Now the main issue remain “To plugin or not to plugin“. Plugins are good, easy to configure (some of them actually) and lots of fun to play with. No doubt WordPress in general may look easy, but hey, its equipped with enough power to make it a full CMS (Content Management System) that can be used for “approximately” anything.
The thing about plugins lies in the way WordPress updates their software due to bug fixes and security issues. A lot of plugin developers are not quick to draw up a battle plan. Most plugin developers are reputable however, not all plugins are coded with integrity. I recommend that any plugin that is not listed with WordPress.org plugin directory should not be used. But on that note, be careful of the ones listed.
WordPress is fairly simple to operate, but its a very complex application. Adding a single plugin can cause any number of site functions to stop operating as described due to bad interaction with another plugin (I’ve met some issues like this in the past)
Some instances are created where two or more plugins interact with each other to create a tremendous security hole. This is particularly true to admin plugins. I recommend that you keep your plugins to an absolute minimum. Ask yourself, “Do I really need this feature on my site? Can it be program manually?” If you need help performing auditing on plugin that you really want, Contact Me
So the next time you see a plugin that you so desire, let security be the first issue that comes to your mind. There are ways to check the security of the plugins.
Let’s take for example one of my favourite Security Plugin – (I highly recommend this to be the first security plugin in any of your WordPress site) -> WordFence
- Check the FAQ to get a hands of the various questions that you may have about the plugin
- Most importantly, you should take a good look at their “Changelog” – which gives you an idea of what changes or update have been done
- Don’t forget to check the “Reviews” tab.
- Another helpful feature is to check the “Stats” bar of the plugin page. It gives you and overview of the popularity and uses of the plugin
- Check the requirement of the plugin
- Check the number of downloads
- Check the version to which its supported (make sure its current e.g. version 3.8.1)
- Check the ratings
- Check the developer(s) – Can you trust them? Do you know them? What other tools have they done? Check the compatibility and comments on the number of people that says it works well or not A lot of WordPress folks don’t take the time to view these details and later start throwing curses and abuses on WordPress.
Come on!, this is WordPress we are talking of. The software, were the core developers don’t sleep but keep us secured Online 247. Do you homework and or give some to me and lets see whose to blame. (Just a joke).
You can follow me on Twitter (@CCEmenike) to get updates on my thoughts about what plugins to use for what purpose and to give you information about what’s the latest within the WordPress Security Terrain especially in Africa.
If you feel the plugin meets your approval, don’t fail to give them a star. If its free, they deserve it as well. As usual, Love God, Love your Family, Defend your territory and avoid bad-ware…