These are my “go to” plugins — the ones that I install on every site, or simply find myself using again and again. In all cases, I find them incredibly useful and I hope you will too. Remember, when it comes to plugins, quality is more important than quantity — here’s more info on what I look for in a plugin.
Speed & Optimization
My favorite caching and speed optimization plugin. Works great “out of the box,” but configuring it for further performance is easy. I include this premium plugin in all of my WordPress support plans.
My favorite image optimization plugin. It’s easy to use, can scale down large images, had an undo function, and — best of all — the image quality is great.
A lightweight plugin that removes the built-in WordPress emoji functionality, speeding up your page a little bit. Needs no configuration–just install and activate.
Scales down large images. Although I prefer ShortPixel, this is an excellent free alternative if you have huge images already in your library. Just be sure to make backups first, as there is no undo!
Cleans up database “bloat” to help keep your site running quickly. It’s especially helpful if your site’s been around for awhile. Be sure to schedule it to run regularly.
Enables Accelerated Mobile Pages (AMP) on your WordPress site. Just install and activate. Note: I do not recommend AMP for food blogs.
Used in conjunction with the main AMP plugin, AMP for WP allows you to customize your AMP pages so they look more like your site. Note: I do not recommend AMP for food blogs.
Security & Backups
One of the most popular backup plugins, and for good reason. It’s reliable, flexible, and even the free version will do a great job. (I use the premium version for all my clients.)
The Sucuri plugin includes basic security hardening for WP, and adds audit logs and other important notifications. It works best in conjunction with the Sucuri CloudProxy Firewall and CDN, which is included in all of my WordPress support plans.
It’s a good idea to change the prefix on your database tables from the default “wp_”. This little plugin makes it easy to add randomness, such as “wp_87cH_”. Remember to uninstall the plugin after you make the change.
Help thwart brute-force password guessing attacks on your login page with Google’s user-friendly invisible reCaptcha. It’s “invisible” most of the time, and only makes you prove you’re human if it detects unusual activity. Be sure to enable it for your login pages after adding your API keys!
Most of the plugins that stop brute-force attacks only look at the IP address of the attacker—but LSS also considers the username being guessed, so it protects against distributed attacks, too. It also requires users to choose strong passwords and has a tool to reset all user passwords at once.
Very handy for moving widgets from one WordPress site to another, or simply backing up your widgets before making changes. It’s especially useful because changing themes sometimes loses your widget settings.
SEO and Social Media
If you care at all about being found in search engines, or making sure your site looks good when shared on social media platforms, this is the plugin to install.
Adds attractive social media sharing buttons, with many features and lots of flexibility. The premium version includes a “Share Count Recovery” tool, so if you ever change your URL structure (changing permalinks, or going from http to https), it’ll help you get that social proof back.
This plugin logs hits to broken pages on your site. I especially like it because it shows you the “hit count” for each URL, so you can prioritize which links to fix. (Then use the Redirection plugin to fix inbound links.)
Easily redirect broken inbound links with this plugin. It also can monitor for changes to existing pages (when you change the “slug” on a post or page), and automatically add a redirect.
BLC scans your site for broken outbound and internal links, and makes it easy to fix them. You can fix them from within the list of links, rather than spending time to load each post or page in the editor, which really speeds the process, too.
A nifty little plugin that lets you add social media icons to your WordPress menus.
Analytics & Tracking
Google Analytics is the gold standard of site tracking—and it’s free! Monster Insights makes it easy to set up the Google Analytics tracking code on your site.
This plugin adds the Facebook tracking pixel to your site easily, including event tracking. If you’re doing any Facebook advertising, this plugin is a must-have.
More Great Tools
If you need to make a site-wide change, such as your domain name, this plugin is a lifesaver! As always, be sure to do a database backup first.
When you upload an image to the WordPress media library, it automatically creates smaller thumbnails of the same image. But when you change themes, you might need other sizes available for your older images – that’s where this plugin saves the day. Once you regenerate all the thumbnails, be sure to uninstall the plugin.
This plugin gives every widget an extra control field called “Widget logic” that lets you control the pages that the widget will appear on. The text field lets you use WordPress’ Conditional Tags.
Lets you control visibility of menu items based on your desired condition. You can show items only to logged in users, or only on certain pages – it’s incredibly flexible because it allows PHP and WordPress functions (just like Widget Logic).
Actively developed and supported, WPRM makes it easy to include all the metadata that makes both Google and Pinterest happy. I include the premium version with all of my WordPress support plans.
I like to use this plugin in conjunction with Mailgun for sending transactional emails (such as new comment notifications and password reset emails). Together, they improve deliverability and tracking. Mailgun is free for up to 10,000 emails/month.