Matt Fiddles

Life's so vast, there's just so much to do...

User Tools

Site Tools


"Trillian did a little research in the ship's copy of THHGTTG. It had some advice to offer on drunkenness.`Go to it,' it said, `and good luck.'
It was cross-referenced to the entry concerning the size of the Universe and ways of coping with that."

- One of the more preferable pieces of advice contained in the Guide.

Where will you go today?

Han Solo: "This is not going to work."

Luke Skywalker: "Why didn't you say so before?"

Han Solo: "I did say so before!"

Wordpress Plugins

Plugins are not in any particular order. Just some notes about some I have seen.

Note: you should always take a look at the code of any plugin you are adding to your site before you activate it. A wordpress plugin is able to do anything. Look for mail(), base64, rot13, decode, encode, http, unneeded php files, and anything else you can think of (not a complete list…).

Building a Plugin

How to build a plugin:

How to add JavaScript and CSS with your WordPress Plugin

Understanding admin_print_scripts

You can put a .php file in the mu-plugins folder. They will run, not show up as plugins, and it is faily easy to do:


Shortcodes Ultimate makes use of 50+ shortcodes to really customize your site.


404 Redirected by Weberz Hosting. Redirects 404 errors to more relavant content, which is nice if you move a page and forget to redirect it. Then at least the user has a chance to find what they were looking for, rather than a search form.

Redirection by John Godley. Manage all your 301 redirects and monitor 404 errors.

Backup and Setup

Duplicator can help move your site from one host to another. Good for backups and testing.


iThemes Security (was Better WP Security) by Protects lots of different areas, such as removing the admin user, logging and blocking failed logins, hardening various parts of the system, and intrusion detection.

Wordfence Security. Wordfence Security - Anti-virus, Firewall and real-time WordPress security Network.

Chap Secure Login by Enrico Rossomando. Do not show password, during login, on an insecure channel (without SSL) (SHA-256 encryption).

WP Updates Notifier by Scott Cariss. Sends email to notify you if there are any updates for your WordPress site. Can notify about core, plugin and theme updates.

WP Security Audit Log. Identify WordPress security issues before they become a problem and keep track of everything happening on your WordPress, including WordPress users activity.

WP Email Login allows users to login with their emails as well as their user names.

SEO, Tracking, and Ads

Google XML Sitemaps by Arne Brachhold. This plugin will generate a special XML sitemap which will help search engines like Google, Yahoo, Bing and to better index your blog.

WordPress SEO (Yoast) by Joost de Valk. A very good all around SEO package, it does on-page content, sitemaps, social integration, and more.

Header and Footer by Stefano Lissa. Lets you add html/javascript code to the head and footer of your blog.

Wp-Insert by Namith Jawahar. Nice one for ad-sense and alternatives for ad-sense. It can also add content and trackers to headers and footers.

WassUp Real Time Analytics. Analyze your visitors traffic with real-time stats, charts, and a lot of chronological information. Includes a sidebar widget of current online visitors and other statistics and an admin dashboard widget with chart.

All in One SEO Pack. Full out SEO including XML Sitemap, Google analycs, avoiding duplicate content, and otherwise does really well.

SEO Plugin by SQUIRRLY. “Squirrly helps you write content that's both Google Friendly and Human friendly. Excellent ballance between what search engine bots look for in your content and what Human readers crave for.” In other words, it shows you if your keywords are working for you, important info on your post, and other tips beneath the writing window so you can see how google and people will see it (or not).

Cookie Banner will display a small banner, in accordance to EU cookie laws

Broken Link will find them, so you don't get points deducted for bad links.


WP-Optimize by Ruhani Rabin. Keeps database speedy by removing post revisions and marked spam comments. It can also do so on a schedule.

P3 (Plugin Performance Profiler). See which plugins are slowing down your site. Create a profile of your WordPress site's plugins' performance by measuring their impact on your site's load time.

WP Widget Cache for widgets

cSprites loads images from one big one (via css)

Hyper Cache makes static files to increase load ability. Can handle comments. Also has a Lite Cache with less settings.

WP Super Cache makes static pages of all content. Can handle comments.

Theme check verify your theme is up to date (and not slowing you down).

BJ Lazy Load loads images after page, so page loads faster.



Resize images before upload by Simon @ WPsites. Resize your images before they are uploaded to the server, no need to use image editing software. You can drag+drop images straight from your digital camera right into WordPress. No more long waits for uploading (lots of) large pictures!

Limit Image Size by Bruno Cantuária. Saves disk space and bandwith resizing large images when you upload them to WordPress. Note that resize is done after you initially upload the picture.

Auto ThickBox Plus automatically applies ThickBox script that overlays linked image, inline, iFramed and AJAX content on the page in simple effect. Still works in 3.9.

WP Lightbox 2 is used to add the lightbox (overlay) effect to the current page images on your WordPress blog. It has a nice look.

Image Pro. Allows drag and drop for image management. Shows images while writing, which can then just be selected.

Display and Layout Scroll allows the page to continuously show more posts without clicking the next page button. loads the next page on the same page. does the same, but with only the jetpack part. See this link on how to set it up.

Ag Custom Admin allows you to change the layout of the admin area.

Parent Category Toggler by Ben Lobaugh. Automatically toggle the parent categories when a sub category is selected.

WordPress Author Image. This plugin is for Author Image. You and your users will be able to set image. The image will be appears in comment and about author section.

Random Image Block by Matt Rude. Display a random image from your native WordPress photo galley or in-beaded images.

Youtube Not Found. Sharing youtube videos on your site is easy but keeping them upto date is really not practical job. This plugin will help you find invalid youtube videos (Videos you have posted months or years ago but deleted/removed from youtube) and will automatically email to admin of the site.

Private Only by Kate Mag (Pixel Insert). Redirects all non-logged in users to login form with custom login capability.

Infinite Scroll keeps loading pages, instead of clicking.

WP-RelativeDate shows a relative date rather than the exact time. does the same, but a bit more exact.

A while ago rounds it off to the day, year, era,,,

Yet Another Related Posts Plugin shows related articles.

Regenerate Thumbnails for when you change thumbnail sizes, themes, etc.

Insert PHP puts php into the actual post, fromthe front endt editor.

Menu Item Visibility Control Using this plugin you can use WordPress Conditional Tags to enable or disable menu items on the front-end. It works like 'Widget Logic' but for menu items.

Disable Search Don't allow searches on a site.

Display Widgets Change your sidebar content for different pages, categories, custom taxonomies, and WPML languages. Avoid creating multiple sidebars and duplicating widgets by adding check boxes to each widget in the admin

Dynamic Widgets Dynamic Widgets gives you full control on which pages a widget will display. It lets you dynamically show or hide widgets on WordPress pages by setting conditional logic rules on a widget with just a few mouse clicks. No knowledge of PHP required.


Quotes Collection. Quotes Collection plugin with Ajax powered Random Quote sidebar widget helps you collect and display your favourite quotes on your WordPress blog. Tips.

Flexi Quote Rotator by Aidan Curran. Shows quotes in sidebar or using a shortcode. Quotes can cycle every so often.


Simple Comment Editing. Allows regular and non-registered users to edit their comments within so long (by default 5 mins) after they post, to fix spelling errors, or to remove the post in case they decided it was something they shouldn't have said…

Comment Attachment by latorante. Wordpress out-of-the-box comment attachment functionality. Offer your visitors the ability to attach images, or documents to their comments that automatically attach to your Wordpress media gallery. Make the attachments visible, downloadable as you wish.

Disable Comments will disable all comments of posts, pages, and/or media. You can decide on which ones. However, it is not for disabling post by post - Wordpress already lets you do that. It will disable all comments on the entire site or multisite.

WP Recent Comments With Avatars. Lightweight plugin that overrides the default widget “recent comments” in WordPress, adding an avatar display visitors comments and quotes length of 50 characters.

Silk Comments check for errors before submitting. Inline Ajax Comments gives more of a facebook feel to comments.

Auto Generate Title This plugin generates POST Title from POST content automatically.

Automatic Post Tagger APT automatically tags posts when keywords specified by the user are found. Tagging occurs while posts are being manually published or saved using the post editor or automatically inserted to the database via WP API.

List of more:

Or some possible ways to ajaxify them:

Sharing and Social automatically posts to your twitter/facebook about when you post to the website. Configurable message and backlink.

Share Buttons by AddToAny by micropat. Add share buttons, and adjust them as needed. Allows for a lot of customization and selection as to where and how it appears. Share buttons for your pages including AddToAny's universal sharing button, Facebook, Twitter, Google+, Pinterest, StumbleUpon and many more.

Hupso Share Buttons for Twitter, Facebook & Google+. Add simple social sharing buttons to your articles. Your visitors will be able to easily share your content on the most popular social networks: Twitter, Facebook, Google Plus, Linkedin, Tumblr, Pinterest, StumbleUpon, Digg, Reddit, Bebo, VKontakte and Delicous.

MailPoet Newsletters by Wysija. Create and send newsletters. Import and manage your lists. Add subscription forms in widgets, articles and pages

WP DoNotTrack stops plugins/themes from adding tracking code or cookies, protecting visitor privacy and providing performance and security benefits.

Contact Forms

Contact Form With Captcha is very simple and direct. Just has a simple contact form and captcha. The code base is very small: 3 php files!

Contact Form 7. Just another contact form plugin. Simple but flexible. For capchta cababilities use either Sweet Captcha or Really Simple CAPTCHA.

Feedback Screen with Annotation. Feedback Screen with Annotation enables visitor to send feedback about your website with some annotation and the screenshot.

Spam and Captchas

Goodbye Captcha has all the protection of a captcha without the captcha.

Captcha Bank by contact-banker. Allows you to implement security captcha form into web forms to prevent spam. Length and complexity can be adjusted. Can be put on login, lost password, register, and comment forms.

Easy Captcha by wppal. Three options for captchas: generated, javascript, and reCaptcha. The generated captcha on this is more complicated and less options. The javascript captcha just checks for javascript and then allows the user, so it does not bother them. ReCaptcha is just what it is. Can select which forms it goes on.

Sweet Captcha. Adds SweetCaptcha anti-spam solution to WordPress on the comment form, registration form, and other forms. Instead of odd characters, users just match the correct object to the question.

Email Encoder Bundle - Protect Email Address. Protect email addresses on your site and hide them from spambots by using an encoding method. Easy to use, flexible .

Blue Captcha. Highly customizable captcha.


UpdraftPlus - Backup/Restore by UpdraftPlus.Com. Backup and restore: take backups locally, or backup to Amazon S3, Dropbox, Google Drive, Rackspace, (S)FTP, WebDAV & email, on automatic schedules.

New Post Automatic Xml Backup by Email by Xosen. This plugin is very nice for backups because you don't have to wait for backups to run to get a second copy of your post. It emails the admin a copy of the post in wordpress's xml format, ready for re-import. It sends the mail on creation and post updates.

Online Backup for WordPress by Jason Woods @ Backup Technology. Will backup website to their secure servers, and even encrypt it if you want. The free version allows up to 100 MB on server.

Email Post Changes by Michael D Adams. Whenever a change to a post or page is made, those changes are emailed to the users and email addresses you specify.


Be aware that cache plugins can actually slow down your website. They are best on very busy websites, and yet they take effort to get them just right. Talk with your hosting provider before using.

W3 Total Cache by Frederick Townes. Add browser, page, object and database caching as well as minify and content delivery network (CDN) to WordPress.

Slow Plugins

These things may slow you down, depending on your system. (On the other hand, they may speed things up for busy sites…)

Wordfence Security: adds 500ms in tests.

Contact Form 7: Uses a lot of cpu, even on pages it's not loaded on.

Hupso Share Buttons for Twitter, Facebook & Google+: found it can lock up (keep from loading) a whole page if their servers go down.

Flexi Quote Rotator: loads all quotes on page load, so bad if you have a lot of quotes.

Member plugins

Ultimate Member - Does membership for a wordpress site. They also provide an api to extend the plugin at though it doesn't list all of them.

$ultimatemember->user->set_role('Role'); //note that everytime I used this it messed things up.

Ones to Checkout

Secure XML-RPC Rather than sending usernames and passwords in plain text with every request, we're going to use a set of public/secret keys to hash data and authenticate instead.

WpCrypt Allow users to change password encryption method to SHA1, SHA2, AES Rijndael and more..

Exploit Scanner This plugin searches the files on your website, and the posts and comments tables of your database for anything suspicious. It also examines your list of active plugins for unusual filenames.

WP Health Check WP Health Check scans your WordPress installation and reports any security issues with your site. It will also recommend you the solution to ovecome the issues. The purpose of this plugin is to keep your WordPress installation Safe and Secure from hackers.

Server Security Scan Check your server's overall security ♦ Detect unsafe PHP settings ♦ Detect unsafe PHP functions ♦ Check for security modules ♦ Detect unwanted write permissions ♦ Detect all errors and error levels

My WordPress Health Check My WordPress Health Check will check your WordPress installation to ensure that it is healthy, up to date, and secure.

Shellshock Check Nice idea but does not do all tests.


computers/websites/wordpress/plugins.txt · Last modified: Apr 5, 2015 (4 years ago) by Matt Bagley