← ServerPilot Docs
Choosing the Right Amount of Plugins for Your Site
A plugin is a piece of code that, when added to your website's core, extends
or expands the functionality of a specific feature or of your site as a
whole.
The types of plugins vary from those that upgrade the backend with features
like site caching and search engine optimization to those that give the
frontend a facelift, such as image sliders and social widgets.
Plugins are a great way to change your site's appearance and function;
however, their use can come with some downsides, particularly if you use an
excessive amount or poorly coded ones.
The philosophy outlined in this article
applies not only to WordPress plugins but also to Magento plugins, Joomla
extensions, Drupal modules, Craft plugins, etc.
How to Choose Plugins Correctly
The key to plugins is to choose them wisely and use them efficiently.
As you shop for a plugin to use on your site, ask yourself some questions
like the following:
- What do I want the plugin to accomplish?
- Is there one plugin that performs the functions of two (or more)?
- How resource intensive are these plugins?
- Will I need to upgrade the memory on my server to use these plugins?
While plugins allow you to customize your site, your potential for problems
increases with the more plugins you add, so it is better to adopt the
policies of "Less Is More" combined with "Quality over Quantity."
If you have a smaller server with a smaller amount of memory, you should
probably limit the number of plugins on your site to 20 or less.
If you are running a complicated site that needs upwards of 50 plugins, you
should probably reevaluate the needs of your site.
How to Protect Your Site from Plugin Vulnerabilities
Even if you are using fewer plugins and have chosen them wisely, you still
need to protect yourself from the vulnerabilities that plugins can bring.
The guidelines can help:
- Choose wisely and update regularly.
Always run the latest security patches for all of your plugins, and
remember, the fewer plugins you have, the faster your site will run.
- Use a modern and updated theme.
Older themes often have embedded plugins that have not been updated
since they were built into the theme.
- Use current plugins.
Make sure a plugin has been recently updated and check its changelog
to see how often it is patched with security updates.
(more recent + more often = better!)
- Use the most popular plugins with the most installs and the
highest ratings.
Popular and highly rated plugins are likely to be more secure and
better maintained.
- Delete plugins you don't use.
Remember, less is more: fewer plugins offer fewer opportunities to be
hacked and that means more protection for your site.
- Download plugins only from the official repositories or from a
trusted third-party seller.
Do not download a free plugin from a Google search.
If the plugin you need is not available from your CMS's official
repository, make sure you get it from a properly vetted source like
Envato Market.
- Check your plugins against a vulnerability database.
Resources like Sucuri's Vulnerability
Database can help you monitor potential threats.
Last updated: April 13, 2017