All plugins are (not) created equal

Plugins are the new black in WordPress site development, and picking out the perfect plugins for your site can quickly become overwhelming. The WordPress.org plugin repository hosts over 26,000 plugins and the plugin forum contains over 1.3 million posts. Check out this plugin wordcloud – what stands out amongst the rest? 

Image via WP Realm

Image via WP Realm

With so many plugins to pick from, how do you know what you’re about to install on your site?

The quick And dirty

Plugins are here to stay, folks, and while there is a lot to learn, many of us just need a quick way to say yes or no to a plugin option. Personally, I like to evaluate using the following key points:

  • All plugins are not created equal.
  • Plugins can make or break your site: literally.
  • Stranger danger!
  • You get what you pay for.
  • Quantity v. quality does not apply – good coding does.

Before we get down into the nitty gritty of each component, I’m going to offer a little fashionable advice about plugins. I bet you didn’t know that picking the perfect plugin was like picking out your next perfect little black dress!

WordPress’s little black dress

Women around the world know that a wardrobe isn’t complete until there is at least one little black dress hanging in their closet. And any well trained shopper knows that when it’s time to buy a little black dress, there are some key elements to keep in mind:

  • Not all dresses are created equal.
  • A good ‘little black dress’ can make or break your night.
  • Designer stranger danger when you have to go to a formal affair!
  • You definitely get what you pay for – but never dismiss the clearance rack!
  • Quantity v. quality? Well, you can never have too many good little black dresses!

Who knew evaluating plugins was the same as going shopping for a sexy new cocktail dress? Taking the time to find that perfect little black dress is like taking the time to find the right plugin. You need to know what you’re looking for and where to find it.

All plugins are (not) created equal

No two plugins are the same. They may appear to do the same thing, but they won’t. The title and this heading are the main points that must be driven home – plugins are as diverse as the little black dress. And researching the plugin before you go installing it will yield a greater return than just picking the first free one you run across. Paul Clark, WordPress core contributor, Styles Plugin author and Technical Director of Brainstorm Media offered the following advice when evaluating plugins:

You can learn a lot about a plugin author’s practices by seeing what other developers say about them. Is the plugin author a WordPress core contributor? You can find a list of all the developers who help create WordPress in the WordPress credits screen. (WordPress Admin > About WordPress > Credits). Clicking any of those names will take you to a list of plugins they’ve written, as well as plugins they’ve favorited. I’d much rather use a plugin that Mark Jaquith favorited (a WordPress Lead Developer) vs. one created by someone less involved in day-to-day WordPress development.

Plugins can make or break your site: literally.

In June, Checkmarx released The Security State of WordPress’ Top 50 Plugins which reported, “…more than 20% of the 50 most popular WordPress plugins …[and] 7 out of the 10 most popular e-commerce plugins contain vulnerabilities.”  Checkmarx’s findings were a bit surprising.

Be careful when installing plugins, avoid anything that can cause a security breach. If you are concerned about your domain’s current state, head over to Sucuri and scan your domain.

Carrie Dils, a well-respected WordPress consultant, had this to say about the wide array of plugins:

Plugins aren’t inherently evil, but you should approach with caution. When looking for plugins, check to see that it’s been recently updated, that it has a 4-star rating, and that the support area is active. Do a little homework before you go wildly installing stuff.

Stranger danger!

Don’t take candy from strangers. Don’t talk to strangers. Don’t open the door to strangers. All the things your mom told you when you were growing up apply now to plugins. It is stressed in every single article I’ve ever read about plugins: know the developer. If you don’t know the developer – take the time to get to know the developer. Why? Because support from the developer is a huge plus when dealing with ornery plugins. And knowing that a developer cares about WordPress best practice will make all the difference in the world for their plugins.

One key way to vet a plugin author is to look at the support responses, either in the WordPress.org forums, or on the plugin author’s site. While not every request will be responded to you want to see a plugin author still present and responding to users. Pippin Williamson is a great example of this with Easy Digital Downloads. He responds to many requests on WordPress.org, and also makes his support forums public on the Easy Digital Downloads website so users can benefit from responses there as well.

Personally, one of my favorite go-to sources is Adam Warner from FooPlugins – a commercial 100% GPL plugin site. I know Adam Warner and trust him as a professional developer. He is not going to sell me a crappy plugin, nor direct me to a bad plugin. I feel confident referring others to their site knowing how well they will take care of them. You may have your own favorite WordPress.org or commercial plugin author – feel free to share in the comments section below!

You get what you pay for

This section isn’t to promote paid plugins over free plugins: we are going to focus on quality. I consider plugin ratings much more important than the cost of a plugin. A good example of this Yoast’s WordPress SEO vs. All in One SEO Pack. Both are excellent plugins, but compare the numbers: WPSEO has 5M downloads, 2,500 5-star reviews, and 154 1-star reviews. AIOSEO has 15M downloads, but only 780 5-star reviews and 316 1-star.

So, even though WPSEO has fewer downloads, its users are much more likely to have a great experience and write about it. It’s also worth noting that download count is all downloads, including updates. It’s not necessarily active users!

Quantity versus quality

Site efficiency is key. It’s not a large number of plugins that causes a slow or crashed site—it’s a small amount of poorly written programming. Chris Lema, WordPress extraordinaire, has written hundreds of articles about plugins had this to say about plugins and website development:

Choose focused ones, not ones that try to do everything. Make sure the developer has been around a bit and make sure the plugins are current.

I had to develop what I thought would be a plugin-heavy site. Chris quickly referred me to two paid plugins that have made the site work like a well oiled machine. For more information on how Chris picks plugins, check out his super cool article on picking plugins – but be warned, once you enter Chris Lema’s website – it’s very very hard to leave!

Let’s review: do your homework!

So, after all that information, how do you know if the plugin you are about to install has solid foundation or not? Every question here seems to have the same answer: do your homework! A good place to start might be reading through WP Engine’s list of plugins they don’t allow for performance reasons. This is a great reference to see what kinds of plugins may cause issues in some situations.

But the bottom line is this: it is your responsibility to vet the plugin you are about to install on your site, or your client’s site. And vetting this is not hard – but it does take a little bit of time and the tenacity to go directly to the plugin author to ask the questions.

Thankfully, one of the greatest things about the WordPress community is that there is always someone who knows more than you who is also willing to guide you in the right direction!

Now, it’s your turn. How do you evaluate a plugin? What resources do you use to guide you through the process?