Plugins are used to boost website security and to add functionality to WordPress websites. But just as they can be a great way to improve the power of any website, they can also create problems for an existing website. Installing plugins should therefore be done with care in order not to cause security problems especially for well established websites with huge content.
Imagine losing a website you have built for 10+ years with over 10,000 articles simply because of a bad plugin you were installing. That is a huge cost and will definitely impact traffic and rankings negatively. In this post, we examine why a plugin installation can be a problem for a WordPress website and how to prevent such a problem. But what if the problem occurs, what should be done to rectify the damage? All of these are addressed in this post.
Further reading: Top 5 Security Issues with WordPress and How to Fix Them
First, let us begin with an understanding of what WordPress plugins really are.
What Are WordPress Plugins and Why Do We Need Them?
A plugin is a piece of software containing a group of functions that can be added to a WordPress website. Essentially therefore, what plugins do is to extend the functionality of your WordPress website. The use of plugins have been very helpful for WordPress users, especially beginners without any coding experience because a plugin just implements the functionality without creating any problems. Wait, did I say any problems? Well, the fact is that ordinarily, well coded plugins will not create problems. Unfortunately, not all plugins are well coded and so there could actually be problems associated with the use of some plugins.
Generally speaking, the following reasons justify the use of plugins on a WordPress website:
As mentioned above, most WordPress plugins are free. There could be a paid version which allows more functionality but in most cases, the basic use for the plugin can be put allows you to have it free. This creates the temptation of installing as many plugins as possible. Installing as many plugins as you can have is not a problem but is actually unnecessary. This takes us to the question of which plugins to install:
Which WordPress Plugin Should I Install?
Your decision to install a WordPress plugin should depend on your research and answers to the following questions:
- When last was the plugin updated?
A plugin update is important to evaluate the safety and compatibility of the plugin with your WordPress version. If for instance, your plugin was updated about a year ago and within that period, there had been newer versions of WordPress, then using that plugin would most certainly create vulnerabilities. You must always consider the update time and ensure that the plugin you are running undergo regular updates. This is because if you run a recent version of a plugin but you find out that the plugin itself does not get regular updates, it is likely that your subsequent upgrades will be done without a corresponding update from the plugin developer.
- Is the plugin compatible with the version of WordPress you are running?
Just in tune with the point made above, incompatible plugins are the biggest problems of WordPress websites. In an analysis by Sucuri on causes of website hacks, Sucuri found that incompatible plugins remain the top reason for successful hacks against WordPress. This point is very important and should be taken very seriously.
- Is there any technical support for users?
After installing some plugins, you may have problems with configuring the right settings and will require support. Check to see that you can get the desired technical support.
- What comments are people making about the plugin based on their experience?
This may be the most critical of all the factors you should take very seriously. You should be careful, take your time to read every comment and evaluate them seriously in relation to your own situation. Do not simply accept every negative comment to be true but reexamine them to be fair and then give your judgement.
- A Tarnished Developer Reputation
Before you install a plugin, you must consider the reputation of the developer. You do not necessarily need to know who the person is and some other personal details about them but you need to check and confirm that the developer has a good reputation and is not associated with dubious codes.
- The Plugin Is Deemed Unsafe
If your investigation on the plugin reveals an explicit mention that the plugin is not safe, then we recommend you avoid it. There are lots of things that could make a plugin to be unsafe but the concern here is an explicit mention by a user declaring the plugin as unsafe.
We will now attempt to explain how and why answers to these questions are important in the decision to install any WordPress plugin on any website.
- The Ratings Aren’t Great
Be careful with installing any plugin without a good and impressive rating. Ratings and reviews are really important.
Basic Guide to WordPress Security
Effect of Plugin Update on Your Website
According to Sucuri, most WordPress hacks occur due to failure to update plugins. Generally, you also will find that WordPress hacks are also caused by failure to update WordPress core and themes. But our focus here is on the plugins. WordPress itself warns against plugins that have not undergone any update in 2 years and will remove such plugins from its repository. When you fail to check a plugin status and update accordingly, you run the following risk:
- The plugin itself could have been updated by the developer
- the plugin could no longer be compatible with the current WordPress version
- A bug could have been fixed in the old plugin, making a new one available.
So you can see that checking for plugin updates is very important not just for your website’s improved performance but also for its security. Now there are a couple of things to do before you ever embark on any kind of update on your WordPress website or any other.
Ensure you have a safe backup. This is extremely important and may be the best decision you ever make if there is a disaster and you are unable to find a fix. The one thing you can do is to return your website to an earlier date. At least from there, you can start all over again.
Preserve any modifications: You could have had some custom coding, we have a lot running on the site we build. You will have to preserve them so you do not lose them to an update.
Always update themes and plugins first: Do not update WordPress before you update themes and plugins. The reverse should be the case.
Re-consider your plugin choices: Every WordPress update comes with enhancements and some of them add the functionality of some plugins. You need to consider WordPress enhancements and evaluate that in relation to any plugin functionality that has been added to WordPress core. You may just not need the plugin anymore.
How Does a Plugin Installation or Update Break Your Website
The fact is that plugins are not always perfect. It does not matter whether you got it from the WordPress official website or from a well trusted developer, there could be a problem because it could conflict with another plugin or with WordPress itself. The result is that you could lose your customizations; your website could behave strangely and sometimes could lead to “White Screen of Death”.
What Next After a Site Breakdown
If you have suffered this problem before, you will understand how frustrating it can be to find an immediate solution. Never worry; there are a couple of steps you can take to fix the problem.
Restore an earlier backup. A backup is always the assurance you have when things get out of hand. If you have tried all fixes and nothing seems to work, simply ask your web host to restore your backup or do it yourself if your hosting environment permits.
If you have access to the WordPress dashboard, follow these steps to fix your site:
If you updated your plugins one at a time, then you should know which plugin has caused the problem.
Simply deactivate it.
Check the website if things are working fine. If everything works fine, completely delete the plugin and report the problem to the plugin developer. You can always get another good replacement for the plugin if you choose to have the functionality on your website.
If you do not have access to the WordPress dashboard, follow these steps to correct the problem:
Access the file structure of your site by using either ftp (preferable) or your host’s file manager.
Locate the plugins folder. It should be located at wp-content/plugins and all of your plugins will have their own folder within that plugin folder.
If your update was done one at a time, then it should be easy for you to locate the plugin that caused the problem. If you have updated just one plugin, then finding the culprit should be much easier.
Once you locate the problematic plugin, deactivate it by deleting the plugin’s folder.
Now, test the website to see if everything is working fine.
Contact the developer and report the problem and get a replacement from the WordPress repository.
More stories from our blog::
The Incredible Power Of Reseller Hosting
What If This Fails to Work?
There is still a way out if you are unable to find a solution from the steps outlined above, there are still some things you could do:
The first thing you will need to do is to deactivate the WordPress theme you are using and switch to the default theme. WordPress will always work with no theme activated. If that does not fix your problem, then you are likely to have a corrupted WordPress and you will simply have to redo the update of your WordPress installation using FTP. That should address your problem.
Warning: If you have made changes to your images by way of overwriting default images, you will need to delete your images folder before overwriting your WordPress files in order not to lose the changes you have made to your images.