How do I perform a plugin audit?

A plugin is a piece of software that makes it easy for you to add features and functionality to your website without needing to know how to code it yourself. Someone else has done the development, testing, and troubleshooting and made their work available for plug-and-play installation on your site. There’s a plugin for just about anything!

As easy as they are to find and install, plugins aren’t set it and forget. Each time you install and activate a plugin on your site, you’re introducing new programming. This can come with new complexities in terms of site performance and can introduce potential vulnerabilities for your site’s security. It’s important to vet your plugins closely and review them consistently!

Note: These tips don’t only apply to WordPress users -- we highly recommend examining any add-ons or widgets on your site with careful scrutiny, regardless of your platform.

Once per quarter, we recommend performing a plugin audit (with your developer’s input, if you’re not sure what any of them do!) to evaluate which plugins are truly necessary for your site. Feel free to use the following tips to audit your plugins:

Am I using it?

Remove any plugins/widgets you're not using. Deactivated plugins can still take up space on your site and have the same vulnerabilities as activated plugins, so delete them instead. You can always reinstall later if you need that plugin’s functionality again.

There’s no hard and fast rule to the number of plugins you should have on your site, but work to limit plugin usage and make sure you have a good reason for each plugin you’re running.

number_of_plugins.png

Am I using it RIGHT NOW?

Remove plugins that you only use occasionally. If there’s a plugin you only use once in a while (like WP-Optimize or Broken Link Checker), completely remove it between uses and reinstall when needed.

inactive_plugins.png

Is it up to date?

Update plugins. Out-of-date plugins can introduce vulnerabilities to your site and become a prime target for hacking and malware injection! Keep your plugins as updated as possible.

When evaluating new plugins, look for ones that have been updated within the last six months. Things change quickly in the world of web development. If a plugin developer isn’t actively working to keep their codebase up to date, this could leave your site open to vulnerabilities.

outdated_plugins.png

Does another plugin do the same thing?

Consolidate duplicate functionality. Plugins can often have overlapping functions — like two plugins that both add a pin-it button to the images on a site. 

When choosing between two plugins, go with one from a trusted, high-quality developer who provides ongoing support and updates.

Is it resource-heavy?

Swap out or remove notorious slowpokes:

Social media plugins that pull in Facebook, Pinterest or Instagram followers/feeds are notorious for slowing down sites because they load so many images and so much information. Plus, removing them keeps your readers ON your site longer, consuming your content. Why send them somewhere else?

Font plugins can also be particularly heavy. Any external fonts you’re using should be coded into your theme, so work with your developer to get that taken care of so you can remove any font plugins you’re running.

Spend a little time to keep your site safe and healthy, so you can focus on creating great content for your happy, loyal and engaged readers and reap the rewards in revenue!

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request