“The WordPress core is extremely secure. However, the core is not responsible for anything happens if a WordPress user decides to install a plugin that has a security flaw.”
Referring back to the “Potential Risks of Using WordPress plugins” as discussed earlier, every single plugin you install has a potential security risk.
In this article, we will share some tips on how to choose a better WordPress plugin and we hope you’ll find it useful.
The first question, do you really need that plugin ?
Some time we don’t really need that plugin as we can simply do it ourself in order to get the same (or even better) result. Many of you would prefer to use a plugin because modifying the code can be troublesome, and sometime risky as well. Right ?
So, when to use and not to use a plugin? The answer is simple, if the modification is complicated, or it would affects the WordPress core files, do use a plugin as it will be a pain for upgrading your customized Wordpress core. Other wise, you can always modify the theme code rather than use a plugin.
For example:
Why do we need a heavy social plugin just to display our social profiles like facebook, twitter and google plus pages? We can do it by simply adding a widget to the sidebar that exactly fitting our theme.
Why do we need a fancy / floating social like bar that would never seems fitting our theme ? By adding some code to the single.php we can get exactly what we want.
The First impression on the rating is a mistake
The general guidelines on choosing a plugin is base on the rating, the higher the rating, the better the plugin. Sounds correct ? Now I am searching for a share button plugin in the WordPress backend and this is what I got:
Check the compatibility before you install a plugin.
You can always find the same plugin at the WordPress plugin official page
Read the Compatibility and version of WordPress required of the plugin before install. Sometime the author reputation should be taken into consideration for choosing a better plugin.
So are premium plugins really safe ?
Not really, although the occurrence of insecure plugins amongst premium plugins is pretty low, that does not mean that all premium plugins are perfectly safe.
For instance, the enormously popular W3 Total Cache and WP Supercache plugins had announced a security flaw back in May 2013. Just imagine how much damage such flaws can cause within the 7.5 million users between them.
The good things is these popular authors are they will response to the flaws very quickly and also provide necessary support.
Conclusion
The WordPress core is extremely secure. You are responsible to filter and monitor your plugin in a way to make sure they are free from security flaws
There are also plenty of free plugins out there that are responsibly developed with excellent code, but make sure you do your homework before install a single plugin and get rid of the malicious plugins.
Do you have your own opinion on plugins? Let us know and leave your comment below!