January 10

1 comments

A basic set of WordPress Plugins, mostly free. Updated Aug 2020

Featured Image with Sidebar

By Christopher Mendla

January 10, 2018

Brute Force, Cpanel, Gimp, WordPress Plugins
Share0
Tweet0
Share0

Last Updated on September 22, 2023 by Christopher G Mendla

A standard installation of WordPress works, but it lacks many features that are needed for even a basic site including critical security features. For any feature that you wish to add, there are usually one or more plugins that will accomplish the task. Plugins are a matter of your needs and personal taste.

What are WordPress plugins?

Plugins extend and enhance the functionality of WordPress. They are third party tools that ‘plug in’ to your WordPress installation. For the purposes of this discussion we are talking about hosted WordPress installations and not WordPress.com

Currently there are over 50,000 plugins available. If you tried to install even a small fraction of that amount, your site would slow to a crawl.

Many of the plugins, including some of the most useful and popular, are either free or have free versions.

What plugins should I add?

There are plugins that are critical for securing your site and others that provide better user experiences by providing services such as speeding up your site. This post provides a starting point for a basic WordPress Site.

WordPress 5.5 added many features that provide functionality that previously required plugins. You should review your site periodically to determine if WordPress has replaced the functions of a plugin

How do I choose and add plugins?

When you are choosing plugins, the best way to do so is from the “Add New” link in the Plugins area. When you do that, you will see an indications of:

  1. How many active installations use the plugin. This can be a little subjective but generally you want plugins with at least 5000 installations. A lower number means that not many people have used it yet. There can be plugins that meet a very specific need and their installation count will be low.
  2. Compatibility – This indicates if the plugin is known to be compatible with your version of WordPress or not. Incompatibility does not automatically indicate problems but it should be a factor especially when comparing two similar plugins
  3. Star Rating – Check the rating and any reviews for the plugin.
  4. Last Update – Some simple plugins really don’t need frequent updates. However, in general, if there have been no updates for a couple of months that might indicate that the plugin is ‘stale’
  5. A link to details. This will show reviews, FAQs and other informatio
Plugins are developed by third party companies and individuals, There are no guarantees that the plugin will continue to be maintained.

Other considerations

Some other things to consider would be:

  • Cost – What is the cost of the plugin? Can you use the free version, if available, or do you need to purchase a license? 
  • Performance – We were using the Similar Posts plugin. This enhances the user experience by showing a list of related posts. HOWEVER, it has a high performance cost. The load on the servers caused us to remove it for now. There are alternatives that are cloud based and therefore do not carry the performance penalty. 
  • Your Hosting – There are hosts that will ban some plugins due to security or performance issues. 

Our plugin suggestions

Below are some of the plugins we install for most sites. Every site will have a unique set of needs.

Security

This is probably one of the most critical plugins and should be one of the first that you install. Due to the popularity and number of WordPress sites, new sites are targets for hackers. They will start attacking a site within hours of it being launched.

One tool to protect your site is Wordfence Security. You can use it ‘out of the box’ but it pays to go through and check the configuration. You can block users when their attempted logins fail after a certain number of tries.

An alternative security package is Jetpack.  With Jetpack, you probably need to go to one of the paid plans for about $3.50 /month to get a good level of protection. Jetpack adds some other useful tools in addition to security.  I have run sites with both Wordfence and Jetpack. You might have to tweak the configurations a bit to make sure that there are no conflicts.

This should be added as early as possible in the process.

Backups

I have learned over the years to not trust web hosting companies for backups. As your site grows, you should have backups of the database and all files. This includes media files. Depending on your work flow, you could have the media files backed up locally and not necessarily from the server.

The free version of BackupWordPress will allow you to back up your database and/or files manually or on a scheduled basis. Jetpack also provides backup capability starting with the $3.50/month plan.

It is still a good idea to set up a backup scheme in cPanel in addition to any other backups. I currently do a manual backup at least weekly using Softaculous which is included with my cPanel.

Lightboxes for images

The default behavior of images in your post leaves a lot to be desired. A plugin such as Responsive Lightbox and Gallery will enhance your user’s experience. When a user clicks on an image in a post, a lightbox will show the image full size. 

Forms

The default installation of WordPress has no provision for forms. There are a number of fairly good tools that will provide this ability.  One example is Ninja Tools. The free version will allow you to place useful forms on your site.

NOTE – as of April 2018, Ninja forms does not provide for auto completion of form fields. This is a show stopper for almost all applications

We replaced Ninja Forms with  WP-Forms lite  which provides similar functionality. They also have form plugins with more features.

If you need more complex forms in almost any of the plugins, you will need to upgrade to the paid version.

Social Media

Users sharing your site via social media can help grow your site quickly. There are social media plugins that will manage displaying buttons for social sharing. Sassy Social Media is one tool. You will need to tweak the configuration a bit. Don’t forget to check how the sharing buttons render on tablets and mobile devices.

Pro tip – Keep the number of social media choices limited. Don’t be tempted to add them all or your page will look like a carnival.

A better editor.

The editor installed with WordPress is a basic version of the TinyMCE Editior. Your formatting choices are very limited. Installing the TinyMCE Advanced plugin will allow much more control over the formatting of your posts.

Comment spam prevention

As soon as you launch a WordPress site, every cretin will start flooding your site with comment spam. This does some serious damage to your site.

  • You can be flooded with comments that are totally irrelevant
  • These comments have links to sketchy sites. Having links to such sites can cause serious damage to your search engine rankings.

Comment Link Remove will allow you to set options to that any links in the comments are turned into plain text. You can also remove the URL field from the comments which prevents spammers from adding links there. You still need to make sure that you are requiring moderation for submitted comments.

Another useful tool in conjunction with Comment Link Remove is Antispam Bee. This is available as a free version. Like the commercial Askimet, it checks incoming comments for indicators of spam and trashes them accordingly.

Free stock images.

Having a graphic in your post significantly increases visitors from social sharing. There are a number of sources for free images. However, when you use those images, you need to provide proper attribution. This can be tricky. There was a plugin that managed this but unfortunately it has not been updated in two years. I was reluctant to install it.

Running afoul of copyright trolls could cause horrendous losses for you. Copyright trolls purchase image libraries. They then scan for any ‘unauthorized’ use of these images. Once they find a use, no matter how small the site is, they use their army of bottom feeding lawyers to demand thousands of dollars.

A tool such as Download Free Images will allow you to insert images in your posts that are royalty free. This adds a button to your editor. When you click the button, you can search for images. If you find one you like, Pixabay Images will add it to your Media and post. It will also add the proper attribution for the image. There is still a possibility that you could have copyright issues but they are minimized.

NOTE – Be VERY careful using images. There are unscrupulous companies that will purchase a collection of images and then file lawsuits against people using those images. Read this article on another blog about the nightmares that can ensue.  Shakespeare’s character, Dick the Butcher, in Henry VI had an interesting observation about how to deal with the situation.
In many cases, instead of using a stock image, I simply create a button such as the one used for this post. You can do that in almost any image editor. I use GIMP to create a 200×100 image with text. In doing that, there are ZERO copyright worries.

Redirection

Redirection is for more advanced users and is especially important if you moved to WordPress from another site. Redirection will log 404’s (not found) errors. This is often where someone tried to access your page using an old link. You can then ‘correct’ this by creating a redirect from the old link to the new link. This can be tedious for larger sites but it will prevent you from losing a lot of traffic after a migration to WordPress.

Enhanced search

Relevanssi provides an enhanced search tool for your site. The basic version will meet most needs but there is an enhanced paid version as well.

Similar Posts

Depending on your site, it might be helpful to list similar posts at the end of a post. Similar Posts does this very well. It looks at the content of your post and tries to find other posts from your site that are similar. The idea is to keep your visitors engaged on your site.

However, Similar Posts requires a lot of server resources. In many cases this can really slow down your site. Jetpack offers a cloud based tool to show similar costs for a fee.

Search Engine Optimization (SEO)

Search engine optimization is critical to getting decent rankings for your content. The free version of Yoast will work for most beginners and intermediate users. Yoast will give you advice regarding the readability and search engine friendliness of your posts and other content.

Another part of SEO is controlling how the ‘link juice’ of your site flows to other sites. When you link to a site, you are endorsing that site. Some of the ‘goodness’ of your site will flow to other sites. If the site you are linking to is a legitimate strong site, that can be OK. However, there are other cases where you might not want the ‘link juice’ to follow.

There is a learning curve with Yoast. You need a fundamental understanding of basic SEO principles. Fortunately there is a LOT of documentation and videos available.

When used properly, Yoast will act as a coach to help you create articles that are Search Engine Friendly.

Image compression

One way to quickly lose traffic is to have slow loading pages. Manually compressing images is tedious and unreliable at best. WP Smush will automatically compress your images while keeping the quality acceptable. WP Smush comes in a free and paid version.
 
We recently migrated most of our sites (in 2020) to a combination of ShortPixel and WebPExpress. ShortPixel charges for compression but the fees are minimal. By minimal I mean don’t go out and but a cup of  coffee one day and you paid for a month’s worth of compression. 
 
Large images slow your site down. That will frustrate users and will cause a search engine penalty. We run our images through GIMP to rescale, add a watermark and save at a lower resolution. For our purposes, scaling to less than 1400 pixels wide and exporting to a jpg of less than 100 KB works. The image compression plugins make that even more efficient. 
 

Site Caching

As mentioned above, slow sites drive visitors away. Caching your site can provide a significant speed increase. Again, caching is for more advanced users. WP Super Cache will, when properly configured, dramatically increase performance and decrease page load times.   See our post about WP Super Cache on a shared server.

HTTPS

Our sites are set up on Cloudflare. I have certificates for HTTPS for all the sites except one. There is a plugin, Flexible SSL for Cloudflare that allows you to easily integrate HTTPS with Cloudflare

Hide the login url

 WordPress sites are under attack within minutes of being launched. The usual attack is a brute force attack where they send thousands of login attempts systematically trying to guess the password. If they succeed, you have serious problems. Even if they don’t succeed, the attempts will bring your site to a crawl. One way to avoid this is to change the URL of the login page. WP Hide Login will allow you to change the login url. Be sure to pick something that you can easily remember but would be impossible to guess.  In some cases, you might need to resort to some drastic methods to stop a brute force attack. 
Note – Some hosting companies are requiring an additional layer of authentication when accessing the login page. I’m not sure yet if that eliminates the need for a plugin such as WP Hide Login.

Notes

I’ve been using Peter’s Post It Notes to add notes to posts. This provides a simple input box when you are editing a post. You can write a note such as “Link to the article on how to beat the lottery when we write it”.

Summary

The plugins listed above will give you a basic site with backups, security and some critical usability enhancements. As you add plugins, keep a close eye out for decreases in site performance.

Unfortunately there is no easy way to see which of your plugins have not had an available update for a while. A plugin that is not updated COULD introduce vulnerabilities.

A basic list of WordPress Plugins
kalhh / Pixabay
Tags: WordPress Tips, Tricks and Solutions
Share0
Tweet0
Share0
 Previous
Next

Christopher Mendla

Share0
Tweet0
Share0
About the author

Leave a Reply

Your email address will not be published. Required fields are marked

  1. Pingback: Migrating from Blogger to WordPress - Chris Mendla Tech
{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}