What is a plugin? Plugins are tools (bits of software) that expand what you can do with your WordPress site, without having to manually write or edit code.

There is virtually no limit to what you can do with WordPress plugins – if you want to do it, there’s probably a plugin for it – from ecommerce to SEO, from design features to social media, from security to spam prevention. There are more than 50,000 free plugins available in the WordPress.org repository, and hundreds more premium plugins available in the commercial marketplace.

If you’re reading this, you are probably already using WordPress, as well as a handful of plugins. WordPress is an outstanding Content Management System (CMS). Even so, WordPress on its own can’t do everything. That’s where plugins come into the picture. But just because you can do something with a plugin doesn’t mean you should.

What Is a Plugin? 11 Things You Need to Know

These 11 things you need to know about WordPress plugins will help you sift through the choices and decisions you have to make around using plugins, and create a lean, secure, yet creative and functional WordPress site. These best practices will serve as a guideline to prevent pitfalls for you so you can get on with the business of your business.

1. Sometimes (Well, Usually), Less is More

Plugins are great resources because they allow your site to do things it otherwise wouldn’t be able to do. But, the more plugins you have, the greater the risk of problems occurring within your site. Plugin problems can be random and unexpected, or more specific issues related to plugin or WordPress upgrades. Plugins can also conflict with other plugins or even themes.

In addition, each active plugin will slow down your site by some amount. Imagine that each active plugin slows down the site by 5 milliseconds (some more and some less). If you have 20 active plugins, that means every page will take a tenth of a second longer to load than if no plugins were active.

If you catch yourself asking “Do I have too many plugins installed?”, then you probably do. Just remember to keep the number of plugins installed on your website reasonable.

2.Keep Your Plugins Updated

Developers provide updates to their plugins to:

  1. Add new functionality
  2. Patch security holes and to fix bugs
  3. Keep up with the ever-changing WordPress core.

If you aren’t updating your plugins when the developer provides it, you are exposing yourself to potential frustrations and possible security breaches. As plugin developers, we can honestly tell you that we don’t update plugins just for the fun of it, but we ultimately want to ensure that our plugins function at their peak levels of performance. And that’s what we want for you and your site—peak performance!

If you manage multiple WordPress sites, keeping up with plugin updates can be tedious. Use a service like iThemes Sync to run updates across multiple WordPress sites, view available updates and much more. You can also do a ton of other WordPress admin tasks from one dashboard.

3. If You’re Not Using a Plugin, Delete It

Many people keep a library of inactive plugins sitting on their site. Since you have the option of deactivating a plugin, it may seem tempting to leave it on your server. But even disabled plugins can pose a major WordPress security risk, so if you aren’t using the plugin, remove it entirely. You can always reinstall the plugin if you change your mind later.

4. Plugins Should Serve a Specific Purpose

There are tons of cool plugins that do fun things. But since plugins slow your site, and could pose some security issues, it’s important to make sure the plugin serves a genuine purpose–and isn’t installed just because it’s cool.

Cool is OK, of course, but probably not a