WordPress is a great content management system (CMS) and one of the things that helps make it so great is the fact that there are thousands and thousands of additional plugins that can be added to your site to make it work just the way you need. With those thousands of plugins available, it can be a daunting task to find the right plugin for what you need. I’ve used countless plugins over the years and have found a few ways to help make sure I choose reliable and safe plugins.

One of the first things I check for in a plugin is how recent it is – when the plugin was last updated. As I’ve mentioned before, one of the biggest keys to keeping your WordPress site secure is keeping it as updated as possible. Plugins are often one of the areas a hacker can exploit to get into your site. If a plugin hasn’t been updated in more than 2 years, WordPress will notify you of that and they may even remove the ability to download that plugin. Realistically, if I’m looking at a plugin that hasn’t been updated in 6 months, I’m not very likely to use that plugin. I’ll keep looking around for a while yet. If a plugin was just updated in the past few weeks or the past couple of months and I can see that the developer of the plugin has a good track record of making updates regularly, then I’ll start looking at the next criteria.

The next thing I look at is the number of active installs. If a plugin has a million+ active users, that’s a pretty good sign that it is working well for others is likely a good plugin. There’s no clear cut rule that says a plugin must have so many users to be safe, but in general, I want to see 100,000+ active users. If there are only 20 active users, for example, I’m not as convinced that a plugin has the resources to make it secure. That doesn’t mean I won’t use the plugin, but I will be extra cautious. One plugin I used that has 20 active users was built by another developer who I had worked with in the past and knew that they always had regular updates for the other plugin.

Also, I oftentimes check the reviews for a plugin to see what the community thinks of it. I’ll see if I can find reviews from another developer who tried to use it to achieve the same objective that I am working toward with the current project. I usually take negative reviews with a grain of salt, but if there are multiple negative reviews speaking to a certain aspect of the plugin, I will pay attention to those.

If I’m still not sure whether a plugin is safe to use or not, I’ll email the developer. If I get a reply quickly, it is at least an indication that the developer is actively involved in the plugin and responding to users in a timely manner. How well the developer can answer my questions often indicates if it is worth the time to test the plugin further.
Before using most plugins, I run them in a test environment and just to see how they work. I can then test the functionality of the plugin as well as see how it responds with the WordPress theme and other plugins that will be installed on the site. 

WordPress is so popular in part due to the number of plugins available there. Of course, the number of plugins available can make finding the right one to use a challenge. Following these simple steps can help save hours of searching and scratching your head and ultimately lead to a safer and more profitable site.