Every WordPress site should install a few must-have plugins to enhance performance, security and SEO. Many of these plugins have free and paid versions or may need the use of other free or paid services but all 8 in this guide an be used free of charge reliably and dependably.
It’s important to install only the most needed plugins. While each plugin can add features or enhancements, too many plugins can adversely affect site security and/or performance. After a few years of WordPress work we’ve come up with a list of the 8 basic and best WordPress plugins every site should have.
What settings work best are specific to each plugin and there can be differences from site to site. Use the plugins at your own risk and always test on a development site before deploying to a live site.
A free of charge, ad-free, European data privacy standards compliant plugin to block spam comments and trackbacks. The default settings on install will meet the needs of most but Antispam Bee is configurable.
Akismet anti-spam plugin comes bundled with WordPress which is free for personal blogs but a paid subscription service for business and commercial sites. Akismet paid subscriptions are affordable at a few dollars per month and there is a plus and premium however Antispam Bee is a dependable alternative when every free dollar helps.
Never launch a site without an offsite backup plan. Period. BackWPup will backup a restorable version of a website to various free and paid offsite locations. Backups to another directory on the same server, while better than no backup, is not recommended in case of a catastrophic hardware failure. BackWPup provides disaster recovery peace of mind and is highly configurable allowing for several types of backup jobs to be implemented. As an example some sites run a daily SQL backup and weekly full site backup.
The pro version adds
- Backup to Google Drive
- Custom API keys for DropBox and SugarSync
- XML database backup as PHPMyAdmin schema
- Database backup as mysqldump per command line
- Database backup for additional MySQL databases
- Import and export job settings as XML
- Wizard for system tests
- Wizard for scheduled backup jobs
- Wizard to import settings and backup jobs
- Differential backup of changed directories to Dropbox
- Differential backup of changed directories to Google Drive
- Differential backup of changed directories to Rackspace Cloud Files
- Differential backup of changed directories to S3
- Differential backup of changed directories to MS Azure
- Premium support
- Dynamically loaded documentation
Comments Blacklist works in tandem with Antispam Bee as another tool to fight spam. Download the ZIP file, extract text file and add it to SETTINGS>DISCUSSION>COMMENTS MODERATION and COMMENTS BLACKLIST fields.
There are plugins to automatically update the list however these are not updated regularly. The few minutes it takes to update the list can save hours in the battle against spam.
EWWW Image Optimizer
It is inevitable that WordPress users upload images directly from their camera or phone. WordPress does generate default image sizes but it doesn’t automatically optimize the images to produce the smallest image size at an acceptable quality nor can it discard the originally uploaded image. A website can then become very bloated thus making backups unnecessarily large or even unmanageable. Websites with image laden blogs can have hundreds of megabytes if not gigabytes of extra and unnecessary weight.
EWWW Image Optimizer can automatically generate an optimal image and then discard the original image after. This can significantly reduce the overall size footprint of a website and make it easier and faster to load and more manageable.
No security add-on is 100% effective and other security measures are important especially for ecommerce operations but iThemes Security is best suited for personal sites and small and medium sized commercial sites. The free version will protect/deter a website from the majority of attacks from both human and bots.
The yearly subscription for a fee pro version adds:
- Dashboard Widget
- Google reCAPTCHA Integration
- Two-Factor Authentication
- Settings Import & Export
- WordPress Core Online File Comparison
- Scheduled Malware Scanning
- User Action Logging
- Temporary Privilege Escalation
- WP-CLI Integration
- Password Expiration
- Private Ticketed Support
- WordPress User Security Check
Optimize Database after Deleting Revisions
WordPress site databases can become cluttered, and thus slower, with page revisions, trashed posts and comments, spammed comments, orphan postmeta items and other database leftovers. Optimize Database after Deleting Revisions can automatically perform a scheduled sweep the database of the unnecessary entries to reduce the overall database size and help increase overall site performance.
WP Super Cache or W3 Total Cache
A database driven site generates the content dynamically for every visit. This means for each visit the database is searched (request), information extracted then compiled to generate the page. It’s a “gas guzzling” process. A caching plugin creates a static version of the content which is far more efficient. Static versions can reduce page loading times which can greatly improve site performance.
WP Super Cache and W3 Total Cache are both caching plugins that can increase the performance of a WordPress site however this is where the similarity ends. WP Super Cache is an easier to configure plugin but not as highly configurable as W3 Total Cache nor has the extensive list of configurable features and options.
Both plugins will enhance the performance of a site. WP Super Cache is best suited for those who like it simple but the trade off is a “vanilla” enhancement without many of the optimizations that can further increase site performance. W3 Total Cache has an overwhelming amount of configurable settings to configure most every aspect of caching but there is no “one size fits all” configuration setting for W3 Total Cache. A majority of similar settings can be applied but it takes a lot of time to tweak the settings for each specific site. Few know the exact what, why and how of every setting resulting in a lot of internet searches to find the best optimization strategy that works. Our advice is take notes.
Search Engine Optimization is a mandatory practice on the web. It’s a roll up your sleeves and dive into the ever changing, high competitive, keyword infested, topical content world of ranking. Yes, we would all like to believe that quality content will always prevail but that isn’t true. The majority aren’t SEO specialists and the Yoast SEO plugin provides easy to use and understand assistance in this area. You get out of it what you put into it.