The dangers of WordPress plugins' inexperience (And strategies to combat it) The risks of WordPress plugins ignorance
I was very upset.
My site was bouncing around for some time, slow to load, and was completely unresponsive which is why I decided to call my hosting company. They told me that it seemed to be tied to a plugin I use on my blog.
At that point, the lightbulb in my head rose to the surface. This was because I had just created a completely new plugin few hours earlier. In the meantime my website began acting strangely. The behavior seemed odd.
It took a minute (well I'm not sure what speed) I logged in to my blog, and later disabled the malicious plugin. Bingo. Website restored to its regular.
It's happened for almost every user of WordPress over any length of time: plugins malfunctioning caused websites to go offline. We still use plug-ins that are downloaded and removed in a flurry however are unaware of the potential risk involved. Some users are well conscious of the dangers we are facing and can take pleasure in our endless use of plug-ins with no awareness of the risks lurking just in the distance.
It's true that most WordPress users are naive when it comes to their website. This article is going to discuss the possible dangers of plugins ( especially free ones) in addition to expressing my hopes that this article serves as an effective argument in opposition to the ever-growing number of plugins to your WordPress website.
What harm can the Plugin Really Cause?
A simple definition of a WordPress plugin is an application which enhances capabilities available within WordPress. The plugin improves the features available through the Content Management System (CMS). Plugins were created with programmers seeking to improve the capabilities of WordPress without altering its fundamental structure.
With more than 28,000 plugins for free used, WordPress can do practically anything you think of (and should it isn't it is, you'll know that someone is working on it).
The plugins constitute the beating heart of WordPress. They've played an important role in its swift growth and advancement to become the top in the WordPress CMS realm. Without the plugins WordPress is a very limited website.
The plugin you decide to install can be significant in how quickly your site is, and most instances the plugin is a part of WordPress which can affect your whole WordPress installation. For example, my blog experienced a slowdown recently due to a particular plugin. No doubt, the tiny amount of files can be one of the biggest factors in the efficiency that your site.
In this regard, WordPress users should be conscious that they put their website's safety in the hands the developers every time they make use of extensions. In the event that the person who is developing it has good history of his work and is aware of responsibility, the likelihood of having issues using the plugin is low (although there is no guarantee). Many developers don't have control of the plugins they develop.
After we have installed the plugin, anything can occur. The speed with which your site is loaded can be significantly affected. It could even wipe it out. Indeed, untrustworthy developers develop unsafe plug-ins (or hack into otherwise reliable plugins) and don't have a motive other than creating suffering for people. The risk is there every time we press the button to activate.
The issue lies with WordPress.org
WordPress.org is wonderful due to a number of aspects. But, it's far from being free of flaws. In the moment of writing there's a vast array of plugins available via WordPress.org. The vast majority of them are
- No longer up-to-date
- buggy,
- bloated,
- Unsecure or
- Combination of any of the above.
Even the most powerful and durable plugins can be vulnerable to security vulnerability. In May, Sucuri discovered an issue with security that was prominent within the popular W3 Total Cache and WP Supercache. WP Supercache is a plug-in for WP. These two plug-ins have been acknowledged with over 7.5 million downloads in total, which shows just how much damage such security holes can inflict.
This is also true of Yoast SEO. Yoast plugin. in a recent blog post regarding ManageWP I addressed bugs within the well-known SEO Yoast plugin. Joost de Valk is a prominent designer. He was quick to resolve the issue and then WordPress.org discovered that many users had marked SEO Yoast's most recent updates as incompatible.
SEO built by Yoast has reached its peak but these cases demonstrate that even the highest-rated developers - can be assured to function in the event that of WordPress plugins.
WordPress.org could be an advantage or disadvantage, but this certainly is an app that must be handled with care.
Security concerns are a problem with WordPress
I've written on WordPress security often -- on my blog as well as on ManageWP and in a coming blog post that will be about Smashing Magazine and beyond.
I've spoken to a number of specialists on this topic as individuals working directly on behalf of the WordPress core. Everyone agrees that they feel that WordPress core is secure. WordPress core is very secured. It is however possible for things to become complex as the WordPress core can be influenced by outside source (from plugins and plugins, in addition to the human element).
If an WordPress user decides to alter the password on the account to "password" There's not a solution WordPress can do to defend it from attack by the brute force. This isn't a problem of WordPress however it's a matter due to the lack of experience of the user.
If you, as an WordPress user, choose to install an application that's vulnerable to security issues at the base, you will not be held accountable for any results that result from. Every software that is installed could encounter security problems.
The best plugins are they safe?
I am sure that if a study was conducted, it would be found that the ratio of buggy/bloated/insecure plugins to "healthy" plugins would be far more favorable amongst premium plugins. However, that doesn't mean the premium plugins are excellent and it's not a good idea to believe that way.
Personally, I'd advise shopping only with companies who have good, long-standing reputations.
If, for instance, you install a plug-in, or plugin via WooThemes (free or not) it is guaranteed that it was developed carefully and is likely to not have any negative impact on the speed, security or performance of your site.
When, however on the opposite side, you stumble across an online site you've never heard of before and that promises to offer a fantastic plug-in, be vigilant.
If You're Uncertain How Do You Do Now?
This isn't saying you have to remove all your plugins and scurry off to the side of the road with your head on the ground in the position of a baby. But I would recommend taking into account the value of each plugin you've installed on your website carefully. The plugin could be dangerous, could be draining resources, or be inefficient and slow. But, if you don't already have it in your system, or it is not in the system, it won't be able interact with it.
Recently, I analyzed the functionality of my site and was able to eliminate 60% of my plugins with no impact on performance. While I've replaced some features of the plugin with simple (and basic) code fragments but I found that many other features don't require the use of a plugin. Particularly, plugins that let you swiftly insert the tracking code for your site could be helpful for newbies However, people who constructed the site before this point shouldn't have a trouble putting in the code in header.php.
In the event that you're left with an (hopefully) lesser quantity of plugins to pick from, you should conduct a further review to ensure that you actually require every one of them. You're likely to be astonished when you've done an honest analysis of the plugins.
Following that, it's appropriate time to finish your clean. Consider the following concerns for each plugin:
- Who is the person who came up with the idea?
- The last time this was changed?
- Does it have a sturdy base?
It is important to know what you should take based on your responses to the questions.
Final Reflections
Your site is safe and reliable based on the rules of code that it's written. It is recommended that plugins come from trusted developers.
There are also many available plugins that have been developed with care and extremely well-coded. Be sure to conduct your research in order to make sure you're not using harmful plugins.
Most high-end plug-ins have been proven to be reliable. However, that does not necessarily mean that all of them is trustworthy. Beware of making presumptions.
If you're not able to come up with a solution the best option is to follow the conventional wisdom: less is more.
Are you aware of any particular guidelines for integrating plugins into WordPress? WordPress site(s) or are you thinking regarding plugins? Are you able to offer any ideas? Please post them in the comments section in the following!
The article was first published on this website
This article was originally posted here
This post was first seen on here