugin directory, every single listing have a support page. This is the page where users can contact the developer of a particular plugin and ask questions related to issues they are facing.
If a plugin is really good then you’ll find most of the threads over there with ‘resolved’ tag. That clearly means that the developer is eager to keep plugin working in case of most of the users and also it’s being updated from time to time, fixing bugs and improving the experience.
If you’re unable to find support page, then you better look for alternative or contact developer directly. You can even ask about that plugin in various WordPress communities or forums to gain unbiased reviews.
#3 Update History
This is the next thing you need to consider and it’s a very vital point for finding whether a plugin is worth or not. Whenever you search for plugins over WordPress.org directory and find an outdated one, then you’ll see a message in slightly faded yellow color notifying you that individual plugin haven’t been updated in last two years.
Internet has a habit of changing and new vulnerabilities are keen to come out from their little homes. In order to be safe, keeping code updated and secured with those vulnerabilities is a MUST.
Remember receiving update notifications regarding WordPress core script? That’s the same thing, covering newly arrived vulnerabilities.
So the plugin you’ve finalized using for needed to be checked for an update. You have to know the date it was lastly refreshed fixing bugs or improving user experience, etc.
That last date shouldn’t be any longer than six months or last one year.
#4 Go for Premium Solutions
Now I don’t mean to say that you go blindly into any premium solution. But chances of finding a worthy and secure solution in case of premium one are higher than the usual one.
So you need to find a platform where premium plugins are available. Make sure you check above mentioned points in these premium plugins as well.
CodeCanyon, WPMU Dev are some known and legit sources of getting premium packages and they are really good at their work. You will not only find a secured package, but it will also come bundled with additional premium features.
#5 Number of Plugins on Your Blog
Last thing to consider checking before installing a new plugin is to check number of already existing plugins on your blog.
“More number of plugins affects the speed and performance of a website.”
Always remember the phrase I’ve added above and try to keep the total number as less as possible. If you can add a particular functionality simply by adding a piece of code on your own (finding such code is really easy, just Google for any particular functionality).
This is how you can skip the need for installing a plugin for that little functionality and also save the number to be increased by one.
Don’t forget to ‘Roger that’
From last 5-10 minutes, I’ve been trying to send important messages over the radio. They were all meant to keep your WordPress website safe from vulnerabilities raised by Plugins and I hope you ‘Roger that’.
*last updated 02/27/2019