There are thousands of WordPress plugins available for free. Many of these plugins are intended for very specific uses. There are also must-have plugins that will improve just about any WordPress blog. Every WordPress blog should have these plugins, since their benefits far outweigh the costs. There are often many excellent plugins that do similar things, so they’re listed below under one category. Below are 10 WordPress plugins or categories of WordPress plugins that will significantly improve your blog.
A security plugin
WordPress is pretty secure by default, but a security plugin can make it even more secure. For example, WordPress does not limit the number of login attempts. Therefore, a hacker can write a script that repeatedly tries different passwords until they guess the correct password. They can easily try thousands of passwords per minute. To protect against such hacking attempts, you can install one of the security plugins below. All of them have the ability to limit the number of login attempts per IP address. If someone submits the incorrect password too many times, they’ll be locked out for a few minutes.
Wordfence is the most popular WordPress security plugin, but I’m using All in One WP Security and Firewall. Wordfence has a much better blocking feature (e.g. blocking by region or host name), but it’s missing a lot of other features such as captchas for comments. Furthermore, All in One WP Security and Firewall clearly explains each option, whereas I had to Google many of Wordfence’s options. It could be worth it to install multiple security plugins.
A caching plugin
WordPress can be quite slow if you have a slow server or if you have many posts or plugins. This will annoy your visitors and decrease your ranking on search engines. You may even hit your server’s resource limit if you have lots of visitors.
A caching plugin speeds up WordPress’s load time and decrease its resource usage. A caching plugin works by saving WordPress’s output and serving the saved content. For example, the first time someone accesses your homepage, WordPress fetches your posts from the database and processes them. It also runs code from your plugins and theme. When everything finishes running, the HTML for your blog is generated. The caching plugin saves the resulting HTML. The next time someone accesses your homepage, the plugin serves the saved HTML instead of running everything again. When you make a change to your blog (or after a specified amount of time), the plugin deletes the cache and lets WordPress run with the new data.
I’m using W3 Total Cache because it has more options than Wordfence and better design than WP Super Cache. W3 Total Cache and WP Super Cache have similar features, so it comes down to personal preferences. Wordfence is primarily a security plugin, but it has a simple caching feature that’s suitable for beginners. It has far fewer options than the two dedicated caching plugins, but it’s a good choice if you want to install a security plugin anyway.
An SEO plugin
WordPress was designed with SEO in mind, but SEO plugins can help you do even better. SEO plugins automatically generate meta tags that help you rank slightly better. More importantly, they can make your entry in search engines look better and more likely to be slightly. Also, most SEO plugins generate meta tags for social networks such as Facebook and Twitter. When someone shares your posts on a social network, the plugins can make the links look better. Both SEO plugins below can generate XML sitemaps, but I prefer to use a dedicated plugin for that.
I’m using Yoast for this blog because it has a tool to help me optimize my posts as I write. It analyzes my post and gives me hints to improve the post for SEO.
A XML sitemap plugin
XML sitemaps are used by search engines to help find and crawl your content. Sitemaps help search engines find content that they wouldn’t have found otherwise. They also help you rank better by keeping search engines updated about your changes.
All the popular SEO WordPress plugins include an XML sitemap feature. They all work pretty well, so you can use your SEO plugin to generate your sitemap. However, since having a dedicated XML sitemap plugin doesn’t hurt your blog’s performance, I recommend using Google XML Sitemaps to generate your sitemap. The plugin has slight advantages over SEO plugins, such as generating month-based sitemaps and automatically calculating post priorities.
A social media sharing button plugin
A sharing button plugin adds buttons to share your post to Facebook, Twitter, etc. Many WordPress themes come with built-in sharing buttons, but a dedicated sharing button plugin can have a lot more options. I don’t really like any of the free sharing button plugins, probably because I made my own several years ago which had all the features I wanted. However, I stopped maintaining my plugin, but I may make a new one when I have time.
After trying about 20 of the most popular sharing plugins, Cresta was my favorite. It was great-looking, lightweight, and had lots of customization options. However, it was missing the Reddit button. AddThis and AddToAny are great options as well. However, AddThis appears to get blocked by some ad blockers and I didn’t like AddToAny’s design. If you don’t need the Reddit button, I recommend getting the Cresta plugin.
A comment spam plugin
WordPress is a common target for comment spam. Spammers create bots that look for WordPress blogs and post comments. You have several options for reducing comment spam: use a spam detection plugin, add a captcha, require login, or disable comments. The latter three options discourage readers from leaving comments. Therefore, I recommend using a spam detection plugin such as Akismet, which comes with WordPress. Akismet uses data from millions of WordPress blogs to figure out what types of comments are spam. If you get too many spam comments in your Akismet log, you can add a captcha to reduce spam. Many security plugins also include features to help with comment spam.
An image compression plugin
When you upload an image, WordPress resizes it for when you want to display smaller images. However, WordPress’s image compression algorithm isn’t the best. Image compression plugins use better compression algorithms to generate images with smaller file sizes without losing quality. This makes your pages load faster and it saves you bandwidth. These plugins run only when you upload images, so you get these benefits for virtually no cost.
WP Smush is the most popular image compression plugin. It’s easy to use and it has great design. However, I’m using EWWW because it has far more options. Furthermore, it tells me more information about what it’s doing, whereas WP Smush simply displays a progress bar. Both plugins produce similar file sizes, about 15% better than WordPress’s default algorithm. However, EWWW has options to decrease file size by increasing processing time or decreasing image quality.
An editor plugin
WordPress’s default editor is TinyMCE. WordPress comes with only a small number of buttons available in the full TinyMCE editor. For example, it’s missing the button to insert emoticons. TinyMCE Advanced lets you add any or all of TinyMCE’s buttons. It also lets you move around the buttons.
A contact form plugin
WordPress does not have a way for visitors to contact you. One way is to display your email address, but spammers can scrape them. There are many plugins that let you create a contact form. When a user submits the form, the form data can be viewed through the plugin or sent to you by email. Most contact form plugins provide a nice interface to edit your form.
Jetpack is a plugin made by Automattic, the creators of WordPress.com. Jetpack takes technologies built for WordPress.com and brings them to self-hosted WordPress blogs. Jetpack is a collection of many features that can be activated individually. Some of the more useful features include serving images from WordPress.com’s servers, server-side site statistics, brute-force protection, and downtime monitoring. It also includes features where I’d prefer using a dedicated plugin instead. For example, Jetpack includes social media sharing buttons and contact forms, but I deactivated them to use plugins that do just one thing (and does it exceptionally well).