After choosing the ideal hosting and the best possible theme for your site, the next thing to do is think about plugins (more on what plugins actually are below). But how to find new ones? How can you best ensure you're getting one that's credible, secure, and does exactly what you want it to? The goal of this particular guide is to help you sort the wheat from the chaff (note: for more guides in the same series, head here: WinningWP Guides).
WordPress plugins let you add extra functionality to your website. They are “bolted on” — or “plugged in” — to WordPress installations in a way that lets the same plugin be used on any WordPress site.
Plugins can transform your site: add shop functionality, and you’ve got a full e-store, or add a simple contact form, and readers can easily contact you. There are thousands of plugins available to add just about any type of functionality. You can find more on the very basics of WordPress plugins here.
This guide will show you how to choose the right plugins for your site: where to find them, how to install them and how to manage them. You’ll learn everything you need to know to work confidently with WordPress plugins.
If you’re a WordPress beginner, then make sure you’ve read the other guides in this series to get you started with WordPress. You can also use our WordPress Glossary to look up any terms you’re unfamiliar with.
The world of WordPress plugins is slightly unusual: developing a plugin, releasing it publicly and maintaining it takes a lot of time, but thousands of WordPress plugins are available for free. Paid plugins are also available and are typically priced between $5 and $200, depending on complexity. We'll talk more about the advantages of free and paid plugins later.
It’s important to choose WordPress plugins carefully as you will be running other people’s code on your website. Ideally, any given plugin adds the functionality you want as advertised, but there are risks that range from breaking your website to spreading viruses or malware.
How do you choose safe plugins? Are paid plugins always better? First, we’ll look at where to find really good WordPress plugins, second the differences between free and paid plugins and then we’ll see how to choose between plugins offering the same or similar functionality.
We need to start by looking at where you can find WordPress plugins. We're looking at this first so you can understand the advantages and disadvantages of each location and put that knowledge into practice when looking at plugin recommendations.
You'll be able to find plugins in five places:
Between all of these locations, you have access to all the WordPress plugins you can possibly need.
There's one place you want to avoid: sites which package together other people's plugins. Any site offering a bundle of popular plugins (and usually themes as well) for a "bargain" price should be avoided. The plugins may be infected with malware, you won't get support and there's no guarantee of updates. Only purchase plugins from the original developer.
Once you know where to find plugins and the pros and cons of each location, you can move onto how to find these plugins.
The best way of finding WordPress plugins is to look at recommendations.
A simple Google search for
best WordPress plugin + desired functionality will typically give you multiple results for sites offering recommendations. Of course, we also have dozens of plugin recommendations here at WinningWP. These can be a very useful starting point.
Each list of recommendations will typically give you a couple of plugins to choose from (free and paid), and you can look for the plugin that best suit what you’re after. You may find it helpful to corroborate recommendations across multiple sites and use the detail on the advantages and disadvantages of each location above to aid your decision making.
Relying on recommendations to find WordPress plugins has the advantage of letting other people do the research work for you. The top results for plugin recommendations are typically published by WordPress experts whose suggestions will be the best plugins available: you can be confident these plugins will be secure, and in most cases work flawlessly on your site.
Here are some examples from WinningWP's plugin category of quality plugin recommendations:
Where recommendations aren’t available or you find it difficult to choose between multiple recommendations, you need to evaluate the plugin yourself. We'll look at how to do this shortly.
You may also be wondering: why should you pay for WordPress plugins? Why would you pay for a plugin when you can get a similar one for free? These are great questions to be asking! Paid plugins have a number of advantages:
A lot of the best WordPress plugins are free, but many are paid. Making plugins takes time, so be prepared to pay where necessary and be aware of the tradeoff you're making when going with free plugins.
How do you choose between multiple similar plugins? Choosing a WordPress plugin yourself may seem intimidating or overwhelming, but there are a number of questions you can ask yourself to make this process easier.
Let’s take at what you should be asking:
When was this plugin last updated? Is it compatible with the latest version of WordPress? The general rule is to always look for plugins updated recently which are compatible with the latest version of WordPress. WordPress receives three major releases per year, so look for updates within the last three months.
The exception to this rule is plugins that add basic functionality, which require no update to continue working. Examples would be EU Cookie Law Info and Widget Logic. Generally, however, look for up-to-date plugins.
For premium plugins, you can apply these rules much more strictly: the plugin must be compatible with the latest version of WordPress, and new updates and features must be added regularly. Don’t accept anything less.
While looking at the plugin’s most recent update, also be sure to ask: is this plugin is going to receive updates in the future? Check the plugin’s changelog (on WordPress.org, this is available as a tab on the plugin’s page; with other plugins, it’s found easiest by searching
plugin name + changelog), and see how frequent updates have been in the past. This is generally a good indicator of whether updates will be continued in the future.
You can also look at who made this plugin to get an idea of whether updates will be available. On WordPress.org, you can find this by looking under “Author”, on CodeCanyon “view portfolio,” and on independent websites look for an about section. The safest option is plugins made by a small team or individuals who also make other plugins. Be wary if the team or individuals have no other plugins to their name.
A great example of what you should be looking for in a plugin author is Tom McFarlin's profile. In the top right you can see three badges: core contributor, plugin developer and WordCamp speaker. The first means he has contributed to the main WordPress software, the second means he has published plugins on WordPress.org and the final means he's spoken at a WordPress conference (known as a "WordCamp"). These are all very reputable things to be doing.
You can see Tom has a number of well-reviewed plugins under the Plugins tab and a frequently updated website. All of these are excellent signs and you should be very happy using one of his plugins. None of these are deal-breakers: if someone hasn't updated their blog in six months it's okay, but if the person hasn't updated any web presences or the plugin(s) in six months, that's a bad sign. With premium plugins look for similar clues on CodeCanyon or the developer's website.
How clearly is the plugin’s functionality described? This is easy: look for a clear and detailed description with FAQs and screenshots of the plugin in action. More detail here generally indicates more care taken with the plugin, which is what you’re after.
How many other people use this plugin? The wisdom of crowds isn’t necessarily infallible, but it’s another useful indicator. If plenty of other people are using a plugin, it’s less likely it has any problems.
It’s easy to see how many active installs free plugins have. Each plugin’s WordPress.org page shows in the sidebar the number of active installs. The most popular free plugins have more than a million active installs, but a plugin can still be “popular” with 1,000 to 50,000 installs; just remember different plugins have different levels of appeal. It’s generally better to go with popular plugins, so make sure your choice is widely used.
Paid plugins generally can’t tell you how many active installs they have, but the most popular paid plugins will happily boast how many sales they have. CodeCanyon will show how many sales a plugin has regardless of the number. For niche plugins, 50 purchases is okay; for more general plugins you want to see a significantly higher number.
What do the ratings and reviews say? Reading ratings and reviews is a useful way of finding what real-world users think of the plugin, although the recommendations mentioned earlier are likely more insightful.
Free plugins on WordPress.org have a one-to-five star rating system. This is viewable on the plugin’s page and works okay but not amazingly. You can click on each star to see the content of each review. Short reviews and elaborate rants can happily be ignored; instead, look for the well-balanced articulate reviews. Similarly, bear in mind plugins with a low number of ratings will be skewed towards very negative or very positive experiences. Take ratings for plugins with fewer than 100 ratings with a heavy pinch of salt but over that number, look for 4 stars and above.
For premium plugins on CodeCanyon, look at the ratings and comments. Regardless of the quantity, you want to see that the vast majority of customers have had a good experience. Bear in mind premium plugins on independent sites have no obligation to show you bad reviews and are unlikely to do so. Google is again helpful here: search
plugin name + review in order to find independent reviews.
Are there any better alternatives? Again, Google is your friend. Simply type something like: "[name of plugin] alternatives" and see what comes up. Another good thing to try here is to type the issue you're having (or the feature you want) into Google, something like "Best WordPress plugin for [issue/feature]". In short: research, research, research!
Do you really need this plugin? Apart from those that have been created to speed up a site (think caching plugins, etc), almost all plugins will have at least a small impact on the speed of your site. What's more, most will also add to the complexity of future maintenance and updates. Do you really need whatever plugin you're about to install? Will it really add to the bottom line of your business or help your users? Or are you being a bit whimsical in your decision to go ahead and use it? If in doubt, leave it out!
W3 Total Cache is one of the most popular WordPress plugins, with over a million active installs. The plugin offers an easy way to make WordPress sites faster using caching (see more on getting a faster WordPress site here) and for a long time was the best option available and near-universally recommended.
Currently, however, the plugin has not received a major update for over two years, with the only updates bringing fixes for issues such as huge security holes. Furthermore, there has been widespread speculation the plugin has been abandoned by its developers and even paying customers reporting they have not received what they paid for.
This case study serves as an example of the importance of choosing the right plugin. For a plugin handling something as complicated (and important) as caching, you want the best plugin available. A cursory glance at W3 Total Cache’s WordPress.org listing shows a good plugin that’s wildly popular, but a closer reading would show:
These concerns should set the alarm bells ringing. On seeing this, you’d want to consider the major free alternative, which has quasi WordPress parent company Automattic as a developer, or a quick Google search would find the best paid alternative available. Given the availability of good alternatives, W3 Total Cache should be avoided.
Once you’ve chosen your plugin, it’s time to install. The installation process is very straightforward, although you may need to test before installing. We’ll first show you how to install a WordPress plugin so you know how to do it, but be sure to read the following section on testing before installing a plugin yourself.
While making any changes to your WordPress site it’s best to use maintenance mode. There are a number of options available, all with different features. Find the one most appropriate for your site, and install and activate maintenance mode before making any changes (these are plugins, so read on for details on how to install). This will ensure visitors do not see your site while you’re making changes.
Installing a plugin from WordPress.org is very straightforward. From the WordPress Dashboard, head to Plugins and then Add New. In the top right, search for the plugin’s name. Find your desired plugin from the results page, and press Install Now. Wait while WordPress downloads the plugin onto your site, then press Activate. You’ll be redirected to the plugin management screen, and the plugin will begin running on your site! You can now setup the plugin and deactivate maintenance mode once you’re done.
Installing plugins from third party sites is only a little more complicated. You'll be doing this if you've got a plugin from CodeCanyon or other independent plugin developers. Download the ZIP plugin files from your third party site to your computer. Don’t open or unzip the file. Head to your WordPress Dashboard, navigate to Plugins and Add New. Now, select Upload Plugin and Choose File. Select the ZIP file you’ve just downloaded and press Open. Now press Install Now, wait while it uploads and then Activate Plugin. You’ll now be taken to the plugin management screen and can setup the plugin. Deactivate maintenance mode once you’re done.
This is the theory on installing plugins. Before you do this on your site, however, it’s important to test (but you can’t test without knowing how to install). We’ll now cover when and how to test WordPress plugins safely.
Plugins can add a huge amount of power and functionality to your site. Unfortunately, they can also break your site if you’re not careful. For very simple plugins, testing is unnecessary, but for complex plugins such as WooCommerce, page builder plugins or Jetpack it’s best to try out the plugin safely before you install it on your live site. With high traffic sites or sites where uptime is imperative, you will always want to test plugins before installing.
The best way to test WordPress plugins is to use an environment as close as possible to your actual site, complete with the same content.
There are two options for doing this:
The best WordPress hosting companies have a staging test environment set up automatically. This lets you quickly duplicate your site, test any changes safely and then “push” the test version of your site to your live site. The advantage of this is you can test safely, but you don’t need to repeat any work to make the site live. Check your host’s support for details on using staging; if your host does not offer this, it’s also possible to do it yourself.
Alternatively, if your host doesn’t support staging, the easier way to test plugins is to duplicate your site onto your computer, test out the plugin there, and then install the plugin on your live site once you are happy with the result.
The easier method of testing is to duplicate your website onto your computer, test out the plugin and then install the plugin afresh on your site. A number of plugins are available for duplicating WordPress sites. Our top pick is Duplicator (which, happily can be installed without testing). Using this plugin, it’s easy to copy your whole site onto your computer. You’ll find details on how to do this here: follow the instructions to duplicate your site onto your computer, and then install the to-be-tested plugin using the instructions above.
If you want a more technical, but more flexible option, consider using Vagrant to create a virtual server where you can do your testing.
Once you have the plugin installed in your test environment, it’s time to get testing! The best way to do this is with real data: start using the plugin as you would normally and see how it goes. Most plugins add extra items to the side menu on your WordPress Dashboard, else their settings will be available under the Settings menu. If you’re stuck, search for
plugin name + documentation in order to find extra help.
You may find it useful to use sample content in order to speed up your testing. This is typically available for more complex plugins and is the same content as found on the plugin’s demo. This lets you quickly import ready-made text, images and settings, although if you’re using staging, note, you’ll need to delete the sample content when you’re ready to put your site live again. Searching for
plugin name + sample content or
plugin name + dummy content will let you find any sample content, if available.
It’s useful to consider how easy the plugin is to use, whether you can get all the functionality desired and how the plugin affects visitors to your site. If any of these are unsatisfactory, try out an alternative plugin. You’ll also want to check thoroughly that nothing on your site is broken, as this is an obvious red flag. We’ll cover troubleshooting WordPress plugins shortly.
Once you’re finished testing, you can either push your staging environment live (also known as “production”) or install the plugin on your live site, using the steps outlined above.
Remember plugins change your site both for you and for your visitors. You may find it helpful to get a fresh perspective by asking a friend to test your site for you.
Testing out plugins is time intensive, but it’s essential for ensuring plugins work with the functionality desired and do not have any adverse effects on your site. The steps outlined here, together with the maintenance mode recommendations above, will ensure you can confidently install WordPress plugins while ensuring your site runs smoothly, and the user experience is not interrupted.
Sometimes things go wrong with WordPress. WordPress powers millions of sites, running on thousands of different types of infrastructure, so it’s inevitable that something will occasionally break. Here, we’ll tackle common troubleshooting points for WordPress plugins. You can also see our full guide on troubleshooting WordPress.
Plugins often perform the same or similar functionality as WordPress themes, and this can cause plugin conflicts. These conflicts occur when a plugin and a theme or two plugins are trying to access the same code or code library, causing one or both of these to break.
The best temporary solution is to disable one of the offenders. It’s typically not desirable to disable your WordPress theme, so usually you need to disable a plugin. You can do this on the WordPress Dashboard by going to Plugins, finding the plugin you’d like to disable and pressing Deactivate.
This will get your site running again, but doesn’t actually fix the problem. If you’re using a free plugin, it’s probably easiest at this stage to find an alternative, although you can try and get support. For paid plugins, you should contact support right away. We’ll cover how to do both of these shortly.
If you can’t access your site at all after installing or making a change with a plugin, you’ll need to disable that plugin. If you’ve made multiple changes or are unsure which plugin is at fault, you’ll need to disable all your plugins. You’ll then be able to isolate which plugin is at fault and get your site working again.
Doing this requires accessing your site’s files using FTP. You need an FTP program to do this (see this list), and you can get your FTP login details from your host. Login to your site using FTP and navigate to
/wp-content/. If you know which plugin is at fault, create a new folder called plugins-disabled, navigate into the
/plugins/ folder, and move the folder of the culprit plugin to the new disabled folder you’ve just created. Test your site and if it’s working again, you’ve found the culprit plugin. Otherwise, proceed with the following.
You can disable all your plugins by navigating to
/wp-content/ and renaming the folder
/plugins/ folder to
/plugins-disabled/. This will disable all your plugins. After doing this, check your site, and you should see it working again (if not, rename the folder back to
plugins, as the plugins weren’t at fault here, and consult our guide on troubleshooting WordPress). You can find the faulty plugin by moving plugin folders one by one from the /plugins-disabled/ folder back to /plugins/ and testing your site each time. This will re-activate plugins, so continue until your site breaks again. Once you’ve found the culprit, move it back to the disabled folder so your site works.
You can get support for most WordPress plugins from the developer or their team. You should do this when you’ve identified a plugin as causing a problem on your site or have identified a bug and can’t find a solution by searching. The type and quality of support available varies depending on the type of plugin.
Free plugins from WordPress.org have a support forum system in place. You can access this by finding the plugin on WordPress.org and clicking View Support Forum on the right sidebar. Login (or create an account) and scroll to the bottom, and you’ll be able to submit a new question. Be as clear and concise as possible, including all relevant details. Your question will be public and anyone — including the developer — can reply. Note developers have no obligation to reply, but WordPress.org’s plugin rating system incentivises this.
Some free plugins sell a support package or have premium versions available that include support. Details should be available from the developer’s website. If you receive no response with the WordPress.org support forum, this is your best option.
Premium plugins typically have twelve months of support included (six months on CodeCanyon). After this period, you’ll need to purchase an extension, which can usually be done with a discount. Your premium plugin’s developer should have a support system in place; check their site for details of this. Make sure to include as much detail as possible. You should get a response within one business day.
If you need an urgent response from a professional, then use an external WordPress support service which, from $49, will get your problem fixed immediately. This is especially useful for free plugins, but is also a useful last resort for paid plugins.
Managing WordPress plugins is simple. You just need to do two things:
Plugins from the WordPress.org repository can be updated the same as you would update a theme or WordPress itself. When updates are available, a notice will display on the Admin Bar and in the Dashboard:
To carry out updates, click on Updates from the WordPress Dashboard, tick all available updates and then Update Plugins. WordPress will handle everything else for you.
You can automate this process to ensure you’re always completely up to date. Our guide on this has full details, but the short version is as follows: install WP Updates Settings, head to Settings → Updates, tick everything and save. You’ll now have all your plugins (as well as themes and WordPress itself) updated automatically.
Most premium plugins have automatic updates available. Accessing these typically involves entering a license code in the plugin’s settings. You’ll need to keep your license valid in order to keep receiving updates. It’s important to do this, even when it involves purchasing extensions.
If your plugin does not have automatic updates available, you’ll need to manually update. This requires downloading the latest version of the plugin from its developer and then unzipping the folder. You now need to use an FTP program to connect to your site using FTP (as mentioned earlier, find details of programs you can use here and get your FTP login details from your host). Navigate to
/wp-content/plugins/ and upload the whole folder you’ve just downloaded and unzipped. This should have the same name as a folder you can see on your site.
You’ll be asked if you want to overwrite files; you do want to do this. You may find it easier to bulk allow this, especially if the plugin has a lot of files. Wait for all the plugin files to upload, and the plugin will be updated. All settings are carried over, so you’re all done!
The second part of managing WordPress plugins is to check to see when they were last updated. This should be done every couple of months. Earlier in this guide, we recommended looking for plugins that have been updated within the last three months. Once you’ve installed a plugin on your site, it’s important to make sure it’s continuing to get updates. As usual, this process is different for WordPress.org plugins and premium plugins:
plugin name + changelogand looking for the most recent entries. Alternatively, check the developer’s blog for mentions of plugin updates.
It’s vital you keep using up-to-date plugins which are updated regularly. This alone goes a long way to keeping your WordPress site secure. For more details, see our full guide on WordPress security.
One of WordPress’ great strengths is its ability to be customized. Indeed, the vast array of functionality available from plugins is a key part of this. You may have already installed and customized your WordPress theme, so when something with a plugin doesn’t look quite right, you may wish to customize this also.
Unfortunately, while themes offer easy customization methods (see more about them here), the same can’t be said for plugins. WordPress offers no “child plugin” system, and beyond plugins’ built-in options, customizing the functionality of a plugin requires professional assistance.
When you want a plugin’s functionality customized, there are a number of options:
Plugins aren’t customizable in the same way themes are, but if you want changes made, it’s still possible whether through an alternative plugin or hired help.
Choosing plugins isn't easy, and you'll need to put some effort into it. If you want to ensure the long-term health of your website, you should take the time to review and test some plugins, and should only activate the ones on your production site that you find worthy.
Keep in mind that selecting good plugins is somewhat of an acquired skill. As you go deeper into WordPress territory, you'll have more and more experience to draw from, and you'll find that your website will get better as a result. Happy hunting!
There's more to us than just WordPress guides. Here's a few favorites:
Much like themes, each and every plugin is different to the next: in fact, when it comes to plugins, the vast majority are usually wildly different to each other — and some can even change the workings of your site beyond almost all recognition! Because of this, tread slowly and carefully. Ensure you do in fact really need whatever it is you're thinking of installing, and above all: choose each and every new plugin wisely!
***Last updated 1st January 2017***