Will That New Plugin Break your Site?
Here’s the scenario, you need to add feature X to your website, and you have found plugin Y that looks like it will do exactly what you need,will that new plugin break your site? How can you be sure it won’t break your website before you install it?
There are a huge number of plugins out there, some are excellently coded and won’t cause you any issues, others are not so great. There is no peer review of plugins before they are uploaded to the plugin repository how can you tell what is good and what is not?
As a techie, I can review code and spot dud plugins, but how does a business owner with a website as opposed to a website developer check the validity of plugins with limited technical skills?
Here is my 6 step plugin check list.
Where Are You Downloading The Plugin From?
The source of your plugin can impact on the quality, I strongly recommend you only download plugins from the legitimate WordPress repository
If you search for and install a plugin from your WordPress dashboard it will always come from the repository wordpress.com/plugins.
Installing plugins from none-trusted sources also opens up the e-door to malware installs and hack attacks.
The exception to this rule is premium plugins that are supplied to you after you have paid. I’ll talk about that a little later.
If the plugin is uploaded to the repository it is scrutinised by the wider WordPress community, developers will see if the code is good, the will rate it and provide you with a suite of validation tools which I will talk about now.
Reviewing Plugins On The Repository
Before you add a new plugin to your site, take a little time to review the plugin page on wordpress.org and check a few indicators to see if it is well written and supported.
Here is a sample page for a really well written and supported plugin Yoast SEO.
1) When Was It last Updated
The first thing to check is when was it last updated, is the plugin being actively developed.
As WordPress is developed, so plugins need to be developed to be kept in-line. Security breaches are noted and things need to be constantly updated.
If a plugin has not been updated in the past year that should raise alarm, plugins that have not been updated in two years also get a banner alert at the top of the page.
2) Has It Been Tested Against your Version Of WordPress?
There are two indicators to look at here, version compatibility and compatible up to (see image above) if they do not meet your current version of WP there may be issues.
3) Active Installs
If your desired plugin has only been installed on one other site, there is probably a very good reason.
Look for plugins that have a large user base.
If your plugin is very niche. you may have to take a chance and go with a low install number, that plugin to monitor penguin migration may only be used by you and tbe British Antarctic Survey. You should probably test it in a staging area before using it in live.
Have a look at the rating people are giving to the plugin. Are they mostly above 3 stars?
Rating systems can be rigged so I like to look at 4 star ratings, they tend to give a more rounded view of the plugins performance.
Is the documentation on how to install and configure the plugin good?
Quality documentation can be a good indication of how good a coder the person is.
Is the plugin being actively supported by the developer?
Do they respond to queries quickly and provide solutions.
Here is the support forum for our test plugin https://wordpress.org/support/plugin/wordpress-seo. We can see that lots of requests are coming in and being resolved quickly, this looks like good support.
Look at the tone of the replies by the developer are they being helpful or dismissive.
A point to note, most plugins are free and so is the support, sometimes developers can get snappy with people who are not helping themselves first by demanding support as if it is a right.
You can tell if the respondent is the developer of a plugin, they will have a badge against their name.
In the words of the great song smith Burt Bacharach and Chanteuse Dione Warwick, simply Walk On By.
For every plugin out there, there is nearly always another one doing the same job, look for the similar one that passes the 6 point test.
So you have installed a plugin and it crashes your site, and you cannot login to delete it, what now.
If you have access to FTP or a file manager on your hosting account, navigate to wp-content/plugins and simply delete the offending plugin directory.
It’s a good idea to setup a staging area so you can test new plugins before installing them to your live site.
A staging area is a duplicate of your live site with the same, plugins, theme and content, it allow you to add new feature without worry.
The massive diversity of WordPress plugins is what makes WordPress so powerful, there is always a plugin out there to do that thing you want to do.
Quality varies, will that new plugin break your site? Use this 6 point check list to only install high quality code.