Skip to main content
WordPress made easy with the drag & drop Total WordPress Theme!Learn More

Top 5 Plugins for Every WordPress Site

Last updated on:

On many of the popular WordPress tutorial and news sites, and also in Meetups and WordCamps the world over, there are many great discussions about good plugins for WordPress: sliders, contact forms, backups, SEO, membership, e-commerce; but I rarely see people focusing on plugins that are specifically for the maintenance and readability of the backend of your site.

Ignoring the maintenance and upkeep of your site may not only leave you will a stale, rarely used, and much less visited site to extreme cases of total defacement or complete loss of content. Without proper precautions, your site can quickly fill up with thousands of spam comments, perform poorly, or worse yet, become vulnerable to hackers, which ultimately results in downtime and the loss of visitors and potential customers to your site.

There have been vast improvements in the responsiveness and contrast of the admin in the latest release of WordPress in 3.8, and automatic upgrades for minor releases were a welcome addition to core in WordPress 3.7. The five plugins that I have recommended take 3.7 and 3.8 to the next level and allow more fine-grained control over the appearance of the admin and scheduling of automatic updates.

Disclaimer: WPExplorer is an affiliate for one or more products listed below. If you click a link and complete a purchase we could make a commission.



If you have a WordPress blog, you may notice spam or trackback comments from random addresses many times containing links to advertisements or potential malware making an appearance on your site. These comment and trackback spams are automated by the attacker but can quickly fill up your blog and database with irrelevant information and is a red flag of a poorly maintained blog or website, which could provide an easy target for those looking to cause mischief.

Akismet is hosted web service run by that automatically detects and removes comment and trackback spam. You will need to activate the plugin to use it, which is installed by default along with with self-hosted WordPress, and you will also need a account and an Akismet key, which is free for personal use, and there is a minimal fee to businesses. Also, if you use the contact form module in the Jetpack plugin, Akismet seamlessly integrates with all contact forms to make sure that they are not generating spam, all without a captcha or user challenge; everything is handled through the service.

Wordfence Security


If you have ever had a site hacked, you know that it can be a debilitating and extremely difficult situation, especially if you are not making regular backups of your site. A site that is not properly locked down with strong passwords and other measures can be completely defaced or destroyed within a matter of minutes. Your first defense is using strong passwords, such as one that combines upper and lowercase letters, numbers, and special characters; the longer the password, the more secure it is. There are some other measures you should take to insure a safe and locked down site, one easy way is to install the Wordfence Security plugin.

There are several security plugins for WordPress, but by far my favorite and most comprehensive of these plugins is Wordfence. Wordfence scans daily for security vulnerabilities in the background, and will send you an email if anything is out of sorts. It checks DNS changes, changes to plugin and core code, outdated plugins, spammy links, as well as also guarding against brute force attacks by limiting login attempts. This is quite a gem of a plugin because in addition to providing a firewall, you can also see all login attempts and block users by IP Address. With the pro version you can even block entire countries. There is also a realtime traffic log where you can see who is accessing the site and from where. This is a plugin that I put on every site I build or come across and is highly recommended for all WordPress sites.

Advanced Automatic Updates


Along with WordPress 3.7 came autoupdates, which is a huge time-saver. However, 3.7 only will automatically update minor releases, such as to 3.7.1; but major updates, such as to 3.8 will require a manual upgrade. To resolve this issue and have all upgrades run automatically, my favorite plugin is Advanced Automatic Upgrades. This plugin updates minor and major releases of WordPress core along with the ability to automatically upgrade plugins and themes on a daily schedule. Take caution when using this plugin, as there is no roll-back feature, so you want to make sure that you couple this with a solid daily backup solution like VaultPress.



WordPress uses a database along with files to to store content and settings. With regular use, the databases get fragmented just like hard drive;. as information is written to, moved, and deleted, space becomes unavailable so optimizing the tables in a database is something that needs to be done routinely. Previously, you would have to log onto PHPMyAdmin and issue several commands to accomplish this task. PHPMyAdmin can be a scary place, and even the most experienced developers can accidentally wipe out a site with a few clicks or keystrokes.

WP-Optimize allows you to manage database optimization right from the dashboard of WordPress, which is safer and more familiar to WordPress administrators. In addition to allowing you to schedule this task on a predetermined time that you specify, there are options for other common database clean-up tasks such as deleting post revisions, drafts, and comment spam. I install this plugin on every site I use and usually set up a weekly schedule for most sites.

CodePress Admin Columns


This is an awesome plugin that has less to do with maintenance of the site and more to do with administration of the user interface of the backend of WordPress. When you view pages, posts, media, and on many admin screens, there is a list of the pages/posts/media, by title, author, date, and other pertinent information. Plugins can add or remove these columns. For example, many are familiar with the WordPress SEO by Yoast adding several columns related to SEO to these pages. CodePress Admin Columns allows you to either hide the columns that are shown, or display columns that are hidden, even custom fields. This is especially useful for adding the post thumbnail so you can make sure that there is a featured image or making sure that a custom field has been filled in on a post/page. A great tool that is especially useful on large or custom sites.

Subscribe to the Newsletter

Get our latest news, tutorials, guides, tips & deals delivered to your inbox.


  1. lamberbee

    The full automatic update plugin, also going up on major release is in my opinion not recommended. Other components, theme, also need to be considered when doing a WP upgrade. And sometimes these components sometimes are not yet up-to-date to the newest WP version.

    • AJ Clarke

      For some people it might not be recommended but for a lot of people it’s an amazing plugin. Imagine you are an affiliate marketer with 100’s of websites all using a very basic theme, this plugin will save you tons of time.

      Also it’s great for local WordPress installations, because local installs are for development then you want to make sure you’re always up to date.

      Generally, you are better off updating and having a few bugs in your theme, then not updating and having a huge security flaw on your site. I would much rather have a couple debug errors from my theme (which can be hidden) then a hacked site full of spam which can lead to getting banned from search-engines. Always keep WP up to date! And if you need to switch/fix your theme, do so 😉

  2. jpliu

    Fantastic article! Thanks for the great tips.

  3. aronwp

    I never thought of using the Advanced Automatic Updates plugin in a local environment. How would this work with git. I wouldn’t want the dev environment to get updated too.

    • AJ Clarke

      I’m not sure what you mean isn’t your local install also your dev install?

  4. Brin Wilson

    WP-Optimize looks really interesting – any idea by roughly how much using it can speed up blog/website? Do you use it on WPExplorer? If not, why not? Great article btw!

    • AJ Clarke

      Hi Brin, for most websites it probably won’t make any noticeable difference in speed. I do not use the plugin myself, I do any database maintenance manually (because I know how). But it also depends a lot on your server, I pay a lot of money for my hosting so doing small tweaks like this don’t make any difference, if I was using a really cheap shared hosting service it probably would.

      The only way to see if it will help you is to give it a try 😉

Leave a Reply

Your email address will not be published. Required fields are marked *

Learn how your comment data is processed by viewing our privacy policy here.