WordPress is by far the most influential platform in the history of the internet. No one could imagine a third of the whole internet would be hosted on one platform. Yet, here we are writing this blog for the WordPress community.
At the heart of WordPress’s success is its open source model and the vibrant plugin marketplace. These plugins make using WordPress one of the most enthralling experiences ever.
However, too much of anything leads to harm rather than health, and WordPress plugins are no different. Yes, they make WordPress easy to use, but to what extent? More importantly, how many WordPress plugins does your website need to run smoothly and grow your business?
With more than 50,000 plugins currently available this question can’t be answered in numbers. The shortest possible answer: It depends! Mosty on your website and exactly what you want to do with it.
So lets explore how many plugins you need and how you can avoid issues with WordPress plugins.
The Problem with too many WordPress Plugins
Wondering how many plugins to install is a legitimate issue for new WordPress site owners. Before you decide on how many plugins you need, you need to understand why you need to keep it to a minimum.
Here we’ve got the three prime issues that come with too many plugins.
1. Security Vulnerabilities
The first issue that comes with too many plugins is the security vulnerability they bring. All the hard work you put into creating your online business can become undone by a simple security breach.
- 2016 saw a 32% increase in the number of attacks compared to 2015.
- WPScan attributes 54% of the global WordPress vulnerabilities to plugins.
- Wordfence reports that 47% of all WordPress vulnerabilities are Cross-site Scripting (XSS) vulnerabilities
- Back in 2016, Sucuri reported that RevSlider, Gravity Forms, and TimThumb, were responsible for 25% of WordPress hacks.
If you take away one thing from these stats, it should be that WordPress plugins are one of the prime vulnerabilities your site could have.
2. Site Crashes and Lack of Reliability
WordPress works on an open source model, where users can contribute to the environment. So many effective yet free plugins that we love would not be possible without this freedom. However, it also means that unreliable code does slip past one way or another.
Plugins with such code, apart from being difficult to use, can cause unwanted behavior on your website. Unchecked these issues can even lead to site crashes. This has severe implications pertaining to your brand’s reputation and credibility.
3. Bad Performance and Slow Page Speed
Pages taking “forever” to load is a nightmare for any online business. A large part of this performance bottleneck comes from plugins that aren’t optimized. Even if all your plugins come from trusted sources, they can still slow down your website just by being too many in number.
For every plugin on your site, the browser needs to process code. The more plugins you have the more code that needs processing. Trust us when we say the threshold for this is too easy to breach.
How many WordPress Plugins are too many?
As we’ve already said, there isn’t a golden number of plugins you need to have on your WordPress site.
For the most part this number depends on the kind of web host you use. In the case of shared or capped cloud hosting, you should keep it between 0 and 5 plugins.
For cloud hosting or a dedicated server, the number should be anywhere between 5 and 20. The only golden rule is to keep it below 20 no matter what.
How to avoid issues with WordPress plugins
Since there isn’t a rule of thumb to follow when it comes to WordPress plugins, you should follow these tips to keep the number of plugins to a minimum.
1. Only Use Plugins You Need
For personal blogs you can get away with using a couple plugins or even less. For an extended business website that won’t be enough. That being said, you need to watch for how many plugins you install.
The first step is to refrain from installing plugins that you don’t need, or even ones you aren’t sure about. There are some must-have plugins you’ll need.
For instance, plugins that integrate third party software like MailChimp or Google Analytics. You might also want to install plugins that block spam. A good rule to follow in this case is to test out plugins before you install them.
We took the time to check out some awesome email plugins that are essential for almost every business. Make sure you check them out!
2. Update your plugins on a regular basis.
In 2014, MailPoet alone caused more than 50,000 sites to get hacked. The mishap happened due to a bug that gave hackers access to upload files directly to the users’ server to hijack the site.
Plugin creators release patch updates to mitigate these issues as they find them. The purpose is to fix holes in a plugin’s security.
If you come across a plugin that hasn’t been updated for over a year, don’t install it.
For plugins you already have installed, you should update them as soon as updates are released. WordPress will notify you of newly released updates as soon as they’re available. Keep an eye on the “Updates” tab to stay posted.
Sometimes new updates can also contain bugs so it’s actually better to wait for a couple days to see if any bugs are reported. This way you can get a revised bug free version and avoid the hassle of reinstalling.
3. Take Inactive Plugins Off of Your Site
If you haven’t used a plugin in a while, it’s time to take it off your site. We’ve already mentioned the risks associated with plugins. So to keep the stakes low, cleaning out inactive plugins is the best way
To remove inactive plugins simply log on to your dashboard and check out the “Plugins” section. Plugins that are diasbaled are listed under the “Inactive” tab.
Click “Deactivate” and then “Delete” to remove a plugin with all of its files.
4. Only Install Reputable Plugins
When selecting new plugins to add to your site, there are a few steps you can take to make sure that they are legitimate.
First thing to check with a plugin is when it was last updated. Well performing plugins usually release updates and bug fixes as frequently as every week.
Second you need to check the total number of downloads and reviews a plugin has. Downloads over 100,000 and an average 4-stars rating is a great place to start.
Thirdly, Click on the “Support” tab in the plugins description. Ideally it should take you straight to a forum or support page. Otherwise, you need to find an alternative.
Review a plugin’s code before downloading to make sure that it’s as clean and short as possible.
5. Install plugins that comes with all-in-one packages
Since plugins come in all shapes and sizes, how these plugins work can vary in a lot of ways. One such difference can be whether a plugin is a stand alone all-in-one solution or if it requires additional packages to enable features.
FluentForms and Ninja Forms are the perfect example for this. While FluentForms Pro add-on is installed complete with all features, Ninja Forms requires you to download additional paid add-ons for individual features.
When it comes to keeping your website fast and easily manageable FluentForms is definitely the best option. It’s easier to manage one plugin rather than hundreds of add-ons across plugins.
It might seem that having add-ons for pre-existing plugins is great until the numbers start to pile on. Use more than 3 of such plugins and your website will become a nightmare to manage. Not to mention that more add-ons mean more moving parts, which makes your website even more vulnerable.
We hope this blog helped you with keeping your website safe and functioning. Especially since the latest Google updates are going to put a lot of emphasis on site health and efficiency. The beauty of WordPress is the freedom it gives its users. On the flip side it makes WordPress websites vulnerable and tricky to manage.
Regardless of your experience with WordPress, a WordPress plugin expert can offer you reliable insight about the key plugin decisions. If all else fails the WordPress community will definitely come through. Feel free to communicate on Twitter or Slack to get trustworthy advice on any plugin.
While the point of using a CMS like WordPress is to avoid learning code, it can still pay to have that knowledge. However, the best thing you can do is be sincere and attentive towards your websites’ health. It can save your assets from abuse more often than not.