9 Best Plugins For Your WordPress Website

WordPress is by far the most popular content management system on the web today. Almost 25% of all websites are powered by WordPress. That far exceeds numbers for Joomla, Drupal and even the older DotNetNuke content management systems. But the power of any content management system is its ability to grow beyond its original design by the use of themes and plugins. Below, we’ve outlined some of the our favorite plugins that we use on client projects and how they can make a difference in your website.

Formidable Pro

Almost every website needs a way for customers to contact them. Openly adding your email address to your website can work in some instances, but that allows spammers access to your email address and can lead to increasing amounts of spam received every day. The best solution is to use a contact form to collect information and email it to you. There are many free and commercial solutions available to help you build simple and complex contact forms. Our personal preference is Formidable Pro.

Formidable is a full-featured contact form building system that goes beyond many standard plugins. Probably the best feature of this tool is the fact that you can build your contact forms by using its drag and drop capabilities making it incredibly easy and efficient to create and maintain your contact forms.

The plugin offers full support for conditional fields which allows for truly dynamic field display based on customer responses. This allows you to dynamically add additional fields to your forms based on the responses of other fields. In addition, you can even specify email recipients and even send additional email responses based on customer selection in emails. For instance, if you wanted to send an email to a specific individual in your office, if the customer says that they are interested in a certain product line or service, you can do that with Formidable.

You also get full control over the styles and layout meaning you can create beautiful, responsive forms that tie into the overall design of your site. And all your contact form submissions are automatically saved in your WordPress database before any emails are sent offering the security that you won’t miss any form submissions.

Apart from the plugins intrinsic features, is their API support. Formidable Pro includes a whole suite of hooks that can be used to dynamically manage data and submissions. So if your developer needs to do something with the data after the form has been submitted, they can build something that ties into Formidable Pro and extend the functionality. For, instance, we built a plugin that ties into the Formidable Pro API for our friends at VacationCRM to allow their customers to build dynamic contact forms that then send data directly to their CRM API.

You can check out Formidable Pro here. Pricing is very affordable (currently $47 for one site).

Visual Composer

WordPress is a very flexible content management system, but it too has its limitations. For instance, the WordPress editor was designed to handle very basic text or html-based content. An exception was made to allow shortcodes within the WordPress editor to allow theme and plugin developers to give extra capabilities to those using WordPress such as multi-column pages, image galleries, html and javascript coding. This is where Visual Composer entered the arena.

Visual Composer revamps the old WordPress editor model by giving end users the ability to design the layout and content of their pages using advanced choices that would be extremely difficult within the standard WordPress editor environment. Visual Composer is a premium plugin that includes a number of advanced features such as multi-column layouts, drag and drop layouts, jQuery elements like tabbed layouts and accordions, custom button types, custom header styles using Google fonts, content dividers, charts and so much more. They’ve even built an ecosystem within their plugin that can allow you to add custom shortcodes into their interface and they even allow plugin developers like Woocommerce to build custom shortcodes into their system allowing the plugin to adapt to changing needs.

Best of all, the layouts that you build with this plugin are responsive so you can accommodate browsers and devices of any size or type.

You can check out Visual Composer here. Pricing is also very affordable (currently $34 for one site).


For a WordPress site, the issue of security can’t be ignored. Due to the increasing popularity of WordPress-based sites, there’s been an incredible increase in the number of attacks against WordPress sites. As an example, check out the growing scale of brute force attacks against WordPress sites that are logged using the Sucuri plugin. A lot of these attacks are hackers attempting to use random passwords to gain access to a WordPress site, but website hacks can come in other ways too. For instance, having invalid file permissions can allow hackers to gain access to specific files on your WordPress site and re-write or even install bots on the server your website is hosted on. Others can come in the form of cross-site scripting or XSS as it’s more informally called. This is why having your website security audited and patched is something that every business or website owner should always consider. Along with maintaining a secure, up-to-date environment on your website by ensuring that WordPress and your themes and plugins remain updated, you should consider a dedicated security plugin for your WordPress site.

This is the purpose of Sucuri. Sucuri is a full-service security audit, website application firewall (WAF) and malware prevention plugin. Their free plugin allows you to harden the security of your WordPress site and monitor activities on your server, such as file changes, logins, failed logins, plugin and WordPress core updates.

Their premium plugins allow you a lot more protection and should seriously be considered. Their website application firewall (WAF) helps to protect your website against XSS, SQL injection, brute force attacks, etc; while their anti-virus plugin protects your website from malware and anti-viruses that can cause your website to become compromised or used to attack or spam other servers.

Some web hosts offer the protection of Sucuri, but not all do. Other web hosts offer services similar to Sucuri, so a lot of times this is a decision to best make when you’re first setting up your website, but if you’re not sure, it’s always a good idea to at least use their free plugin to harden and protect your website from would-be hackers.

You can check out their plugin here. (As a side note: We personally use Sucuri on all websites hosted on our own server and we highly recommend it).

Yoast SEO

Every good website needs to focus on SEO. Unless you’re not overly concerned with generating leads through search engine traffic, you need to make sure that your website is optimized to market the right keywords. While the art of SEO is a lot bigger than what can be included in just one post, there are tools that can help make the process a little easier. That’s the goal behind Yoast SEO. Yoast is an easy to use and easy to configure SEO plugin that also has advanced capabilities. The plugin allows you to set the default global settings for your entire WordPress site, including the page titles and then gives you the ability to modify that for each page, blog post and custom post type.

Yoast SEO is also different than other SEO plugins in that it allows you to choose a focus keyword for each page and blog post and then helps you to make sure that focus keyword is included in your content and meta tags. This allows you to make content decisions based on the overall score for each post and page.

In addition, the plugin has support for generating XML sitemaps for submitting content to search engines, better permalink support for mis-matched URLs, functions to reduce code bloat in the head section of your theme’s html and even an API that can be utilized to build advanced functionality within your theme or plugins.

W3 Total Cache

Since the dawn of the modern web, it’s always been extremely important to have a fast loading site. I’m sure everyone can remember the frustration of having to deal with a slow website when they were on dial-up internet, but as the functionality and imagery have evolved over the past few years, it has become more important than ever to pay attention to how fast your website loads. It’s now so important that even Google includes it as a search ranking factor. In later posts, we’ll explore this and how you can focus on speeding up your site, but for now, we’ll highlight just one of the tools that we use to help improve the page load time on our client’s website.

W3 Total Cache is a plugin that enables your site to take advantage of modern caching tools. Caching is a method of storing resources and information in various methods for later retrieval that can speed up the loading process of a site. For instance, say as part of your website, you’re using an image slider or a pop-up box to act as a call to action. Many of these resources rely on javascript and CSS functionality to create these effects and make your site more dynamic. And many of the JavaScript and CSS resource files that power that functionality don’t change very often. This is where caching comes in. Caching allows the visitor’s browser to store those JavaScript, images and resource files for a short time while they’re visiting your site, so that when they visit multiple pages your server can send a 304 Not Modified response to the visitor’s browser and if they have the resources saved locally and it hasn’t expired, their browser can load that resource instead of the one from the server making the site load much faster.

There are several caching methods that you can enable within W3 Total Cache and the browser caching is just the tip of the iceberg. You can also dynamically minify the CSS, JavaScript and HTML that is served by your website so that it takes less time for the browser to download it from the server. You also have the control to enable Database and Object Caching allow site resources to load from a CDN if you currently use one.

Editor’s Note: Depending on what plugins you’re currently using or how your website’s theme is written, minifying your CSS and JavaScript can cause your site design to break and load improperly. This does happen from time to time and is usually fixed by disabling the JS or CSS minification. There are also other plugins that can allow you to control which CSS and JS files you want minified if you need advanced control.

Also, as a side note, there are some web hosts that will not allow you to add this plugin to their site as it overrides the caching system that they have in place. If you have questions about if it’s possible, you can always contact us and have us check it out. We’ll be delving into some advanced topics in browser caching including some limitations with existing web hosts in future blog posts, so stay tuned.

This is a free plugin. Click here to download the plugin from the WordPress repository or add it easily from your WordPress admin.

WP DB Backup

One of the most often over-looked necessities for any website is a good backup system. There are a host of options out there and a lot of web hosts offer automated backups of your websites and databases as a security measure. However, not all web hosts are the same. We’ve seen web hosts that will only keep a backup of a website for 24 hours before it’s removed (which poses an issue if you notice a problem with your website after that initial 24 hours because then you have nothing to restore from). This is the primary purpose of WP DB Backup. This simple and light-weight plugin allows you to do an on-demand backup of some or all of your WordPress websites database tables (for those who may not know, WordPress is a self-hosted website application that relies on the existence of files on your hosting account and a database where all the website settings, blog posts, page content, etc are stored. Losing your database or having your database crash would cause your website to no longer load). We use this plugin on a day to day basis with our clients where we do an initial backup of their WordPress database and then we have regular automated backups of the database based on a set schedule. This is an automated utility that can then be stored on your server or emailed to you if the file is small enough.

This is a free plugin. Click here to download the plugin from the WordPress repository or add it easily from your WordPress admin.

Security Ninja

Security Ninja is a premium plugin that runs a series of tests on your WordPress site to find security vulnerabilities that need to be addressed. Once the scan has been run against your site, it gives you a detailed report as well as code snippets to use to fix the issues with your site. This report can be helpful in fixing issues that could cause your site to be hacked by either brute-force hackers or script kiddies and it’s a great plugin to run in addition to the Sucuri plugin that was outlined earlier in this blog post.

They also have a Core Scanner plugin as an add-on that can scan your WordPress installation to find files that might have been modified by hackers and then repair those files.

We’ll be writing an entire series of blog posts dedicated to security vulnerabilities and how you can best protect your websites in the future and we’ll be outlining how to use this plugin in depth soon.

You can check out Security Ninja here. The pricing is very affordable at $12.


To anyone who’s familiar with blogging and managing website comments, Disqus is a familiar brand. WordPress comes pre-packaged with a commenting system that allows visitors to comment on blog posts and pages (although myself and most marketing firms out there will always recommend not enabling commenting on any of your regular website pages). However, the WordPress commenting system is an isolated system that is tailored to manage comments on only your website and isn’t interconnected with other platforms or other blogs.

This is where Disqus comes in. Disqus is a free plugin that replaces the WordPress commenting system and allows you to use your existing social accounts as a login mechanism to the Disqus web service where you can tie your existing social accounts to comments that you make on blog posts. WordPress would ask you for a name and an email address to comment on a blog post, but those can be completely fake. With Disqus, you have a profile that is automatically recognized on any website that uses the Disqus commenting system. This skips the request for your name and contact information and allows you to immediately add a comment to a blog post.

For the website owner, it can not only help eliminate comment spam (which is generated by spam bots, hackers and sometimes sales people), but enables comment moderation as well (which you would already have with the WordPress commenting system.

Lastly, and probably more important than being a commenting system, Disqus is a network of blogs. If you log into your Disqus account, you’ll immediately be shown a network of blogs that are using the Disqus plugin. When you enable the Disqus plugin on your site, you can add your own blog to this network allowing for your blog content to be discovered by others who may be interested in the content you’re creating.

Disqus is free to add to your website. Click here to check it out or add it to your site through your WordPress admin.

Google Analyticator

Anyone who’s ever owned or created a website is familiar with Google Analytics. It’s a free service provided by Google that gives you a whole suite of tracking tools to monitor your site and what visitors are doing to get to your site as well as what they’re doing when they’re on your site. Google Analyticator is a free plugin that effortlessly allows you to add the tracking code to your WordPress site as well as enables the connection of your WordPress site to Google Analytics through the Google API for advanced functionality.

In addition to connecting your site with Google Analytics, you get full control over the code generation and additional variables that are shown with the code as well as event tracking and dowload tracking. Plus, it also had admin level filtering, which means that it can completely filter out any false traffic on your site that’s generated by you as you’re editing and previewing blog posts.

This plugin is free to download. Click here to download it or add it to your site through your WordPress admin.

Do you have a plugin that you prefer that wasn’t highlighted in this blog post? Write to us in the comments below and let us know and maybe we’ll highlight it in a future blog post.

Editor’s Note: There are affiliate links contained within this blog post.