WordPress plugins can add amazing features to your website, but should be installed and used sparingly. When you are just starting out with WordPress, you may be tempted to install and activate a wide array of plugins, but you should proceed with caution. They can slow down your website, and even make it vulnerable to malicious attacks.
If you’re going to install plugins right off the bat, you’re better off using only a handful of ones that you really need. It’s important to keep in mind that some plugins don’t work well with certain themes or cause conflicts when used in conjunction with other plugins. This is yet another reason to only install plugins that are totally necessary.
In this post, you will learn about a handful of super useful plugins that will greatly improve your site’s Search Engine Optimization, security, and site speed. Feel free to install the following plugins as soon as you have your site up and running.
I highly recommend all of these plugins, and use them myself.
1. Yoast SEO
Yoast SEO is a fantastic plugin designed to help you optimize your website for the search engines… well, Google because I don’t know anyone who uses Bing or Yahoo anymore. Do you?
Yoast provides excellent options for important on and off-page elements, including the following:
Your page title shows up at the top of your browser window, as well as the title in Google’s search engine results page. It is regarded as the single most important on-page SEO element.
A meta description is the excerpt shown beneath the page title in search engine results. Writing compelling titles and meta descriptions for your pages and posts will encourage users to click on your site, and not the other results.
An XML Sitemap makes it easy for Google (and the other search engines) to discover all the content on your website. The built-in XML Sitemap feature of Yoast SEO allows you to easily generate a sitemap which is automatically updated every time a new page or post is published.
If Yoast SEO is incompatible or causes conflicts when used with your theme, you can use All In One SEO Pack instead. The two plugins have very similar features.
BackWPup is a great plugin you can use to backup your WordPress website, either manually or automatically. Any website on the internet – not only those on the WordPress CMS – is vulnerable to hackers, so it’s imperative that you have your site backed up in case of an emergency.
BackWPup lets you backup your site to a variety of different locations, including:
- sent via email (only use this if your site is small in size)
- FTP folder
- S3 service
- Microsoft Azure (Blob)
- Rackspace Cloud Files
I automatically backup all of my sites to DropBox, which offers both free and paid accounts. The free accounts come with enough space to easily backup the majority of websites.
Make sure you DO NOT only save your backup to the same FTP directory as your WordPress installation. If a bad guy – or girl – hacks into your site, they can likely easily gain access to the folder containing your backup, so put it somewhere totally separate from your main website.
BackWPup has a variety of configurations, including the option to exclude certain files and folders from being included in the backup. You may not need to backup plugins or themes that you are not currently using.
One of the greatest features of this awesome plugin is the ability to schedule automatic backups of your site. You can set up the frequency, and choose from hourly, daily, weekly or monthly. In addition, you can select the time at which you’d like your backups to take place.
Performing backups does require web server resources, so it’s best to set yours to run at off-peak hours, when your site receives the fewest visitors.
3. WordFence Security
The security of your website should never be overlooked, and you want to make sure that you are always protected from the latest threats. There are a variety of effective WordPress security plugins, one of which is WordFence Security.
This is the most popular security plugin for WordPress websites, and has been downloaded a whopping 24,274,356 times. It is available in both free and premium versions, and is a super-effective tool in fighting malicious threats to your website.
Both the free and premium versions of this plugin offer a complete firewall which effectively blocks malware, brute-force attacks, back door vulnerabilities and more. Technical support is included with both versions of the plugin, and the developers are open to plugin feature suggestions as well.
WordFence Security plugin features include the following features:
Web Application Firewall
The Web Application Firewall prevents your site from being hacked by effectively identifying malicious traffic and blocking attackers before they can even access your website. It is protected by the Threat Defense Feed, which is automatically updated to ensure that your site is protected from the latest threats. WordFence will protect you from being hacked even if you are using a vulnerable theme or plugin by blocking attacks based on regularly updated attack patterns.
Block Brute Force Attacks
After you download and install the WordFence Security plugin, you may notice a large amount of people trying to login to your site. All of these attempts are monitored, and WordFence will lock out users looking to guess your WordPress username and password to gain access.
The plugin prevents Brute Force Attacks in a number of ways, including the following:
- locking out users after too many failed login attempts.
- locking out those who use the “forgot password” link too many times.
- the option to lockout anyone using an invalid username.
- making sure WordPress doesn’t give hackers information about usernames you use to login.
The plugin scans all core files, themes and plugins for malware, code injections and backdoors. By comparing the core files, themes and plugins on your website with those in the WordPress.org repository, WordFence is able to accurately see any changes caused by malware. They maintain a cluster of high performance servers in their data center to perform regular scans of your website.
The features above are all included in the free version of WordFence Security, and should be sufficient for most sites. If you’d like additional security, feel free to get the Premium version. Compare the free and premium versions.
If you’re serious about protecting your WordPress site from new and emerging threats, WordFence Security is definitely a plugin you should install.
4. W3 Total Cache
When it comes to optimizing your WordPress website, the role of caching should never be underestimated. On my websites, I use W3 Total Cache, a popular plugin trusted by AT&T, Mashable and Matt Cutts, to name a few. It greatly increases the speed at which your site loads, which is very important.
WordPress is database-driven, and relies on queries to and from the MySQL database to fetch and render pages and posts. This process makes your site content load more slowly and uses more of your web server’s valuable resources. Caching plugins effectively create static copies of your pages and posts, and serve them to your website visitors instead of fetching and rendering them from the database every time.
Please keep in mind that there are many other factors that can affect your site speed, including the following:
- Your web hosting – some hosting is just terrible, and should be avoided at all costs.
- Size of images on your site – make sure they’re optimized for the web… and not sized to be printed on a billboard.
- Quality of your theme – some of them are bloated and slow.
- Using a CDN? – a Content Delivery Network mirrors multiple copies of your site assets on servers around the world, allowing it to load quickly for users no matter where they are. It simply serves them with mirrored content from the server that is closest to their location.
When you come across a slow website, do you wait for it to load or just look for one that doesn’t drive you crazy? If you’re like most people, you don’t wait, and move on to other search results. Website speed is crucial, and you want to make sure your site is setup for success right off the bat.
There are a number of blog posts online that list “the 30+ best plugins for WordPress.” What they fail to mention is that you generally SHOULD NOT install that many plugins on your WordPress site. For this reason, I decided to focus on a handful of super useful plugins that you can feel comfortable installing on your WordPress website right away.
As I mentioned earlier, some plugins are incompatible with certain themes, and may not work well when used with other plugins. For this reason, I have included some alternate plugins that you can try instead of the ones featured in this post.
Can you think of a plugin that deserves to be featured in this post? Leave a comment and let us know your thoughts.
If you found this post helpful, please share it and spread the word!
Want more like this? Sign up for my newsletter to receive helpful WordPress Tutorials, Tips and Tricks.