Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5

Must have plugins

#1
On every site i must have:
All In One SEO Pack
Anti-Malware Security and Brute-Force Firewall
Clean and Simple Contact Form
Easy Google Fonts
NextGEN Gallery by Photocrati
qTranslate-X
Custom Post Type Attachment ( PDF )
LayerSlider WP
WP Google Maps

if you have any proposal for must have installed, please inform me...
[-] The following 1 user Likes neboland's post:
  • gigame
#2
well here is my must have on every web site :
Advanced Custom Feilds
Google Analytics by MonsterInsights
Google XML Sitemaps
Wordfence Security
Clef
Meta Slider
Contact Form 7
Duplicator / Cloner / Migrator
Page Builder by SiteOrigin
Maintenance
[-] The following 1 user Likes icl0ud7x's post:
  • Genesis
#3
And here are my must-have plugins that I have installed on all my Wordpress instances: 
  • Akismet
  • Contact Form 7
  • Redirection
  • W3 Total Cache
  • Yoast SEO
Optionally:  
  • Duplicate Post
  • Sharify
  • WP All Import Pro
  • WPBakery Visual Composer
#4
Contact Form 7 uses too much resources, I much prefer Contact Form Builder.

As for caching, nothing compares to WP Rocket because it does a way better job than W3 Total Cache with less complicated settings options. The best part is that it also minifies properly, has lazy loading options and cleans up database.

For security, iThemes Security has better options to protect your website so I'd recommend it over WordFence.
#5
(07-07-2016, 03:21 PM)triphip Wrote: For security, iThemes Security has better options to protect your website so I'd recommend it over WordFence.

Can you explain what options are better to protect your site?  I haven't heard of iThemes Security before, and have been using WordFence for many years.  So am interested to know what iThemes Security has that WordFence can't provide.

#6
There are lots of good wordpress plugins, but most consume so much web hosting resources. So I mostly try to find which is best and requires less resources.

Here's the list of plugins I use most :
Simple Wp Sitemap : An easy, fast and secure plugin that adds both an xml and an html sitemap to your site.
All-in-One WP Migration : WordPress backup Tool
WP Fastest Cache: The simplest and fastest WP Cache system
GTranslate - Google Translate (Translation Plugin)
Frontier Set Featured : Set featured image automatically from images in the post.
For SEO I was using yoast seo for a long time, but now I'm trying 'all in one seo' and 'The SEO Framework'.
#7
all in one seo pack and w3 total cache is important for me, wp-optimize and backwpup sometime will be an optional
#8
(03-12-2016, 12:57 AM)neboland Wrote: On every site i must have:
All In One SEO Pack
Anti-Malware Security and Brute-Force Firewall
Clean and Simple Contact Form
Easy Google Fonts
NextGEN Gallery by Photocrati
qTranslate-X
Custom Post Type Attachment ( PDF )
LayerSlider WP
WP Google Maps

if you have any proposal for must have installed, please inform me...

Caldera Forms 
WP Hide & Security Enhancer
Yoast SEO
Child Themify or One-Click Child Theme (very simple, but useful)
W3 Total Cache
#9
Plugins that are on my MUST HAVE LIST  are only Classic editor cause I hate guthenberg..and Elementor and Elementor PRO cause it is so powerful.
#10
It depends from what site it is. Anyway I think that the Classic editor cannot be forget...
#11
Good thread.
The first thing I do once I have installed WP is to deactivate all plugins and then remove them :)
Most of them are really unnecessary. Besides I like to keep my house clean and simple!

Having said that, however, I do need to install ONE plugin before I start customizing my site and that is " WP Maintenance mode"
This is a simply free plugin that do the following:
It displays a notice to all visitors of mysite.com that this site is currently under maintenance.
#12
(08-27-2019, 07:44 PM)thdreamer Wrote: Good thread.
The first thing I do once I have installed WP is to deactivate all plugins and then remove them :)
Most of them are really unnecessary. Besides I like to keep my house clean and simple!

Having said that, however, I do need to install ONE plugin before I start customizing my site and that is " WP Maintenance mode"
This is a simply free plugin that do the following:
It displays a notice to all visitors of mysite.com that this site is currently under maintenance.
I've just gone through a panic scare situation. I don't think it was my Website content, but there is currently a planned attack on older WordPress themes and plugins where the perpetrators infiltrate through a hole in the plugin, then get the site IP to be connected with "dudd" external domains that attack other sites. As soon as all of the anti-spam blacklisting authorities pick up on this and the warning comes to your datacenter that the IP on which your Website is built has been responsible for attacking other sites, your account gets suspended, the rogue domains get emptied and they vanish. By the time this gets investigated they're already long gone and busy on the next victim.

So moral of the story is, check your favourite themes and plugins you've used for many years are still a going concern. Not only that they are updated, but that the authors of the themes and plugins are still actively involved and interested. I have WordFence loaded, and still maintain that it wasn't the WordPress site that was the problem - as when I questioned it, and the Datacenter looked at my account, there was nothing on it - no evidence of an exploit. They thought I had something loaded on my WordPress site that had taken care of it, which is a load of rubbish, as there were no warnings from WordFence. Unfortunately at the time when I was advised I was in such a state of shock I genuinely believed the blog had been hacked and reloaded the OS of the VPS to make sure all of the content was gone. So only afterwards when I read the Datacenter report about the fact they couldn't find an exploit, realized that possibly my Website had not been the source of the problem. Something else must have happened.

So now of course technically since the VPS had been empty for a couple of days, there should be no Website linked to it. I then did an IP Website search, and there were four domains that came up with the DNS inspect as though they were on that IP. And one of them was the offending domain that was listed in the complaint.

My argument had been since the VPS I had been allocated had been very new, possibly these hackers had had domains on that IP before. Anyway, I have no evidence for that. All I can say, one can be as security focused as one wants to be, but these guys have become so super sophisticated and "fast" in their operations so the only way one can be "safe" is to make sure one has as few WordPress plugins loaded as is reasonable as one can and they're very VERY current and up to date.

And now WP Website owners have a further problem, as all of that anti-spam police network is so closely knitted electronically, that they will respond to almost any spam notice and instantly blacklist IPs, automatically. I was lucky my IP was not blacklisted, as my Datacenter responded fast. But when I checked after, some of these anti-spam organisations - particularly the one - had blacklisted my VPS IP AFTER the situation had been solved. When I tried to get them to remove the blacklisting they offered to do it for a fee! Tongue So I asked the VPS host to replace my IP instead. I still haven't put a Website up however, as I'm planning to start a new installation from scratch. I've also been researching static blogs with Jekyll or Hugo, but probably will go back to WordPress and be even more cautious than I've been before. It has taken a few years for me to at least be a specialist (by not such high standards), I'd hate to give up on WordPress. Starting with Jekyll and Hugo is a huge learning curve. Maybe I'm a bit lazy too and comfortable with WordPress. Darn hackers! Tongue

I get the feeling that your policy would also be very conservative in using themes and plugins so in this instance would be very interested which plugins you're using for your WP sites.

#13
(08-28-2019, 06:01 AM)Genesis Wrote:
(08-27-2019, 07:44 PM)thdreamer Wrote: Good thread.
The first thing I do once I have installed WP is to deactivate all plugins and then remove them :)
Most of them are really unnecessary. Besides I like to keep my house clean and simple!

Having said that, however, I do need to install ONE plugin before I start customizing my site and that is " WP Maintenance mode"
This is a simply free plugin that do the following:
It displays a notice to all visitors of mysite.com that this site is currently under maintenance.
I've just gone through a panic scare situation. I don't think it was my Website content, but there is currently a planned attack on older WordPress themes and plugins where the perpetrators infiltrate through a hole in the plugin, then get the site IP to be connected with "dudd" external domains that attack other sites. As soon as all of the anti-spam blacklisting authorities pick up on this and the warning comes to your datacenter that the IP on which your Website is built has been responsible for attacking other sites, your account gets suspended, the rogue domains get emptied and they vanish. By the time this gets investigated they're already long gone and busy on the next victim.

So moral of the story is, check your favourite themes and plugins you've used for many years are still a going concern. Not only that they are updated, but that the authors of the themes and plugins are still actively involved and interested. I have WordFence loaded, and still maintain that it wasn't the WordPress site that was the problem - as when I questioned it, and the Datacenter looked at my account, there was nothing on it. They thought I had something loaded on my WordPress site that had taken care of it, which is a load of rubbish, as there were no warnings from WordFence.

My argument was since it was on a new VPS, that possibly these hackers had had domains on that IP before. Anyway, I have no evidence for that. All I can say, one can be as security focused as one wants to be, but these guys have become so super sophisticated and "fast" in their operations so the only way one can be "safe" is to make sure one has as few plugins as is reasonable and they're very VERY current and up to date.

And now WP Website owners have a further problem, as all of that anti-spam police network is so closely knitted electronically, that they will respond to almost any spam notice and instantly blacklist IPs, automatically. I was lucky my IP was not blacklisted, as my Datacenter responded fast. But when I checked after, some of these anti-spam organisations - particularly the one - had blacklisted me after the situation had been solved. When I tried to get them to remove the blacklisting they offered to do it for a fee! Tongue So instead I asked the host to replace my IP instead. I still haven't put a Website up however, as I'm planning to start a new installation from scratch. I've also been researching static blogs with Jekyll or Hugo, but probably will go back to WordPress and be even more cautious than I've been before. It has taken a few years for me to at least be a specialist (by not such high standards), I'd hate to give up on WordPress. 

WoW thanks for posting this. I am just starting / learning to use Wordpress and I think I am going to be very careful, that's scary!
#14
(08-28-2019, 06:09 AM)thdreamer Wrote: WoW thanks for posting this. I am just starting / learning to use Wordpress and I think I am going to be very careful, that's scary!
Start with WordFence - it's the best free WordPress specialist protector there is. Then check it first where it asks you for your e-mail address so it can notify you of anything happening with your site. It's probably one of the best plugins there is.

If you're looking for good tutorials, I can recommend WPapprentice.com.

#15
(08-28-2019, 06:16 AM)Genesis Wrote:
(08-28-2019, 06:09 AM)thdreamer Wrote: WoW thanks for posting this. I am just starting / learning to use Wordpress and I think I am going to be very careful, that's scary!
Start with WordFence - it's the best free WordPress specialist protector there is. Then check it first where it asks you for your e-mail address so it can notify you of anything happening with your site. It's probably one of the best plugins there is.

If you're looking for good tutorials, I can recommend WPapprentice.com. 

Dear Genesis,
Many Thanks for these important tips, greatly appreciated :)
  




Users browsing this thread:
1 Guest(s)

Must have plugins341