May 092011

My site has been running for almost seven years, originally it was designed using Dreamweaver MX and then i switched to Movable Type, i was never really that happy with Movable Type and thus switched to WordPress, i found WordPress had many plugins and themes that enhanced my site, it was also a joy to use and painless to write posts and so easy to upgrade whenever a new version was released, yes there are still security issues, as there is with every site on the web, put it this way, if hackers can access a large global site like Playstation Network or get into the Pentagon's computer system then no one should be under any illusion that their site is safe.

I always do regular backups of my site and have a few WordPress plugins devoted to security, if my site ever gets hacked i should be able to restore it, although why someone would want to hack my site is another matter, i guess it's all down to "being able to" and having a malicious mind and perhaps they feel some power that in real life they just don't have, whatever the case may be, i feel the internet's biggest problem comes from these people and the damage they can do to even the biggest, most secure organizations.

Below are my top ten WordPress plugins. The list in no particular order of preference.

::My Top Ten WordPress Plugins::

10) WordPress SEO by Joost – Great for optimising your posts so that the search engines can find your content, it gives you tips and advice and allows you to play around with the best keywords and descriptions.

 9) NextGen Gallery – My favourite plugin for picture galleries, it gets regular updates and is highly configurable, you can add watermarking to your images or change the effects people see when an image is clicked, i like the shutter effect and use that, there is PicLens/CoolIris support although i find the compression level too much and don't activate it, you can also have a slideshow but i don't use that feature, one of the best photo plugins for WordPress.

 8) CK Editor for WordPress – I'd be lost without this plugin, it enhances the basic editor that comes with WordPress, i find it much easier to add images using this editor and i highly recommend it.

 7) Si Captcha Anti Spam – Before i installed this WordPress plugin i used Bad Behaviour and Invisible Defender to protect the comment form against spambots, this does the job of both, as an experiment i shut this and the other aforementioned plugins down and the spam increased, therefore it does work. I have read some so called expert opinions stating Captcha does not work and spambots can get around it, well my real world experience is that it does work, i personally do not like the Captcha code on some sites and have had horrendous times trying to figure out what it says and so i have set it to the easiest possible levels on my own site, everyone should easily be able to read it and if not they can use the audio options. This works well with the Fast and Secure Contact Form plugin.

 6) Simply Exclude – Fantastic plugin which enables me to exclude posts from certain categories from the main front page, for example i can set a category as page 2 and exclude it, thus people click page 2 and see the post but i am able to hide the fact i made a category just for page 2 posts, i find that to be very useful and this is a plugin i use a lot, now on some themes you will see the category but on the Suffusion theme you can hide the category from appearing on your navigation bar and this really helps if all you want is to have a page 2 for extended posts.

 5) WP Optimize – Let's say you amend your written posts a lot like i do, you then have a lot of post revisions cluttering up your database, this plugin allows you to remove those revisions and also spam comments as well as optmizing your database without the need to go to CPanel and enter phpMyAdmin, it also has a security feature where you can put your old username in and replace with a new one, this is a handy plugin that i always use.

 4) User Locker – A security plugin that enables you to stop people from continually trying to guess your password or username, you can set it to lock people out after a certain number of invalid attempts to login, it won't stop a determined hacker but helps casual attempts to gain access to your site.

 3) W3 Total Cache – I recommend everyone has a cache plugin for their site, some i have used in the past are WP Super Cache, Quick Cache and DB Cache Reloaded, all were good but i find W3 Total Cache to be the best because it goes beyond the normal cache plugins, you get page cache, minify, database cache, object cache, content delivery network and browser cache options, i use all of those except the content delivery network, load times are improved especially for people visiting your site for a second time, if you have APC, eAccelerator, XCache or Memcached then this plugin can utilise them and is compatible, this plugin works for shared hosting or dedicated hosting including VPS servers.

 2) Google XML Sitemaps – A sitemap is good for SEO purposes as Google can visit and see all your content easily, this is one of the best, there are basic and advanced options and you can exclude certain categories from the sitemap if you so choose, you might also want to add a table of contents creator plugin to your front page and thus have a sitemap for your visitors to find all your content in one place, this though is an invaluable plugin for getting your site indexed in browsers.

 1) WP MalWatch – This plugin can be set to scan your WordPress site each night and if it finds new htaccess files, hidden files or new php files it can give you early warning about your site being hacked, this will enable you to locate malicious files quickly and fix your site, this would be used in conjunction with your normal site backups and would be of enormous help in getting your site back up and running quickly after a hackers attack, obviously you would still need to investigate how they managed to get into your site and try and close the loophole but still this plugin is of great help in fixing whatever they did to your site.

Other WordPress plugins which you may want to use are WordPress mobile plugins, many people access sites on their phones and on the basic phones this type of plugin would be of benefit, something to be aware of is that too many plugins will slow your site down and some plugins are not compatible with the latest edition of WordPress, ok you may not want to update to the latest edition of WordPress, big mistake, security holes exist in older versions and you should always update for that reason alone.

Another thing to remember is this, let's say you once had 40 plugins installed but de-activated and uninstalled 25 of them, you might find your site is still slow, the reason is that these plugins could still be in your database, i actually go into phpMyAdmin and the options table and delete these orphaned entries, some are still set to autoload despite the plugin files being deleted off the server, i highly recommend you delete all the entries from the database after you delete a plugin because many entries will still exist in there and de-activating the plugin from within your admin does not delete them.

I hope this WordPress plugin list gives some people help and inspiration, if you need help with the settings on any of the plugins i have listed you can find great advice at the wordpress forums.