WordPress Plugins: Five Easy Ways to Ruin Your Website and Business

Print Friendly

WordPress-Plugins-Five-Easy-Ways-to-Ruin-Your-Website-and-Business-V1 copy

There’s no doubt about it, one of the most valuable aspects of WordPress is the ability to use a plug-in for virtually anything that you need. Just as an iPhone is nothing without the apps but a phone, WordPress is nothing without its plug-ins.

Unfortunately, as great as they are they can really do some damage if you aren’t careful. And I don’t mean a little bit of damage either, your entire brand could be at stake by misusing or not monitoring the plug-ins that you use!

In this blog posts you will learn some of the dumbest, laziest, most dangerous ways to use WordPress plug-ins to destroy your website and your brand.

Too Many Plug-Ins Spoil the Broth

Fundamental, yet easily forgotten, the enthusiasm of us WordPress users sometimes gets the best of us. That’s right, as we’re tinkering with our website in order to make it more functional, social, and interactive – we often install every plug-in under the sun. Well, while it sounds great to have your website do everything that you wanted to do, this can be extremely deadly.

One of the reasons why you don’t want to install too many plug-ins is that the more that you install the more likely it is that you’re going to have one conflicting with the other. What that means is one plug-in might not play nice with another. This might cause anything from the plug-in simply not working, to your website not showing up at all. For example, I was recently consulting with a nonprofit and helping them to set up a brand-new WordPress site on their own. The person that they hired to be their webmaster was floored when he saw all that he could do with the platform without having to code full HTML pages.

The site was up, but the next day all of a sudden the only thing they saw on their site when they entered in the URL was a social sharing icon. They sent me a text virtually screaming in terror that their site was down and that they had no idea how to bring back up. Calmly, I replied telling them to uninstall the last plug-in that they enabled. Magically their site rose from the dead.

There’s another reason why you don’t want to install a ton of plug-ins, but we’ll get to that in just a little bit…

The Bigger the Plug-In List the Bigger the Target

While conflicting plug-ins are a bad thing, what’s worse is someone hacking into your website and doing a whole bunch of damage to you whatever they want to break. That’s right, the more plug-ins that you have the more vulnerable you are.

Just recently in August of 2011 there was a major attack on a script that was used by a lot of different plug-ins and a lot of different themes called Tim Thumb. What made this particular script so popular in so many plug-ins is that it resized images dynamically and the size of the image is very low.

Unfortunately, there was a flaw in the script and the hacker was able to create an automated means to inject code into anyone’s website that had a plug-in using that script. That totally sucked…

Just know that the more that you add to your WordPress installation in general the more people with malicious intentions have at their disposal to use against you. That means if you’re doing any type of business you can lose customer lists, credit card numbers, e-mail addresses, or have your entire online business down for week or more depending on the severity and what plug-ins you are using to do business

An Update Today Keeps the Hackers Away

On top of having too many plug-ins that leave you vulnerable, one very simple thing that a lot of WordPress users forget something so easy that it pains me to write this. What pains me even more, is that I forget to do this too!

UPDATE your plug-ins!!!

The newer versions of WordPress has made this so easy to do. I remember the good old days when you had to update every single plug-in on their own. Now in the dashboard you can update all of the plug-ins that you have in one single click.

You have to keep in mind that sometimes the updates to these plug-ins are security updates that are being patched. The longer that you let these things go, the easier it is for someone to exploit a hole in your armor.

Make It Easy for Your Users to Love What You Have To Say

One of the reasons to not go absolutely bonkers with installing every plug-in under the sun is that your users will probably hate you for it. Seriously, how many opt in boxes, animated galleries, and social sharing icons need to load before your users can actually read your content?

Okay, if you don’t care about your users and simply want to get more people to join your mailing list – here’s another good reason not to go crazy with plug-ins. Google doesn’t like it. That’s right, Google absolutely hates long load times on websites! The more stuff that you have on your website the longer it takes for visitors to see what you have to offer. That means higher bounce rates, and when Google crawls your site and sees that it takes 30 min. to load everything they will nonchalantly drop your ranking.

If You Have Amazing Content Visitors Will Find a Way to Share It

You don’t have to have social sharing icons all over the place! You don’t have to have “like me” buttons and widgets up the wazoo! Sure, have a nice, clean opt in form for your newsletter, and some clean social sharing icons in your content and you’ll be fine.

So many businesses and site owners focus too much on plug-ins that they feel are going to entice people to share what the company has to say. I hate to break it to you, but if your stuff is boring and uninteresting nobody’s going to share it no matter how many opportunities they have on your site.

When visitors go to a site that has nothing but advertisements, pop-ups, social sharing, opt in boxes, it can be a major buzz kill unless they find great content. Focus on the content and give your readers a simple means of sharing what you have to say and you’ll do just fine. Bombard them with crap and your brand will suffer. It’s as simple as that.

Dean Soto
This monthly WordPress Plugins column is contributed by Dean Soto. Dean is the President and founder of Pro Sulum, LLC, an interactive development agency specializing in marketing and customer conversion products for the Wordpress platform. With a focus on simplicity of functionality and design, Dean and his company help businesses engage more intimately with their visitors.
Dean Soto


Catholic | Business Advisor | Speaker | Consultant| Chief Automator
The Energy of Your Business = The Strength of Your Email List - http://t.co/LHQTVbCJrF http://t.co/lCVAe645jL - 2 days ago
Dean Soto


  1. Chris says

    I have a question for you Dean,

    How effective do you think the SEO plugins on WordPress are? 

    I mean, I’m no expert at SEO but whenever I logon to Elance.com or Odesk.com (or anything like one of those sites), there are so many people offering SEO it’s ridiculous. So how effective are the plugins? And are these people really going to make my website no.1 in google rankings or is it all BS??



    [link deleted by admin]

  2. says

    Great points. I’m also finding a lot of plugins are falsly advertised as GPL, yet are simple url injections which load external scripts. Then, the plugin authors claim all sorts of external non-GPL agreements, inject advertisements, browser track visitors, add brands, and generally take control of an owners website.

Please Leave a Comment!