Whether you’re speeding up your website or handling basic maintenance, casting a skeptical eye towards your collection of plugins is a healthy habit to hold.
Why should you question the plugins on your website?
Plugins are bits of code that perform extra functions that do not come with vanilla WordPress. Plugins range from tiny tasks like inserting a line into your website’s footer (Genesis Simple Edits) to huge tasks like providing a template builder (Divi, Beaver Builder, etc.) and backing up your website (UpdraftPlus, VaultPress, etc.).
As a result, plugins can perform widespread changes to your website, including making many database calls to get data or making drastic formatting changes. This can make your server work much harder or cause the user’s browser to slow down when loading your website.
Why auditing plugins is not so simple
Upon a quick Google search about how to speed up WordPress, I came across a smattering of articles asserting various unsubstantiated claims.
For shared or budget cloud hosting, stick between 0 and 5 plugins.Source: Torque
Rebuttal: Why 0 and 5? Why not 2 and 10? And really, zero plugins? Why use WordPress then considering the plugins ecosystem is one of the biggest advantages of the platform?
Avoid these 35 WordPress plugins and your site will load faster.Source: Online Media Masters
Rebuttal: How did they come up with these 35 plugins? Furthermore, some, like the Broken Link Checker, are “back-end” plugins that you can turn on to find broken links but then should turn off after fine-tuning your website. You wouldn’t leave these plugins running all the time.
Despite throwing these folks under the bus, the Torque article has reasonable explanations about the security risks of outdated plugins and the importance of eliminating redundant plugins. Similarly, the Online Media Masters article provides guidance on how to use GTMetrix to figure out which plugins are slowing down your website. But it’s frustrating to get contradictory advice. Compare the claims above to this insight from WP Engine:
I chatted with Pippin Williamson, the developer of Easy Digital Downloads, because he’s one of the active WordPress thought leaders who runs a high number of plugins, and they load quickly. PippinsPlugins.com runs 81 in total, and EasyDigitalDownloads.com runs 83…He explained to me that the trick isn’t how many plugins you have, but what operations they need to perform in order to render your site in a visitor’s browser. Most plugins are pretty simple, but some will perform complex actions that are “expensive” in terms of backend processing, and will slow a website down. In other words, you could have a quickly loading website with 80 plugins, and add a single, complicated plugin and lose half a second (or more) of loading time!Source: WPEngine
Suffice to say, there’s no consensus about how many plugins are too many or a clear idea of which are the bad apples.
How to audit WordPress plugins
When I read the advice from WPMU DEV to check your website’s speed, then deactivate each plugin one by one, and then check the website’s speed after each deactivation, my eyes almost bulged out of my head. If I have 20+ plugins on my website (let alone 80+!!!), who has time to deactivate each plugin and check the page speed?!
I would love a plugin that can profile my website and tell me exactly which plugins to delete and which to fine tune. I don’t have that tool today (maybe someone will bring the now-defunct P3 (Plugin Performance Profiler) plugin back to life).
Note: If you know of a tool to check how plugins impact a website’s performance, please share in the comments below.
For today, here are the 3 quick solutions I’ve found for auditing my list of WordPress plugins.
1. Write down each plugin and its functionality
When noting each plugin, I categorize whether it’s a “must-have”, “nice-to-have” or “delete” plugin. Here’s the beginning of my list:
- Akismet Anti-Spam: moderate comments (must have)
- Contact Form 7: contact (must have)
- Contextual Related Posts: related posts (nice to have)
- Easy Affiliate Links: manages affiliate links (nice to have)
- Genesis Simple Edits: footer text (delete if replace function)
- Imagify: compress images (delete if replace function – look into Shortpixel)
2 Factor Authentication: 2FA login (should be must have but not using…delete or turn on) miniOrange
- Redirection: redirect changed URLs (must have)
- Social Warfare: social sharing buttons (delete and replace – bad news about the organization’s botched upgrade in 2018)
- Social Warfare Pro: premium version (delete)
- TablePress: makes HTML tables (nice to have)
- UpdraftPlus: backups (must have)
- WP Recipe Maker: recipe template and markup (must have)
- Yoast SEO: SEO helper (must have)
Voilà, this exercise auto-magically reveals which plugins to keep, delete, and replace.
2. Root out duplicates
Duplicates aren’t always obvious. For example, I used to have duplicates, like Yoast SEO and Google XML Sitemaps. I got rid of Google XML Sitemaps after discovering that Yoast SEO provides a sitemap feature. This duplicate wasn’t only bogging down my website but it could have confused Google and hurt search results.
If you have a multi-purpose plugin with lots of functionality like
3. Finding alternatives
Did you install dozens of plugins to get running as quickly as possible when you built your website? And now you’ve grown your WordPress skills, is it time to get rid of this bloat?
For example, I need to delete Genesis Simple Edits because now I know I can add the footer text into my theme. The Gutenberg Customizer made it even easier to control this type of UI change.
For Imagify, I no longer subscribe to their annual subscription service. I don’t know if the plugin is still compressing images. But before deleting it, I need an alternative which is why Imagify is still around. There are free alternatives, like
Be careful if you code functionality into your theme to replace a plugin.
Once you change themes, any custom code in your theme is deleted. If it’s a UI change, like the footer text, coding the function into a child theme makes sense. But if it’s a site-wide feature, independent of themes and styling, like redirecting URLs, then a plugin is more suitable.
4. Finally, is it adding value?
After several months, I deleted the plugin because I never used it again after uploading my SVG logo. I don’t have contributors who upload content to my website so there was no SVG security threat. Plus, I could always use FTP or SCP if I needed to upload an SVG icon.
My 2-factor authentication example encapsulates the challenge with plugin maintenance. There’s always a tension between ongoing maintenance and laziness especially as needs change over time.
My current approach is to put it off — even write blog posts about auditing plugins — to avoid the hard-work of decluttering my own website.
I wish you greater fortitude and perseverance than I have. If nothing else, this post has served as a good kick in the bum to take my first baby steps towards