The 3 WordPress Plugins We Can't Live Without
We’ve recently started working heavily with WordPress. What became quickly apparent was that there are some must-have features (for us at least) that don’t come with a vanilla WordPress installation.
WordPress SEO by Yoast
I was surprised to discover that WordPress has no built-in support for basic SEO related tasks such as customising the meta title or adding meta descriptions to posts or pages. The web today is driven almost entirely by search, which makes this omission all the more glaring.
The WordPress SEO by Yoast adds support for many SEO-related tasks, including the basic meta tag editing on a per-page or post basis, adding site-wide social metadata and connecting your site to external search tools such as Google Webmaster Tools.
WordPress SEO goes further, adding advanced features like focus keyword analysis, breadcrumbs & XML sitemaps just to name a few.
All in all, a fantastic plugin.
WordPress is used by 74.6 million sites. 74,652,825 to be exact (as of February 2014, source). This number is astounding, but unfortunately paints a huge target on all WordPress sites.
There are many thousands, if not millions of malicious ‘bots’ that trawl the web searching for insecure WordPress sites, looking to expose any number of obscure vulnerabilities. If one of these bots stumbles upon your site, manages to find an unpatched vulnerability or a weak password and is able to exploit it you could suffer data loss, defacement, or your site could become yet another troop in a larger army of ‘zombie’ servers run by malicious groups.
WordPress has made great strides in recent years as far as keeping installations up to date and patched in the form of auto-updates. This has you covered (for the most part) against unpatched vulnerabilities.
That still leaves weak passwords, and this is where Wordfence comes in. Wordfence adds a feature known as ‘brute force protection’ to your WordPress site. When attackers try to guess your password, they will typically have software that attempts to log in with a list of dictionary words and known common passwords. The software tries to login over and over, using a different password every time. This process is known as ‘brute forcing’. Wordfence can detect these brute forcing attempts, and prevent them from progressing.
Wordfence also adds in features such as protection from known malicious IP addresses, two-factor authentication and site scanning.
And to top it all off, Wordfence comes bundled with a very fast page-caching feature, ‘Falcon’, which can dramatically speed up your WordPress site.
Advanced Custom Fields
WordPress is an excellent blogging platform. It’s popularity has led to it’s use as a more general purpose Content Management System.
However, WordPress, unlike many more fully-featured systems, is not quite designed to be a CMS out of the box.
The biggest hindrance that we’ve found when developing full websites to run on WordPress is the lack of control over sections within a single post or page. There’s only one ‘content’ editor available per post. Short tags are very useful, but not super user-friendly.
We wanted to be able to define sections, and the kinds of content that can go in them, and then add additional controls to the editor to handle this additional content in a user-friendly way.
This can be achieved by extending custom fields and meta boxes in your own plugin. But who has the time!
Enter Advanced Custom Fields, or ACF.
ACF handles the situation described above – you can specify as many different fields as you want, in as many ‘sections’ as you want, and enable them per page (or even enable them based on a mix of conditions). There’s a simple API to include these fields in your templates to fit into even the most complicated design. Simple.
ACF includes many different field types, such as plain text, select boxes, image pickers, even full WYSIWYG editors.
This is the big one – we absolutely could not live without ACF.