This post was last updated on 6/13/2018
By must-have WordPress plugins I mean those crucial plugins that no WordPress site should “live” without. Those plugins that cover the most essential parts of a website, like security, backup, SEO, spam, performance, speed, and social media.
Now let’s reveal you our beloved must-have WordPress plugins that we’ve been using for a long time. I bet you’re using several of them as well.
1. iThemes Security
(Active installations: 900,000+; Rating: 4.7)
iThemes Security is the former Better WP Security. They changed its name and a lot of other things.
In my opinion, it’s the best security plugin out there. It’s very complex and provides many, many ways to secure your WordPress website.
Here are some of its main features:
- Obscure: Hides common WordPress security vulnerabilities, like your site’s login, admin, etc.;
- Protect: Blocks bad users, increases the security of passwords and other vital information;
- Detect: Monitors your website and reports changes to the filesystem and database that might indicate a security issue. It also detects bots and other attempts to search vulnerabilities on your website;
- Recover: Performs backups of your WordPress database;
- Brute Force Protection Network: This is a great feature. Most websites get hacked through brute-force attacks. Having strong passwords is the first step you need to take in order to prevent such attacks.
Our very first website got hacked just when we were about to launch it :). They wiped out everything and just left a blank page with their hacking group’s name. There are some people who hack WordPress websites in bulk, just for fun.
Anyway, we were beginners back then and didn’t know much about WordPress vulnerabilities, security plugins, etc. The bright side was that they made us learn our lesson. Since then, we secure our websites in every way we can.
2. Updraft Plus
(Active installations: 1 Million+; Rating: 4.8)
Every website needs regular backups, at least once per week. UpdraftPlus is a reliable backup plugin which is very simple to set up.
Here are some of its main features:
- Restores backups;
- A lot of cloud backup options (Dropbox, Google Drive, Amazon S3, and more). Here’s a comparison between the most common ones;
- Automatic backup schedule;
- Uses fewer server resources.
3. WordPress SEO by Yoast
(Active installations: 5+ million; Rating: 4.9)
You definitely want to have this one amongst your must-have WordPress plugins; it’s just brilliant. I wouldn’t use any other SEO plugin even if you’d pay me to.
It’s not that easy to properly set it up, especially if you don’t know anything about SEO, and its numerous features can be overwhelming for some people. I suggest following some good guides or ask someone to do it for you. You can always come to us, of course :D.
Like I said, it has a lot of features, so I’ll point out the most interesting ones:
- Titles: You can set patterns for your page titles in just a few seconds;
- The Snippet Preview: You can actually see how your post or page would look like in search results;
- Page Analysis: This is a great feature for those who are new to SEO. It checks your on-page SEO elements and it tells you which are good or bad, or which are lacking;
- XML Sitemap: I think Yoast’s XML Sitemap is the best. I’ve noticed that search engines are indexing your site better with this sitemap;
- Built-in Editor: Another feature that I find very useful. You can edit your robots.txt and .htaccess files from within the plugin;
Sometimes, a conflict may occur between the XML Sitemap and your theme, or your theme + W3 Total Cache, which can lead to a 404 Page Not Found error. If this ever happens to you, then check out our post where you’ll find 5 different ways to deal with this issue.
4. W3 Total Cache
(Active installations: 1+ million; Rating: 4.3)
Just like the Yoast plugin, I believe this to be the best free caching plugin, and you should definitely have it amongst your other must-have WordPress plugins.
It can be pretty hard and tricky to set up, though. There’s a basic and simple set up that works fine for some sites, but usually the settings depend from theme to theme.
For example, on this site we were somehow forced to manually pick the CSS and Java files in order to minify them and improve the site’s speed a little bit. Some minified files were damaging the site, so we had to discover and remove them… took quite some time.
Anyway, if everything is done properly, with this caching plugin you can greatly improve your WordPress site’s speed, that’s for sure.
5. Spam Destroyer
(Active installations: 7,000+; Rating: 4.7)
I totally agree with what’s written in the image: “It’s not the most sophisticated Spam blocker I’ve tried, but it’s the only one that works!“. I couldn’t have said it better.
We’ve used this plugin for a very long time and we didn’t have any kind of spam problems. Want to hear the other best part? It doesn’t have any kind of settings, not one! You just install it and leave it be. How cool is that?
6. Revision Control
(Active installations: 100,000+; Rating: 4.5)
Update 2 (6/13/2018): The plugin is up to date now!
Update (12/6/2015): This plugin still works, but since it has become too outdated, I’m going to offer you an alternative: WP Revisions Control. It works in the same way as Revision Control.
Every time you Save or Update a page/post, a copy of the previous version is automatically saved as a Revision. This will unnecessarily increase your database’s size, which can increase your site’s speed.
Now, I know this plugin is outdated, but we’ll still use it until it stops working properly or something. I like it because once you’ve set the number of revisions you want to keep (or you can disable them), the plugin will delete the older ones automatically after each Save or Update, so I don’t need to press a Delete button every now and then to clear the revisions.
Note: This plugin needs to be installed since the very beginning, before you start setting up your site, saving and updating pages. Since it doesn’t have a Delete button, you need to go into each page and save or update it in order for the changes to take place. It will take a lot of time.
7. Social Warfare
(Active installations: 60,000+; Rating: 4)
Until recently, I used to recommend Shareaholic, because in the past you didn’t have many choices when it came to social sharing plugins, mainly because most of them look just awful.
Shareaholic was more professional looking, and they also offered a social floating bar for free! The downside of it is that it’s a pretty “heavy” plugin and it can affect your website’s performance from what I’ve noticed.
It still has some great features, though.
Anyway, with time, more social sharing plugins appeared, and Social Warfare is my new favorite!
Here are some main things that I like about Social Warfare:
- It’s light, doesn’t affect your website’s performance;
- It’s very simple to set up;
- Looks great;
- Offers a floating bar for free;
- Protects you from hijackers that place their ads on top of your content without your permission.
8. WP Smush
(Active installations: 1 million+; Rating: 4.8)
Update (10/18/2017): If you don’t mind doing some manual work, I recommend using this free online tool – Optimizilla. The fewer plugins you have, the better!
This is a plugin which removes unnecessary bytes from image files, without affecting your images’ quality, of course. This is very helpful for your page speed.
The bad news is that it doesn’t work on sites that use SSL (https). It works now!
An alternative is EWWW Image Optimizer, but note that this plugin can sometimes put pressure on the server, especially if you are on a shared environment.
(Active installations: 1 million+; Rating: 4)
If you care about your SEO and user experience, then every time you change an URL you need to perform a 301 redirect from the old one to the new one. If you keep changing URLs without redirecting them, you’ll create duplicate content, which can affect your SEO. If you perform a 301 redirect, search engines will eventually delete the old URL from their index and keep the new one.
The Redirection plugin is very simple to use. You just add the old URL and the new URL, and press Add Redirection. It also has several other features, like keeping track of any possible 404 errors on your website.
10. Broken Link Checker
(Active installations: 600,000+; Rating: 4.2)
Update (10/18/2017): Since this type of plugin can sometimes impact your server performance, especially if you’re hosted on a Shared one, and if you don’t mind doing some manual work, I recommend using this free online tool – Dead Link Checker.
Again, if you care about your SEO and User Experience, you need to check for any broken links as well. Many sites break down, stop existing, etc., so you’ll end up with broken outbound links, which is not pretty. You need to replace them in order to have good on-page SEO and provide quality User Experience.
Here are some main features offered by this plugin:
- Monitors the links in your posts, pages, comments, and custom fields;
- Detects faulty links, missing images and redirects;
- You can search and filter links by URL, anchor text, etc.;
- Links can be edited directly from the plugin’s page.
These are our 10 must-have WordPress plugins we always use and recommend. Either you use these or other alternatives, it doesn’t really matter, as long as you use something that covers the vital parts of your website.
What must-have plugins do you have in your toolkit?