INFOGRAPHIC: Must-Have WordPress Plugins for Your Business

INFOGRAPHIC: Must-Have WordPress Plugins for Your Business

WordPress plugins, add-ons that enhance functionality and optimize your website, are sometimes cited in complaints that WordPress is not perfect. And of course, nothing is. But it’s not the CMS of choice for close to 30% of the internet without reason.

Because WordPress is open-source software, developers are free to create solutions that address any number of website issues. This leads to the overwhelming array of plugins available. How to know what you really need to get WordPress to work at peak performance for YOUR particular business needs?

WordPress dominates the market due to its versatility and the ability to add almost unlimited features. You can create a robust, optimized website using your perfect combination of tools.

The sheer number of plugins available on the WordPress repository (55,241 and counting ) can produce confusion and frustration, though, unless you have a plan. And the candy-store approach might negatively impact your site’s performance if you install too many incompatible plugins.

Please don’t install a treasure-trove of unnecessary plugins! Cut through the clutter and address the most vital issues with these suggestions and the best available solutions to address the needs of your website.

Why WordPress Plugins?

WordPress plugins are essential to enhance the performance of your business website.

WordPress plugins are essential to enhance the performance of your business website.

The multitude of websites is what drives the abundance of plugins. They’ve been designed to solve almost every WordPress website’s needs. Because of this, so many plugins exist that exploring the WordPress plugins repository can seem daunting.

But there are several reasons to stick to the basics, especially during the first stages of your website’s implementation.
1. Don’t overwhelm your site with too many plugins at any one time. Just like themes, disable and remove any that you aren’t using to keep your site clean and optimized instead of bloated and slow.
2. The more unnecessary plugins you install, the more likely you are to experience an incompatibility issue. Again, keep your site lean and clean for optimal performance.

Free vs. Freemium vs. Premium Pricing

With some 643 pages of free plugins, you’re pretty sure to find the perfect solution to your website’s needs at no cost.

These days, though, many plugins and themes are offered under a “freemium” pricing plan. A limited set of functions is available for free, then you’ll pay to upgrade for more capabilities.

Often the premium plan is worth the cost, but a word of caution: Some “free” offerings are so stripped of any real functionality that they are basically worthless.

So always fully investigate any plugins before committing to a solution. Read the reviews, note the number of installations, and be sure the developer offers support and updates.

All About Automattic

No, of course that’s not a typo! Automattic is the development team behind WordPress itself and many of its complementary elements. Their products are prominently featured in the repository, highly rated, and well-regarded in the WordPress development community for a reason.

Always “passionate about making the web a better place,” they have developed a number of options to do just that.

Jetpack offers brute force attack protection, malware scanning, and downtime alerts. Marketing tools include social media sharing and connection to the WordPress ad program. They even offer a WordPress theme marketplace and a helpful blog!

That said, the free and personal pricing levels are, frankly, not comprehensive enough to optimize a small business website. However, the Premium plan, at $9/month or $99/year, is generally a good fit. And it includes integration with the next two tools, too.

Akismet filters out comment spam so you don’t have to do it manually, and works seamlessly with other WordPress plugins as well as Jetpack.

And even if you don’t install Jetpack you can still get Akismet for a reasonable $5 monthly per site, with spam protection and priority support, on their Plus pricing plan.

VaultPress provides an extra layer of security on top of Jetpack and has partnered with Akismet to address spam sitewide. So once you buy a Jetpack Premium plan, you’ll get the complete package of protection.

WP Super Cache is a top-rated plugin for increasing page load speeds and optimizing overall site performance, but unfortunately is not included with Jetpack.

I use the Premium plan and honestly have never needed to call on customer service or support for any issues or problems. In researching this article, though, I’ve learned that I’m not taking advantage of nearly enough of what they have to offer, so I’m setting aside some time to fix that!

Security Plugins

Well that’s all covered above, right? Not exactly. Harden your business website using a variety of tools. To stay ahead of trespassers, here are three more highly recommended security WordPress plugins.

Sucuri offers a free plugin to complement your site’s security, in addition to premium services and pricing. You can also scan your site for issues using their free online SiteCheck tool.

Wordfence Security is a comprehensive suite of security features specifically designed for WordPress. It provides even more protection with premium features and pricing.

All In One WP Security & Firewall is a free security solution offering an extensive feature set.

And best of all, these products give you added peace of mind, knowing that your most valuable business asset is protected from multiple threats 24/7/365.

Backup Plugins

How would your business recover should your website be damaged or compromised? Always have a complete backup available. Try any of these three top-rated WordPress plugins for backups:

All-in-One WP Migration does double duty. Store a complete site backup in your choice of locations. Premium selections include Dropbox, Google Drive, and more. This nifty plugin can also migrate a complete clone of your site from one environment to another. Clone a site and download it to staging, then upload it to the URL to give a seamless redesign.

Updraft Plus WordPress Backup Plugin is quick, simple, and safe. It backs up to more cloud services at no charge than some plugins and can restore as well as back up your website even on its free plan.

BackUpWordPress is super simple to use and backs up your entire site on a schedule that you decide. It also supports offsite storage to Dropbox and Google Drive, among others, at no extra charge.

Having a complete, pre-disaster backup of your site in case of disturbances is sure to help you sleep better at night.

Search Engine Optimization Plugins

SEO is the first improvement most people think of to maximize their website’s overall performance. That’s because being easily located by search engines gains importance every day.

Yoast is probably the best-known WordPress plugin when it comes to SEO, and for good reason. Their free version is quite robust and can help your site rank higher in Google, Yahoo, and Bing searches. The premium version is even more comprehensive and might be worth checking out for your website at $89 for one site for one year, with free updates and support during that period.

Google XML Sitemaps is another solution in the marketplace. It creates sitemaps to help Google, Bing, Yahoo, and even better index your site. It also notifies major search engines when your site creates a post about new content. Google XML Sitemaps is completely free on personal and commercial sites.

All in One SEO Pack provides video tutorials on its downloads page to walk you through every aspect of configuring its general settings through performance options. The Pro feature set includes advanced support for WooCommerce.

Optimization Plugins

W3 Total Cache enhances your SEO tactics and mobile responsiveness by increasing page load speeds.

Smush Image Compression and Optimization reduces image sizes to meet the same goal if your site is image-heavy.

WP-Optimize automatically keeps your WordPress database clean and functioning at peak performance.

Analytics Plugins

Google Analytics for WordPress by MonsterInsights, Sumo Analytics, Slimstat Analytics and Google Analytics Dashboard for WP are all superior alternatives for understanding website traffic.


This brief round-up should give you a good idea of the most essential WordPress plugins you will need to begin optimizing your website.

WordPress plugins work for every business goal and enable every website to perform at its highest level. Take some time to review your company’s needs and decide how using some of these solutions might improve your bottom line for the better.

Which WordPress plugins have helped your business website excel? Let us know in the Comments!

Click infographic to download and view full size!

Essential WP plugins for business.

Essential WP plugins for business.

How to Recognize and Repair a Hacked WordPress Website

How to Recognize and Repair a Hacked WordPress Website

A broken or hacked WordPress website has to be an online business owner’s worst nightmare come true. Watching your revenue plummet because of missed or frustrated visitors is bad enough. But if your infected site spreads malware or discloses personal information, your credibility could take a devastating hit. Some businesses never recover.

How can you recognize a hacked website? What distinguishes a malicious attack from an administrator’s backend bumbling? There are several key differences, and we explore them here.

Broken Websites

What are the symptoms of your WordPress site’s disorder? Is it an error message? A wacky redirect? The dreaded “white screen of death”?

In any case, your first thought is probably “OMG, my site’s been hacked!”

More than likely, though, it was probably unknowingly broken by another administrator.

BTW, that’s one more reason to limit the number of persons with admin access to your site. Allowing just anybody to mess with your website’s backend is a sure-fire invitation to disaster.

Limit access to your website’s sensitive administrative functions to trusted personnel experienced with WordPress. Monitor security, backups, and updates yourself, or allow modifications by well-qualified professionals only.

Most of the common WordPress errors are easily fixed if you can access your site’s admin dashboard. Otherwise, you will need to communicate with your broken website using an FTP/SFTP client program.

Here’s what to do about the three most common WordPress errors.

White Screen of Death

It’s as if your site has ceased to exist! Where your snazzy design and compelling content once lived, there’s now literally NOTHING. A blank screen with no information. Why, and what to do?

This usually happens when a plugin or theme compatibility issue causes an error in the PHP code or the database.

If you have access to the admin dashboard, immediately deactivate all your plugins. Then reactivate them individually so you can determine which one is causing the problem. You’ll then need to deactivate, remove, and replace that plugin with a better solution.

No plugin issues? Check your site’s theme for concerns, especially if you learn that someone else has recently activated an update. Just reactivate the default WordPress theme instead to verify that it’s your theme that’s at fault. Again, you’ll want to remove it and use a different theme.

If the theme’s directory is missing or has been renamed, you’ll see an error message on the site’s front end. If you can log in to the dashboard, switch themes.

Quite frankly, though, you will probably not be able to access your admin dashboard in any of these scenarios. Using an FTP/SFTP client will give you access to the appropriate folders (wp-content/plugins or wp-content/themes) or directory to rename them.

Once the suspected folder/directory is disabled, you can follow up with the suggestions above.

Internal Server Error

You’re trying to log in but instead get an onscreen “Internal Server Error” message. There could be any number of reasons for this, including a corrupted .htaccess file. In that case, simply rename it “.htaccess-old” and reload the site. Resetting your permalinks will generate a new .htaccess file, and the old one can be deleted.

Again, plugin/theme incompatibility could be at fault. Deactivate your plugins or reactivate the default theme as above.

You’ll need to increase PHP memory if you don’t have enough. Although there are several methods for handling this, I’ve been successful by adding the following line to the wp-config.php file using a code editor: “define(‘WP_MEMORY_LIMIT’, ‘256M’)” or whatever number you need the new limit to be.

If corrupted wp-admin or wp-includes folders are the cause of your site’s issues, re-upload the appropriate file from a fresh WordPress install.

Error Establishing Database Connection

The onscreen message “Error establishing a database connection” is usually caused by a problem with your wp-config.php file. Use your FTP/SFTP client to confirm that the database name, username, password and host are all correct.

Also, check with your web host. It could be that their server is down, or your database is suffering a quota overage.

Or they might confirm the unimaginable: Your site was disabled due to infection.

Recognize a Hacked WordPress Website

Most likely, a hacker won’t announce their presence. They don’t want you to know they’re using your compromised website as a Trojan Horse to redirect your users to spam sites, secretly steal their credentials and private information, or other nefarious activity.

So how can you tell that your site’s been hacked?

Most browsers will display a warning page to deter users from accessing the site. You’ll also need to be on top of your website’s usual traffic and analytics to help determine if your site’s been compromised.

A change in traffic patterns could signal that your visitors are being redirected elsewhere. If your site seems unusually slow or is often unresponsive, you could be suffering brute force attacks. Suspicious user accounts are another clue to unauthorized activity on your site.

So despite your best efforts, a malicious actor has somehow gained entry to your site and hacked it up.

First of all, don’t panic! Your content can likely be salvaged. And taking the following action steps will substantially increase your chances of recovery.

Repair a Hacked WordPress Website

Take a deep breath and dive right in.

Start with an incident report documenting all the issues you’re experiencing and every step you take to repair it. Don’t neglect to include the results of each action.

Then use Sucuri’s SiteCheck, a free website scanner, to check for known malware, blacklisting status, website errors, and out-of-date software. Also run a virus check on your computer to be sure it wasn’t compromised in the attack on your website.

Next, check in with your web host. If you’re sharing space with other websites, you may not be the only one affected. Your provider can let you know what’s going on if that’s the case.

Before going any further, reset all your passwords and enable two-factor authentication. Use a trustworthy security plugin like WordFence or Google Authenticator from the WordPress repository. In addition to your wp-admin, be sure to generate new strong passwords for FTP/SFTP, cPanel, and MySQL.

Then, if you can, reinstall a recent backup. This is probably the first and best choice in any hacking scenario. If you have content that will be lost, though, you may prefer to remove the hack manually.

In either case, delete unused/inactive plugins/themes, and disable any plugins you hope to continue using.

Recognize and repair a hacked WordPress website with this easy-to-follow guide.

Recognize and repair a hacked WordPress website with this easy-to-follow guide.

Locate the hack via malware scan if it hasn’t already been detected. It will generally be found in your theme/plugin directories, uploads directory, wp-config.php, wp-includes, or .htaccess file. Also check index.php, header.php. footer.php and function.php for malicious code.

Go ahead and replace the corrupted files with the original theme/plugin or WordPress core file (except wp-content, where your content resides). Delete any suspicious users you found, or update all user permissions as needed.

Now that your site is clean, change all those passwords yet again! This protection is especially vital  moving forward. And, most importantly, implement additional security measures to prevent future attacks.

Request a Google site review to clear your site’s good name and remove any red flags that were set up to discourage visitors from using it.

Check out the WordPress support forums for more details and answers to specific questions that weren’t addressed here.


According to Google, compromised passwords, missing security updates, and insecure themes/plugins are among the top ways sites get hacked. So monitor your website’s security, use strong passwords and change them frequently, and only install reputable plugins and themes to help harden your website.

Has your website ever been hacked? How did you handle it? Let us know in the comments below!

7 Signs You Need a Website Redesign

7 Signs You Need a Website Redesign

Website redesign: Do you really need it? The look and “feel” of your website can certainly have an effect on how many visitors you attract and how they interact with your site. Slow, dowdy websites turn visitors away. That means your bottom line takes a hit.

Your website is your digital calling card. These days, it’s your most important business asset. Keeping it fresh and attractive is more than an exercise in keeping up with the Joneses, though. It’s an opportunity to rebrand and refocus your business. Or showcase new products and services. Or appeal to a new clientele.

Have you refreshed your site lately? You should review it with a critical eye every so often to make sure it’s still interesting to your audience and keeping up with current design trends. Not to be trendy, but to stay relevant to your target market and generate new visitors.

Outdated sites have more problems than simply looking obsolete. Let’s take a look at seven signs it’s time for a website redesign.

It looks dated.

Old-school websites look uncared for and are not visually appealing. Adding new content is not enough if the site is not engaging. Show web surfers a beautifully designed site with a modern layout and interesting visuals. You’ll probably notice visitors spending more time rather than quickly clicking away.

Website redesign: Do you really need it? Outdated sites have more problems than simply looking obsolete.

Outdated sites have more problems than simply looking obsolete.

It’s dysfunctional/not user-friendly.

Poorly designed sites make it difficult for people to find the information they seek. They might click around for a few minutes before leaving the site in frustration. Direct your users with easy-to-locate navigation and they will likely stay longer.

It’s too slow.

Current recommendations call for webpage load times of 3 seconds in this short-attention-span age. If you can’t quickly catch a visitor’s attention, they’ll probably move on to another faster-loading competitor. Your refreshed website won’t keep them waiting.

It’s not responsive or mobile-friendly.

Unless your site is optimized for various screen sizes, it can be difficult to understand or browse effectively. Visitors view your site on everything from tiny mobile screens to humungous TV-sized monitors. Be sure they can use your redesigned website effectively no matter the screen size.

It’s a security risk or has been hacked.

Another problem with old-fashioned websites is they can be easily compromised. If you’re not keeping up with theme and plugin updates, your site is a definite security risk. Keeping your website updated is one of the best ways to deter hackers.

Your business has changed focus.

What started out as one thing has lead to another and another. You’ve totally revamped your product line or have developed new services. You no longer cater to the same market, or you want to attract a different clientele. Announce your new direction with a refreshed website to attract new visitors and impress your regulars.

To update marketing strategies.

If you’re still using outdated marketing techniques, you’ll soon find yourself left behind in this digital era. Upgrade your business model using the latest approaches and a redesigned website to promote your new direction.

Closing thoughts.

How often should you undertake a website redesign? If you have any of these issues, it’s time to get started. Don’t think in terms of years or months, though, because the website you recently launched might already be stale.

Check for tell-tale signs that your site is not performing at its best. Is your traffic down? Have your sales declined? A website redesign might be just the thing to help get you back on track.

VAWW Online is being redesigned using Divi from Elegant Themes. If you’d like more information on our website design and maintenance services, click here to start the conversation.