My current default WordPress plugins

These are the plugins I add to every WordPress site I build for clients – current as of February 2011. Things change and this list evolves on a fairly regular basis as old plugins lose support and new ones come on the scene.

  • Akismet – To help reduce spam comments. Since this is now a paid plugin, I’ve started trying other free plugins, right now the one of choice is Growmap Anti Spambot Plugin. Growmap adds a checkbox to the comment form to confirm whether the commenter is human. Seems to work well in conjunction with Bad Behavior (see below).
  • All In One SEO PackI’m a longtime user of this plugin; I recently tried another that’s getting good feedback but it slowed my admin site to a standstill. Adds a meta title and description box to every post and page and has other fine tuning for search engine optimization.
  • Antivirus – Projects your blog against spam injections and viruses. Manage under the Settings menu in the admin sidebar and tick the checkbox for ‘Enable the daily antivirus scan.’
  • Bad Behavior – This plugin blocks spambots before content is served by looking at the delivery method and software being used by the commenter. It also connects to Project Honey Pot, a distributed system for catching spammers and spambots that works by embedding software in your website that collects info about IP addresses used for harvesting email for spam. Should be used with a traditional comment spam catcher.
  • Better Delete Revision + Revision ControlDelete old revisions to clean up your site. Use Revision Control to limit the number of post and page revisions that will be saved.
  • Broken Link Checker – It will let you update or delete broken links from a single admin page.
  • Google Analyticator – adds the site owner’s Analytics tracking code to each page and post.
  • Google XML Sitemaps – Creates an .xml sitemap and notifies Google, Bing, Yahoo and Ask.com when content is updated.
  • Login Lockdown – Limits the number of failed logins within a certain time period and records the IP address and timestamp of each failed login.
  • Secure WordPressRemoves common security holes at login, in theme files and in the admin area for non-admins.
  • TinyMCE AdvancedAdds more icons to the post/page visual editor box, including tables. Makes it a lot easier for the client to use if they don’t know HTML.
  • Widget Logicallows the use of conditional tags for widgets to control where they appear.
  • W3 Total Cache – Speeds up a site with browser, page, object, database caching and minify features.
  • WP-DBManager – This plugin helps you optimize and repair your database. Depending on the server settings you may be able to do backups and restores as well (sometimes backup doesn’t work correctly on some hosts). You can schedule optimization and backups to run automatically.
  • WPsyslog – For tracking all site activity and system events.
800x600 Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4




Akismet – To help reduce spam comments. Since this is now a paid plugin, I’ve started trying other free plugins, right now it’s Growmap Anti Spambot Plugin. Growmap adds a checkbox to the comment form to confirm whether the commenter is human. Seems to work well in conjunction with Bad Behavior.

All In One SEO Pack – I’m a longtime user of this plugin. Adds a meta title and description box to every post and page and has other fine tuning for search engine optimization.

Antivirus – Projects your blog against spam injections and viruses. Manage under the Settings menu in the admin sidebar and tick the checkbox for ‘Enable the daily antivirus scan.’

Bad Behavior – This plugin blocks spambots before content is served by looking at the delivery method and software being used by the commenter. It also connects to Project Honey Pot, a distributed system for catching spammers and spambots that works by embedding software in your website that collects info about IP addresses used for harvesting email for spam. Should be used with a traditional comment spam catcher.

Better Delete Revision + Revision Control – Delete old revisions to clean up your site. Use Revision Control to limit the number of post and page revisions that will be saved.

Broken Link Checker – It will let you update or delete broken links from a single admin page.

Google Analyticator – adds the site owner’s Analytics tracking code to each page and post.

Login Lockdown – Limits the number of failed logins within a certain time period and records the IP address and timestamp of each failed login.

Secure WordPress – Removes common security holes at login, in theme files and in the admin area for non-admins.

XML Sitemap Generator – Creates an .xml sitemap and notifies Google, Bing, Yahoo and Ask.com when content is updated.

Widget Logic – allows the use of conditional tags for widgets to control where they appear.

W3 Total Cache – Speeds up a site with browser, page, object, database caching and minify.

WP-DBManager – This plugin helps you optimize and repair your database. Depending on the server settings you may be able to do backups and restores as well. You can schedule optimization and backups to run automatically.

WPsyslog – For tracking all site activity and system events.

5 comments

  1. Handy list. I’m always trying to keep the ‘default’ plugin set as small as possible – do you see any changes in 3.1 that will make any of the above redundant or at least move from must-haves to why-nots?

    I’m a bit confused with GASP at the moment – I too was looking for alternatives to Akismet – as I understand it you could limit name length and/or #number of URLs in a comment, but with my tests on 3.1 if you tick the box and your comment has, say, the following – My Long Name Containing Spammy Words and url#1, url #2, url#3 in the body – it still just ends up in the normal moderation queue – what am I not getting?

    Couple of plugins new to be there that I’ll check out too. Thanks.

  2. Thanks for the comment Adrian.

    I make changes to my default list on an ongoing basis, mostly when something stops working or is no longer being supported due to lack of developer interest.

    The reason I tried GASP is I was looking for a non-paid alternative to Akismet. It seems to be working fine for me, I’ve not noticed a big increase in spam. You might want to check out this post about GASP’s pros and cons.

  3. thanks for this useful list.
    you don’t have any contact form default?
    oh and map-categories-to-pages is one of my fev too..

  4. I’ve been using Contact Form 7 for a while and like it very much, but a current client needed a more powerful form tool (dynamic population of fields, multi-page forms, etc.) so I got Gravity Forms. That looks like it might be my other favorite, depending on the client’s needs.

  5. I just created a simple tool for creating custom install scripts. Right now you can select a list of plugins and it will automatically download and enable them during installation. I would be interested in feedback from anyone who may happen upon this comment. And maybe someone has thoughts about a better way to do this.

    http://www.wpkgr.com/

Leave a Reply

Your email address will not be published. Required fields are marked *