After designing and developing several WordPress websites, I have found several plugins that can be used on almost every project. Below is my personal list of 14 must have WordPress plugins that I use on almost every website:
Customization & Appearance
1. Admin Customization
This plugin is a must for me on every single WordPress project. It allows you to change the appearance of your WordPress back end. The plugin allows you to:
- change the back end favicon.
- change the back end logo.
- hide the admin logo text and / or logo image.
- change the logo text font size.
- change the login page logo with a logo of any width.
- change the admin footer text.
- disable dashboard widgets.
- hide update notices and plugin update count.
- turn on redirection to homepage on administration panels logout.
Admin Customization is perfect for the fine tuned details of personalization and removal of all WordPress reference.
2. Auto Thickbox
This plugin automatically enables thickbox on thumbnail images (i.e. opens the images in a fancy little pop-up). There is no extra coding or shortcodes involved, just insert the image and activate the plugin.
3. Conditional Widgets
Conditional Widgets grants users advanced control over which pages and categories each widget is displayed on. Example: On our blog page, there are unique widgets for Live Chat and Tag Cloud.
4. Custom Contact Forms
This one was a little tricky to figure out. But once I did, I found out how powerful this plugin really is. It allows creation of required fields, dropdown selections, checkbox & radio groups, character restrictions, max length, initial values, etc, etc, etc.. Each field also has an instruction pop-up to guide the user through the process or to show validation results.
5. Login with Ajax
I have tried several different login widgets for WordPress and this is the only one that satisfies my needs. It avoids the default WordPress login screen (which we can customize with the Admin Customization plugin above), allows for custom widget title, restriction on registration, login without refreshing the screen, redirect to custom login or logout screen.
Some other features:
- AJAX Login without refreshing your screen.
- AJAX Registration without refreshing your screen.
- AJAX Registration Password retrieval without refreshing your screen.
- Will work with forced SSL logins.
- Customizable, upgrade-safe widgets.
- Redirect users with different roles to custom URLs
- shortcode and template tags available
- Widget specific option to show link to profile page
Search Engine Optimization (SEO)
6. HeadSpace 2
HeadSpace 2 is by far the best SEO tool out there for adding custom meta data to each and every post and page on your WordPress website.
You can configure meta-data for:
- Home page
- Author pages
- Search pages
- 404 page
You can define:
- Tags/keywords, with suggested keywords
- Page titles
- Custom ‘more text’
- Site name and site description
- Custom themes – change your theme on each page!
- Custom plugins – load a plugin only on specific pages
- Noindex and nofollow meta tags
- Follow/follow on archive, category, page, tag, and comment links
It also allows you to add:
- Google Analytics
- Google Webmaster
- Google section targeting
7. Google XML Sitemap
This plugin simply generates a special XML sitemap which will help search engines like Google, Bing, Yahoo and Ask.com to better index your blog. With such a sitemap, it’s much easier for the crawlers to see the complete structure of your site and retrieve it more efficiently. The plugin supports all kinds of WordPress generated pages as well as custom URLs. Additionally it notifies all major search engines every time you create a post about the new content.
8. SEO Auto Links & Related Posts
The auto links feature will automatically convert post title, meta keywords, and post tags found inside the blog posts into an internal link.
The concept is simple, instead of comparing all the blog post, it will only match the post title, meta keywords and post tags of the posts related to the current blog post. This will make the auto link process faster and require a minimum amount of resources. Therefore, it is safe to be use in a blog having thousands of blog posts.
For the related posts, you have two options here, to find the related posts base on post title and meta keywords or base on post title, meta keywords and post content. The post title importance is higher compare to the post content. And during the process, the plugin removes stop words from the post content to get the best possible related posts.
9. SEO Friendly Images
SEO Friendly Images is a WordPress SEO plugin which automatically updates all images with proper ALT and TITLE attributes for SEO purposes. If your images do not have ALT and TITLE already set, SEO Friendly Images will add them according the options you set. Additionally this makes the post W3C/xHTML valid as well.
ALT attribute is important part of search engine optimization. It describes your images to search engine and when a user searches for a certain image this is a key determining factor for a match.
TITLE attribute play lesser role but is important for visitors as this text will automatically appear in the tooltip when mouse is over the image.
10. Web Ninja Google Analytics
This plugin is highly configurable. With it you can add tracking to outbound links, download, and mailto links as well as see your stats from the past 7 days, 30 days, 60 days, and even 90 days.
11. Login LockDown
Login LockDown records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery. Currently the plugin defaults to a 1 hour lock out of an IP block after 3 failed login attempts within 5 minutes. This can be modified via the Options panel. Admisitrators can release locked out IP ranges manually from the panel.
12. Spam Free WordPress
Spam Free WordPress is a comment spam blocking plugin that blocks 100% of the automated spam with zero false positives. There is no other plugin, or service, available for WordPress that can claim 100% accuracy with zero false positives, not even Akismet. Manual spam is blocked with an IP address blocklist.
After recent attacks on a few sites I came across this. WP-MalWatch performs a security scan of your WordPress installation nightly looking for evidence of foul play and if WP-MalWatch finds it, a dashboard widget will tell you were you should take a closer look. WP-MalWatch’s detailed report also provides you a very easy interface for looking at the contents of these files right from within WordPress so you don’t have to get into messy FTP clients and editors looking at potential problems.
14. WP-Security Scan
WP Security Scan checks your WordPress website/blog for security vulnerabilities and suggests corrective actions such as:
- File permissions
- Database security
- Version hiding
- WordPress admin protection/security
- Removes WP Generator META tag from core code