Hello world!
I am wondering about buying plugin HappyFiles for organizing media. Media uploader can be a bit mess and I love the user interface. But I started to think whether it is worthy to use another plugin on my WP website just for something visual and something just to make my job a bit easier.
In general I try to keep number of plugins to minimum and prefer to code all solutions unless it really adds value. It is because of easier management of website and mostly security – less plugins, less security risks.
What is your approach in selecting and using plugins? Do you use plugins like HappyFiles that will not add any value to your visitors and it’s just a plugin nice to have? Or you prefer to keep it minimal?
I just need to hear opinions from other people in the community to clarify my approach.
[ad_2]
If the plugin loads objects outside of wp-admin then there will be non-zero memory overhead. If they run functions as well, then there will be compute overhead too. If those functions do work inefficiently then it increases the overhead even more. If they access or expose data or other resources, there could be security concerns too.
If it only loads on the admin and slows wp-admin down. That probably doesn’t matter much unless you’re getting annoyed by it. It could still introduce a security issue though.
So there’s always both security risk and performance considerations. How do you assess the tradeoff? Audit the plugin yourself, pay someone else to, try using an auditing tool, etc.
Or better yet just only use popular plugins listed on w.org and as few as you can get away with. Less likely to be a security risk (still happens) on a w.org plugin. However, performance is often an afterthought, or just not explored at all, so assume performance overhead exists regardless.
Your approach is similiar to my advice is always to not use plugins unless they add significant value to your site. For ex – File management can be done with SFTP / SSH / Cpanel Filemanager , Now if a plugin is activated its basic code will almost run with all incoming requests , when you have many it ads up.
Have the least number of plugins , and for small features use snippets instead of plugins. And then offload as much as possible to third party services like Cloudflare , Akismet , Google Analytics to further reduce server load .
There is no “number”. It’s based on quality. 50 high quality plugins on a site can perform better than 1 garbage plugin. As I said in a comment yesterday – a skilled developer knows how to find high quality plugins – typically they have a high install count, active support, frequent updates.
Ironically, coding your own will likely result in worse performance and more security vulnerabilities.
Use the plugins you need. Try to use popular up-to-date ones if you can. The auto-update process is there for a reason: slowing down cybercreeps.
Be careful with using your own code instead of a (popular well reviewed) plugin. When you write the code yourself you take on the responsibility of designing, coding, testing, and maintaining it. For a long time. On the internet crawling with cybercreeps that could make your sites vulnerable. The Rank Math people (for example) have a big incentive to fix newly discovered vulnerabilities and the staff to do it. You might not,
Keep in mind that you can deactivate and uninstall plugins when you don’t need them any more. For example, you can use a media plugin to help you build a site, then get rid of it.
If your adding a bunch of media or going to have an ongoing blog or portfolio I’d get it.
Sure is nice to be able to find your files easily if your used to windows explorer or Apple finder.
Also if you use bricks it’ll let you do more than organize media.
https://m.youtube.com/watch?v=mqyVCWu68rg&t=336s&pp=ygUSd3B0dXRzIGhhcHB5IGZpbGVz
Take a requirements-driven approach.
Don’t install a plugin because you like the plugin. Install a plugin _because that plugin fills a requirement that you have._ If it doesn’t fill a specific requirement, then don’t install the plugin.
> Do you use plugins like HappyFiles that will not add any value to your visitors and it’s just a plugin nice to have
Absolutely fucking not, unless the plugin fulfills an actual hard requirement that I need fulfilled. Because now you’re married to that plugin, and your site’s safety is tied to that plugin developer’s skill at keeping their shit bug-free. You want to keep the number of outside devs you trust to a bare minimum.
Edit: And a _paid_ media manager plugin? You might as well just light your money on fire. Paid plugins are 99% of the time a total scam and almost _none_ of them provide functionality you actually need.