Too many WordPress plugins – what’s the danger?

WordPress plugins – here’s why they’re good for your site

There’s a plugin for just about anything you want to do with your WordPress site – including everything to help your site backups, performance and security, spicing up the look and feel of widgets and content, integrating with external services such as Mailchimp and Google Analytics, subscriber management, auto-responders and newsletters. The list is endless… well, pretty much. There are over 36,000 ‘official’ WordPress plugins in the repository now, and many more will exist outside of the repository, and they have been downloaded nearly 1 billion times (crikey!).

Screenshot of WordPress plugin repository showing number of plugins and downloads

In the olden days you’d need to employ an expensive programmer to customise your website to add most of the bells and whistles that you want. Most WordPress plugins can be installed in your site within a few clicks, most are free, and generally they require little or no configuration. In addition, as time moves on these plugins will get updated and improved by their authors, with once again only a click or two to bring your version up to date. If you need to customise a little further, then often you can do this within the plugin – for example, to style it to fit in with your own website design.

So, great functionality to improve your website, at little or no cost, with no worries about keeping things up to date, and easy to replace with a better plugin if you’re not happy. What’s not to like?

WordPress plugins – here’s why they ‘could be’ bad for your site

Let me state up front that I’m a big fan of plugins. As a programmer at heart (and with 4 decades of experience) there’s nothing I like better than to hack around with code to get it to do precisely what I want, but that’s not always best for my clients. If I write a piece of bespoke software for a client I need to bill for my time AND they generally need to come back to me to get updates to it… unless I write it in such a way as to be highly configurable by the client, but of course that means the upfront price will be even higher! So plugins are generally the best solution, but beware of the following costs and considerations (especially when you use a lot of plugins)…

Memory

When people visit your site a lot of code is executed to deliver the page to their browser. Code introduced by your plugins also runs at this time. This could slow your site down and increase your memory requirement. Whilst neither of these should be an issue for the odd plugin, the more plugins you have will increase the impact. Of course, you could install one of a number of caching and performance plugins to reduce the impact… but that’s one more plugin!

File System and Database

All plugins take up at least a little space in your file system, and many make use of your WordPress database to store configuration information and other data. Whilst plugin files don’t generally take up too much space, if you do happen to be on a limited or low budget hosting service this might mean you fill your allocated space up sooner. Akismet, for example, which is very widely used spam prevention plugin, stores a bit of data on your database every time it intercepts a rogue comment. Gravity Forms, a major WordPress forms plugin, stores form entries in your database. Whilst these are generally legitimate uses, you still need to be careful. You could try installing a WordPress database optimisation plugin to keep your database size down…. but that’s one more plugin!

Management

Although plugins are generally a far better solution than writing your own code, they do often need to be updated. Usually, it’s a straightforward click to update, but sometimes it’s not, and, very occasionally, the plugin update may break your site, either because there is a bug in the code, or because of a conflict with another plugin. You could reduce the risk by buying a WordPress Care Package.

Conflicts

Programmers write plugins, and sometimes they write them in such a way as to cause a conflict with something else. For example, they might give one of their plugin variables a fairly generic name. If this corresponds with a variable name being used by another plugin that your site uses, that could cause problems for you. There are coding standards that govern plugin development, but not everyone follows them rigidly. Plugins can run to many thousands of lines of code, so it’s not surprising that mistakes happen. Again, if you have fewer plugins you reduce the likelihood of conflicts.

Security

Double padlock denoting extra security

Photo by Paolo Gadler

Plugins are pieces of code, and, as such, need to be coded in such a way as to not be vulnerable to hackers. If you’re managing your site on a regular basis to keep your plugins (and WordPress itself) up-to-date there should be a minimal risk. However, it can take a while for plugin authors to fix vulnerabilities and release an update, and it might then take you a little while to react and update the plugin on your site. This offers a window of opportunity for hackers. The more plugins you have, and the less frequently you update your plugins, the more chance you will have of getting hacked. You could install one of the many WordPress security plugins, such as Sucuri, WordFence, or iThemes security, but (you guessed it)… that’s one more plugin in your site!

How many WordPress plugins should I have on my site?

That’s difficult to say. I’ve seen sites with upwards of 40 active plugins. That’s probably not a good idea, unless you are hosting the site on a high-powered server. Generally, sites with a dozen or so plugins work fine, although even with this number you might see response times increase in your WordPress dashboard.

So, choose your plugins carefully. If you want a site that is faster, less prone to hacking, and easier to maintain… don’t keep plugins on your site if they are no longer needed or if they aren’t bringing an advantage to your site. Don’t just deactivate them; remove them altogether. Not many people realise that their site is still vulnerable through an inactive plugin!

If you want to see which plugins on your site are having the biggest impact on performance, try installing and running the P3 Performance Profiler plugin. Yes! I know it’s another plugin, but this one is worth it and you can remove it after it has told you what you need to know.

How many plugins do you use? Let us know by commenting below, and let us know if it causes your WordPress site problems. Have you found particularly memory hungry plugins? What plugins should people avoid?

Tags: , ,

No comments yet.

Leave a Reply