This post may contain affiliate links (including because we participate in the Amazon Services LLC Associates Program). Full disclosure is here.

Here are WordPress plugin tips to get you started with plugins, all with a 5-point checklist to help you download safer plugins that won’t attack or break your website. After reading this, you will know what plugins are, why you need to be careful with plugins, and how to find good plugins to install. Now let’s plug into this!

Whether you’re backing up your content or adding optimized Pinterest graphics as part of your social media strategy, you will use plugins. With almost 55 000 WordPress plugins to choose from, you might get overwhelmed by it all.

Over the years, I’ve learnt a few strategies for finding amazing plugins that enhance my sites. But every now and then I hear about security breaches, where plugins cause BIG problems for WordPress site owners. Many had theirs shut down by a popular social share plugin recently, and many more had their ‘nofollow’ outbound links broken when WordPress updated its software and the plugins were no longer compatible.

There’s a lot to think about here. When you use a plugin, you’re putting code into the backend of your website and opening yourself up to attacks. Before downloading any plugin, be sure to check out the printable at the end this post to protect yourself from harmful plugins with five simple tips and pretty pictures.

What is a plugin?

A plugin is some code or software that you can ‘plug into’ your website. Each plugin adds some sort of functionality to your site. Once you ‘plug it in’ to WordPress, you can use that function on your site.

For example, some plugins help you protect your site from hackers, others allow you to insert text at the top or bottom of your posts (such as my affiliate disclosure at the end of this post). There’s probably a plugin for whatever you need or whatever you want to do on your site.

Are plugins free?

Some plugins are free, others you need to pay for. Some are free but ask for a donation for the creation and upkeep of the plugin. Sometimes you get a free plugin with certain functionalities and you have the option to pay for an upgrade to get more functionalities.

You can choose which plugins you want to add depending on what functionalities or features you need and your budget. Trust me, you will get excited to see what fun things you can do with all those plugins!

Where do you find plugins to download?

Just visit to look for plugins using the search bar at the top of the page.

Why choose a paid WordPress site?

I often see people asking if it’s worth paying for a hosted WordPress site instead of just using a free WordPress site. I’ve never seen anyone telling them to use the free WordPress option.

And I agree with that – it’s worth buying a domain and installing WordPress when you start your blog. There are endless reasons for doing this, but one of them is that you will be able to choose your plugins with a paid site!

If you go with a free WordPress site, you will only get the default plugins that are installed with all WordPress sites.

You see, free WordPress sites are kept on the WordPress server (a central computer system), and they don’t want any risky plugins breaking their server and taking down all the other sites. So they stop free users from uploading plugins.

My advice is that you pay for a domain (which is a good business and branding decision all-round), set up your security, and then follow my tips in the printable for choosing quality plugins to install.

Why should you worry about the safety of a plugin?

WordPress is open source software. This means that the source code is freely available and can be changed and distributed for pretty much anything. There are many benefits to having open source software for us all, but it does make this kind of software largely unregulated.

Nevertheless, WordPress is considered by many to be the most user-friendly and powerful blogging tool out there. It also happens to be the fastest-growing and most popular content management system today.


WordPress does check plugins that are submitted to the directory, but this isn’t an in-depth security check. And once the plugin is submitted and available to download, the creators can change the code.

What are the risks of using plugins?

The truth is that you won’t get away from using plugins (and you shouldn’t want to).

There will always be some risk involved, but it’s really quite simple to protect yourself. Just follow the steps I give you and keep your installed plugins updated.

Quality over quantity

Don’t be tempted to download every plugin ever created. This will slow down your site and put you at more risk of hacking.

The secret is quality over quantity – install high-quality plugins that really get the job done rather than many that may cause problems for you. Choose wisely.

Before you install any plugin…

…back up your website!

This is good practice whenever you make major changes or install software on your website. If you have issues after installing a plugin, then you can simply uninstall that plugin and use your backup to restore everything.

What can you use plugins for?

Plugins can help you with most functionalities on your WordPress site. Here are a few:

  • Search engine optimization (SEO)
  • Inserting text
  • Inserting adverts
  • Adding other media
  • Fighting spam
  • Inserting forms
  • Backing up your website
  • Building or changing your website design
  • Adding social share buttons
  • Planning your editorial calendar
  • Inserting tables
  • Inserting affiliate data

And many, many more!