It’s been an exciting few years to be a WordPress web designer:
- In December 2018, WordPress 5.0 launched with its own native block-based editor, named Gutenberg, replacing its long-used Classic Editor.
- In January 2022, the new Site Editor was added in WordPress 5.9. Site Editor allows administrators to design and edit templates, template parts (like headers and footers), and sitewide styles.
- And on May 27, 2023, WordPress celebrated its 20th Anniversary!
Since we build our websites on WordPress—the platform trusted by a significant percentage of websites worldwide—we thought it was about time to update our list of must-have plugins!
Why install plugins?
One of the reasons WordPress is the most popular website builder in the world is because it’s flexible and extensible. The vast array of WordPress themes and plugins allow users to build websites for any industry with pretty much any functionality.
Plugins let you add functionality to websites depending on your needs. As you’ll see in our list, you can install plugins to enhance the design of your website, add forms for your visitors, boost your website security, and more.
However, with more than 55,000 plugins available, the plugin library can be daunting—even for the most experienced WordPress creators.
How do I choose a plugin?
Once you decide on what functionality you need from a plugin, the first rule of thumb we use when deciding on which plugin to use is how many active installations it has. If the plugin has 1+ million active installations, then it’s probably safe to use. If the plugin has less than 100,000, we urge caution. That’s not to say plugins with less than 100,000 installations should never be used. In fact, we’ve made recommendations to use plugins with as few as 300 installations, but typically, the more people who use the plugin, the more you can trust it.
Additionally, you should check if the plugin is compatible with the most up-to-date version of WordPress, and when the last update was made to the plugin itself. WordPress.org does a nice job of letting you know if the plugin creator seems to have stopped supporting the plugin, which means there are certainly security vulnerabilities and the plugin might not be compatible with future WordPress core updates.
What are some must-have WordPress plugins?
There are several WordPress plugins we recommend no matter what industry your business is in. These plugins will help with your design, user experience, SEO, site speed, security, and more.
Design and Functionality
1. GenerateBlocks
GenerateBlocks adds six essential blocks to your Gutenberg editor, catering to intermediate and advanced designers. It provides precise control over your site’s layout, including features like containers, grids, and more. With the Container block, for example, you can create CSS Grid or Flexbox-based layouts for your WordPress site—all within the Gutenberg editor.
With this plugin, you can fine-tune element sizing, spacing, typography, and colors, empowering you to create visually appealing layouts for your website.
Price: Free
Where to download: https://wordpress.org/plugins/generateblocks/
2. Blocks Animation: CSS Animations for Gutenberg Blocks
Blocks Animation is an excellent plugin that adds animation options to your Gutenberg blocks. With a wide range of CSS-based animations to choose from, you can enhance the look and feel of your website. You can select the animation type and timing for each block in the Animation section that this adds to the block editor. Available animations include fades, slides, flips, bounces, and more.
Animations not only add visual appeal but also draw attention to key information, creating a captivating user experience. (However, remember to ensure your site remains accessible to all users, as visual indicators alone may not be sufficient.)
Price: Free
Where to Download: https://wordpress.org/plugins/blocks-animation/
3. Contact Form 7
Contact Form 7 (CF7) is the most popular contact form plugin on the market. In almost every circumstance, it gets the job done. You set up your contact forms in the WordPress backend then use the CF7 block or shortcodes to embed your forms anywhere on your website. You can require certain fields, customize the layout through HTML and design through CSS, and get emails with attachments delivered directly to your inbox. You can also send confirmation emails to your website visitors who fill out the form.
It also comes with built-in integration for PayPal and Stripe, allowing you to accept payments through your website. Plus, many other WordPress developers have created their own plugins that extend CF7’s functionality, including one that sends form data to Google Sheets.
There are more visually appealing drag-and-drop contact form builders on the market, but when it gets down to it, CF7 is all you really need.
Price: Free
Where to Download: https://wordpress.org/plugins/contact-form-7/
Performance and Optimization
4. Performance Lab
Developed by the WordPress Performance Team, Performance Lab is a plugin that provides comprehensive information to evaluate your website’s performance. It offers valuable insights and recommendations through a Site Health report added to your admin tools. With this plugin’s guidance, you can optimize your site to your improve your visitors’ experience and ensure faster loading times.
In addition to your Site Health report, Performance Lab also adds helpful options to your website, including support to show the dominant color of images as placeholders while your page loads.
Price: Free
Where to Download: https://wordpress.org/plugins/performance-lab/
5. WebP Express
WebP Express allows you to convert your WordPress images to the WebP format. WebP is a new image format that is supported by most modern browsers including Chrome, Safari, Edge, and Firefox, and it can offer significant improvements in image file size over traditional formats like JPEG and PNG. This can lead to faster page loading times, which can improve your user experience and SEO.
It’s easy to use. Once you install and activate it, you’ll have to configure it for first-time use (selecting a few options based on your website setup), and you’ll be all set!
WebP Express automatically generates WebP images to show to visitors using browsers that support the format, while having the backup option of showing the original JPG and PNG images to visitors using older browsers.
Price: Free
Where to Download: https://wordpress.org/plugins/webp-express/
6. WP Super Cache
Some WordPress hosts, like GoDaddy, won’t allow you to install caching plugins, but if you can, WP Super Cache is a must. Created by the developers of WordPress itself, this plugin generates static HTML files from your dynamic WordPress website, then serves that static HTML file instead of processing the WordPress PHP scripts, making your page load noticeably faster.
Most of your website visitors will be served a cached version of your website, but WP Super Cache goes a step further and serves custom cached files to users who have taken certain actions on your website to enhance their user experience.
Price: Free
Where to download: https://wordpress.org/plugins/wp-super-cache/
7. Yoast SEO
With more than 5 million active installs, Yoast SEO has become the standard in WordPress search engine optimization plugins. Yoast allows you to set default title and meta descriptions for your website, while offering you complete customization of those titles and descriptions on every page and post on your website. Yoast allows features a state-of-the-art schema implementation and extremely advanced XML sitemaps functionality, which helps search engines make better sense of your website and increases the opportunity to boost your website to the top of the results pages on Google, Yahoo, Bing, and other popular search engines.
Yoast SEO also allows you to customize your title and featured image for different social media platforms, giving you the ultimate flexibility on how you share your content with your community.
Price: Free
Where to download: https://wordpress.org/plugins/wordpress-seo/
Security and Maintenance
8. UpdraftPlus
The UpdraftPlus WordPress Backup Plugin is an easy-to-use plugin that simplifies the backup and restoration of your WordPress files and databases. Set up of the free version takes about 3 minutes and allows you to schedule hourly, daily, weekly, or monthly backups which save directly to the cloud via Dropbox, Google Drive, Amazon S3, FTP, email, and more.
Website hosting providers like DreamHost and GoDaddy often offer automatic backups of your website—which have saved us more than once—but even the most secure websites have vulnerabilities such as server crashes, security flaws, and faulty plugin and theme updates. With the hefty investment you made in designing and developing your website, it’s a no-brainer to “belt and suspenders” your WordPress backups with just a few easy clicks using UpdraftPlus.
Price: Free
Where to download: https://wordpress.org/plugins/updraftplus/
9. Wordfence Security
An endpoint firewall, malware scanner, two-factor authentication, and email notifications put Wordfence at the top of my list of WordPress security plugins. The Wordfence Threat Defense Feed provides you with the most up-to-date firewall rules, malware signatures, and malicious IP addresses it needs to keep your website safe. The firewall helps prevent brute force attacks, and you can customize how you want to lock out suspicious users. The malware scanner checks core files, themes, and plugins for malware, as well as checking for bad URLs, backdoors, SEO spam, malicious redirects, and code injections.
Previously, two-factor authentication (2FA) was only available with the premium version of Wordfence, but now you can require your site administrators to enable 2FA using the free version of Wordfence while giving other user roles the ability to turn on two-factor authentication if they choose to.
Price: Free
Where to download: https://wordpress.org/plugins/wordfence/
10. WP Mail SMTP
If you use different hosting and email services (for example, you use GoDaddy to host your website and Gmail for email), you will probably run into issues with your WordPress website not sending emails. Not to worry, WP Mail SMTP is here to help. Simple Mail Transfer Protocol (SMTP) is an industry standard for sending emails which helps increase email deliverability through authentication. Most popular email clients are constantly battling email spammers, so proper SMTP configuration helps authenticate that emails are originating from where they claim to be originating from.
The WP Mail SMTP plugin includes different SMTP set-up options through Pepipost, Sendinblue, Gmail, and more, and the pro version allows SMTP set-up through Amazon and Microsoft. In our experience, it’s not the most straightforward setup, but it allows us to send and receive emails from our WordPress website directly to our Gmail inbox.
Price: Free
Where to download: https://wordpress.org/plugins/wp-mail-smtp/
Do I need all these plugins?
Not every WordPress site will need all these plugins, but it’s a pretty good idea to make sure you can easily customize the design, user experience, SEO, site speed, and security, and these plugins make those tasks a whole lot easier.
Do you have any recommendations for must-have WordPress plugins?