As an organizer for Metro Detroit WordPress and West Metro Detroit WordPress meetup groups, not one event goes by when I’m not asked by a member, “Deborah, what plugin do you recommend for WordPress?”
I ask questions about what plugins they’ve looked at already, their goals and expectations, and share my recommendations.
Often the conversation leads to the topic of this post: what common plugins to install on WordPress sites.
With over 55,000 plugins in the WordPress repository, asking for plugin recommendations is a valid question to ask.
Where Do You Start?
It’s challenging to sort out what plugin to use when you have so many to choose from.
And what default plugins you need to consider for your site.
After creating and maintaining a couple hundred WordPress websites since 2006, I don’t consider myself the expert on plugins. There are too many!
But after trial and error, as well as conversations with other WordPress designers and developers, I created my own list of favorite plugins I use on websites.
Have a WordPress blog where you want readers to comment?
Make sure you install a plugin to manage spam.
Have a site with multiple forms?
You’ll want to look at forms plugins; ask yourself 10 questions about forms to help narrow your choices.
And of course, you’ll want a plugin or service to keep your site secure.
I’m constantly re-evaluating what standard plugins to add to a site. While some sites may not need everything in my list, it’s where I start for every site. Read on for the latest updates.
Default WordPress Plugins I Install
All the plugins in this list are currently maintained and have been updated within the past year (as of February 10, 2020).
- ManageWP: Manage sites from one dashboard. I can update WordPress core, themes, plugins as well as monitor, backup, optimize the database, and check analytics (for sites that use Google Analytics) across a number of sites. Best feature for me: cloning sites.
- iThemes Security: Keep the WordPress site secure.
- Two Factor Authentication. Multiple two-factor authentication options makes Two Factor a winner for me. Why force users to use only one option for authentication? Two Factor allows each site user to choose which of four authentication options to use. Check out my review of Two Factor.
- Simple CSS: Add custom CSS to your site in full-screen. Personally, I hate having to work in the small-width window in the Customizer. Here’s my Simple CSS review.
- Contact Form 7: Create contact forms and other forms quickly. Includes ability to modify the HTML and add form labels to create a more accessible form.If you don’t want to dive into HTML, you can install Joe Dolson’s Contact Form 7: Accessible Defaults plugin to add the form label code.
- Contact Form 7 Honeypot: Add basic honeypot anti-spam functionality to keep spambots away. I’m not a fan of CAPTCHA or reCAPTCHA; the honeypot has done a good job of thwarting spambots.
- Classic Editor: Restore the Tiny MCE editor (pre-WordPress 5.0 editor) to WordPress sites with 5.0+ installed. If you’re made the transition to the block editor, you won’t be needing this plugin.
- Media Library Assistant: Adds several enhancements for managing the Media Library, including enhanced media search options. Check out my Media Library Assistant review.
- Enable Media Replace. Wouldn’t it be nice to replace an existing file in your Media Library with a new version, while keeping the same file name? Check out my Enable Media Replace review.
- Simple History: Tracks changes to the website in a log. Helpful for troubleshooting when you have multiple users with admin or editor permissions on a site. Here’s my review of Simple History.
- WP Rollback: Quickly rollback WordPress.org themes or plugins to a prior version. Note: this does not work for premium themes/plugins. Check out my WP Rollback review.
- WP Sweep: cleans up revisions, drafts, deleted comments, and a range of other temporary changes.
Plugins I Often Install
- AntiSpam Bee: If a site has a blog, I always install an antispam plugin. Since Akismet requires a WordPress.com account, I’ve moved away from using it.
- Email Address Encoder: Protect text email addresses and mailto links from being harvested by robots. Only needed on sites that require an email address on the pages. I highly recommend clients use a contact form rather than a mailto link or text email address. Check out my review of Email Address Encoder.
- Redirection: For sites that have moved content or changed post/page names.
Wrapping Up
Creating a standard list of common WordPress plugins makes it easier to get started with planning, designing, and creating your WordPress website.
Use my list of common plugins as a guide or basis for your own site setup.
Let me know in the comments what plugins you have in your standard WordPress site set up.
Originally published December 26, 2018
Good overview of many useful plugins. What do you think of alternatives (such as WordFence instead of iThemes Security)? What about Wp Statistics or Matamo for analytics instead of Google Analytics? Those are some I often turn to in addition to the ones you mentioned.
Hi Mark,
Thanks for your comment. I haven’t used WordFence, so I can’t speak to it. For analytics, I’ve moved to using Gaug.es on my site and a couple of client sites (that didn’t already have Google Analytics set up). Much cleaner interface, easier to understand. However, it’s a paid service.
I haven’t used WP Statistics, but I like the screenshots I see on their plugin site. What do you like best about it?