The greatest strength of WordPress is also an enormous weakness. This refers to the many possibilities to extend the content management system, for example through additional themes or child themes, as well as through corresponding plugins. But it is precisely the extensions that often bring more problems with them than that they mean a benefit for their own platform.
Fewer plugins bring more performance and more security for your WordPress blog. Therefore, you should really only install absolutely necessary extensions. Plugins that bring real value to your visitors. Check every three months if you can delete a plugin.
For supposedly small functions, an insane amount of power is often necessary to realize them at all. Even more often, however, the plugins themselves are the problem, introducing security holes or creating an attack surface that wasn’t there before. For popular and particularly popular WordPress themes, almost the same applies, because there have often been copies that used certain scripts, which later revealed security vulnerabilities and had to be fixed accordingly. However, in such a case it only affects the one theme and not countless plugins at once.
So in this article I openly ask the question, how many plugins in WordPress are too much.
Is there a magic limit below which the CMS collapses? What are the advantages and disadvantages of many plugins in detail? Does a number exist above which the difficulties seem to inevitably increase? Let’s find out together.
Are more plugins always worse?
The rule of thumb with WordPress is that more plugins are always worse for WordPress performance than a few.
But is that true? Basically it is.
While of course it can’t always be said exactly that way, in principle every plugin also brings with it a degradation in performance. You will understand this if you think about the purpose behind the plugins again.
With an extension for WordPress usually new features should be added or extended. But every feature also costs performance.
Moreover, the more dynamic a website becomes, the more costly the processes in the background. And because with WordPress almost everything comes from the database, exactly that is often the bottleneck in terms of performance. Since the connection to the database server is often the first place that collapses under too much load, it should be spared accordingly.
More plugins are therefore generally worse than a few. To generalize this would not be correct, but is de facto almost always true when it comes to performance. After all, every plugin demands its performance.
The more extensive the function that an extension provides, the greater its demand on the server’s resources.
A very simple rule of thumb that everyone can remember:
Therefore, if you want performance, you should first disable the unnecessary plugins.David Keulert
Do plugins always bring security gaps and attack surfaces?
In principle, this can also not be generalized. Nevertheless, it is usually not WordPress itself, but an installed plugin, which contains a vulnerable security hole. Here, too, there is therefore the general rule of thumb that every plugin represents a potential security vulnerability. Always and completely regardless of what type of extension it is.
This rule of thumb is just as true as the one regarding performance.
Nevertheless, of course, not every extension for WordPress automatically creates a security vulnerability. Nonetheless, the past has repeatedly shown that it was plugins through which attackers could gain access to the respective blog. Only through a certain function or even malfunctions of the plugin are the further hacks then possible.
Because WordPress attacks are often automated, blogs are very often scanned for specific plugin directories or files. If the corresponding plugin is found, a direct attack on the respective vulnerability takes place. However, even scanning for such vulnerabilities causes server load, as I already showed you in my article Security Plugins for better performance.
The security problems of some WordPress plugins therefore cause a significant deterioration in performance. Especially because the automated accesses increase sharply and thus the load of the server is unnecessarily driven up.
A question that must be asked
Accordingly, the one question you need to ask yourself is the question of the respective added value of an extension. It’s not so much about frantically getting rid of or disabling all plugins. If a plugin makes your blog better or helps your visitors, it definitely has a right to exist. It’s about the one crucial question you need to ask yourself with every extension:
What does the plugin really do for me?
Ask yourself this question about every plugin. Really every plugin! And every few months anew, after all, a lot can have changed in this time
Then think about what brings you and your users an actual added value. Does the plugin enrich the website? Does it improve it in any way? Is this improvement essential or just some gimmick that no one would really miss?
Especially beginners tend to get excited about everything when it comes to WordPress. A plugin for snowfall in winter, prettier tables at the push of a button, a custom player for YouTube videos, and so on. None of it is actually necessary, and none of it makes your blog decisively better in any way. So why take the security risk and risk an unsightly performance loss.
Just for such a gimmick? It’s not worth it!
Always ask yourself about the actual added value of an extension.
Learn to do without as a lesson for more performance
In the end, the trick is to educate yourself not to fall for all temptations all the time. Just because plugin X promises this, and plugin Y that, doesn’t mean you have to install it.
It is the typical consumer behavior, which we also know from the real world. Someone creates a need that didn’t exist before, whereupon everyone thinks they have to satisfy this need as quickly as possible in order to be happy again. The fact that this is at the expense of performance and security then no longer plays a role and falls under the table. But it should not!
Conclusion: Fewer plugins
What my recommendation is for you and what I really want to ask you, is to ask yourself with every plugin, if you absolutely need it right now. What distinctive value does it add to you or your visitors? What does it do that makes you want it right now.
If you can’t answer this question immediately and sensibly, but have to search for answers first, you should delete the extension right away.
Then it lacks the clear added value.
Best WordPress Hosting
Hosting recommendations are usually garbage.
Often extremely cheap hosting packages for $ 3 are recommended, others advertise a $ 100 VPS, because they earn the most as an affiliate thereby. In the end, we all just want the fastest possible web space for as little money as possible.
And optimized for WordPress!
What else is important? The server should be a fast backbone for your website and the support should answer as fast as possible, and preferably in your language.
You can get all this at Cloudways from $ 10,00 / month.
Above all, always be aware that any plugin comes at the cost of security and performance. There is no extension that does not affect these areas.
Therefore, every plugin also has a potentially negative impact on the performance of your website. Sometimes it’s worth it because a very important feature is integrated. Every now and then, however, which is much more often the case, they are merely useless gimmicks that, upon closer inspection, are completely irrelevant to your website.
If you want performance, you have to learn to do without.