WordPress powers 35% of all websites on the Internet, and its backbone is the array of plugins that provide it with all the functionality required to develop a profitable online presence.
Below you'll find a list of the must-have WordPress plugins that will bullet-proof your website against malicious attacks while equipping it with the tools required to create a solid online revenue engine for your business.
What Are the Best WordPress Plugins for My Site?
When you create your website, you need to make sure you’re building it on a solid foundation.
To ensure continued growth and performance, you need to:
- Make sure your website is as hacker-proof as humanly (and technologically) possible
- Make sure it's protected from spammers (especially your contact forms and comment sections)
- Make sure it loads fast so that you can rank higher on search engines
- Make sure it connects with as many social media platforms as possible so your visitors can easily share your posts and pages
- Make sure it seamlessly integrates with popular bulk email services so you can turn it into a marketing machine
- Make sure it's designed to acquire leads with ease and simplicity
- Make sure it can collect payments if you sell products, services, memberships or subscriptions
The following WordPress plugins are the best of breed in each of the above categories:
Disclosure: Although I receive affiliate compensation at no additional cost to you to support this site that compensation in no way influences my recommendations, which are strictly informed by my 10+ years of online business experience consulting for clients large and small. My aim is to always recommend tools that offer the best return for your investment (for more details, read my Affiliate Disclosure).
Best Anti Spam Plugin: CleanTalk Anti Spam
Once you get your WordPress website up and running and you begin to get traffic, you’ll soon come to the realization that the Internet is infested with spam-bots clogging the arteries of engagement with visitors, specifically:
- Comment sections
- Contact forms
- Account creation
- Orders, etc.
One solution to mitigate spam is to add a captcha to every point where you interact with your visitors, but most people find them annoying and you’ll find that many visitors will bail on you rather than having to answer a riddle.
CleanTalk Anti Spam does away with the need for captchas by using sophisticated algorithms to filter spammy user-supplied information on the fly against a massive database of spambots that they keep on the cloud.
They also use this algorithm to filter manually inputted spam based on aggregated information from the almost half a million client websites.
While there are many free anti-spam WordPress plugins out there, a lot of them can throw false positives (good comments that get labeled as spam) as well as false negatives (spam messages that are missed by the filters and make it onto your website).
The reason you need to deal with spam from the get go is that most times they'll inject your website with malicious links that, over time, can cause your site to drop dramatically in the search-engine rankings.
In short, a good quality spam blocker is more of a necessity than a nice-to-have feature. CleanTalk offers a 7-day free trial and claims 100% protection against spambots.
Find Out More About CleanTalk Here.
Best eCommerce Plugin: BigCommerce
Hosting an online store on your WordPress website is one of the most profitable ways to monetize your visitors.
Whether you are planning to sell digital products to be downloaded, physical products to be shipped or monthly memberships, you need an eCommerce solution that:
- Is super secure for your customers so they can trust to purchase from you (e.g. it's PCI compliant, has built-in fraud protection, stores customer payment information in a highly secured back-end and not on your own self-hosting server, etc.)
- Works fast enough that you won’t lose customers in the middle of a transaction (2-5 seconds of payment processing max.) Many solutions like WooCommerce may leave your customer hanging for 6-12 seconds before a payment is processed
- Can handle multiple currencies, since most people prefer to make purchases in their own currency
- Has few transaction fees to keep more money in your bank account
- Is easy to customize, so you can make your shopping pages match the look and feel of your website
- Has access to a large selection of payment gateways, so you’re not stuck with two or three expensive options
- Has strong built-in analytics so that you know where shoppers are coming from, how much they are spending on average, when was the last time they made a purchase, and so on
- Is designed to be mobile responsive, and last but not least,
- Is SEO friendly
BigCommerce is the only solution that checks all the above boxes. While Shopify checks some of the same boxes (although not all), they force you to host your online store on their website since they don’t offer WordPress plugins.
WooCommerce, the other main competitor, runs the entire eCommerce engine locally on your site, which results in long waits for payments to be processed, which is a big turn-off for customers.
BigCommerce, on the other hand, hosts the “front-end” of your store on your website, so it works seamlessly within WordPress, while doing the heavy transactional lifting on their back-end server located on the cloud, resulting in super fast payment processing time and next-level security.
While WooCommerce’s entry level plugin is free, it lacks many important features from the above list, which you'll need to pay for separately, while BigCommerce has a reasonably priced entry-level plan (under $30/month) that packs a large number of features compared to its competitors.
For example, you'll get multi-currency driven by the customer’s IP address right out of the box, while Shopify only offers this feature in their expensive Enterprise plan.
If you’re planning to ship physical products, BigCommerce is the only platform to offer real-time shipping rates from third party providers and deep discounts with carriers like USPS, DHL and Fedex (other competitors only offer this level of service with their most expensive plans).
If you need to grow the platform with your business, BigCommerce has over 800 specialized apps in their app store for every possible need.
A big advantage, and possibly one of its most distinguishing features, is that BigCommerce does not charge any processing fees. For example, Shopify charges 2% of sales as a processing fee for all payment gateways except their own brand (which has some limitations).
BigCommerce does have a couple of downsides, though. The first one is that it requires a higher learning curve since it’s so jam-packed with features.
The other one is that their plans get more expensive the more revenue you generate (e.g. $30/month up to $50k/year in sales, $80/month up to $180k/year and $300/month up to $400k/year).
In closing, they’ve set up an excellent support infrastructure, with 24/7 coverage for phone calls and live chat (even if you get stuck at 3 am!) plus of course email.
Find Out More About BigCommerce Here.
Best Form Builder Plugin: WPForms
One of the most useful features on a website is the contact form.
For starters, it’s much safer for visitors to contact you via form than by listing your email publicly on your website and become the victim of spam. You can also use forms to ask your visitors lead-qualifying questions.
But this is just the beginning. Visitors can also use forms to:
- Request a quote
- Enter a contest
- Fill out a survey
- Be polled
- Make payments
- Request a newsletter or any other type of lead magnet
- Register for an event
- Log in to a restricted area of your website (e.g. paid access only)
...and so on.
Now, when it comes for form builder WordPress plugins, there are a ton to choose from, many are free and many paid. But a lot of them are either too restrictive or too fickle (e.g. they break under certain use cases).
With over 2 million downloads, WPForms has been extensively field tested and they’ve come up with a great product that’s fast, mobile responsive and packed with features for every budget.
More importantly, it’s highly reliable (it doesn’t break) and it integrates with other important tools in the WordPress ecosystem, like email marketing automation platforms and payment gateways.
WPForms offers a handful of pre-built form templates to get started, but also offers an add-on with over 100 beautiful templates for every possible need.
In addition, it comes with a lot of neat features, like conditional logic for field visibility (e.g. if the answer to a question is Yes, then show field A, if No, then show field B).
Last but not least, WPForms has a very intuitive drag and drop graphical editor that allows you to create forms easily with any level of complexity by simply moving form fields around with your mouse.
Other useful features:
- Spam protection
- SEO friendliness
- Conversational forms (i.e. one question at a time)
- Ability to split long forms (which suffer from high form abandonment) into multiple linked form pages
- Ability to store, view and manage forms from the WordPress dashboard
- Integration with the most popular email marketing platforms and payment processors
- Email support coupled with extensive documentation
Find Out More About WPForms Here.
Best Lead Generation Plugin: Optinmonster
Getting higher and higher traffic to your website is fantastic. But do you know what’s even more fantastic? Getting more and more visitors to sign up to your email list!
It’s hard to monetize a visitor unless they’ve opted into your email list—without their email address they’ll simply remain anonymous to you no matter how many times they visit your website.
And without an email address you won’t be able to build a relationship with them, which eventually will pay off with a purchase.
The most effective way to capture someone's email (in a legal and compliant way) is by using an opt-in form where you offer a lead magnet, like a white paper, a valuable checklist, a newsletter, etc. in exchange for their email address.
These opt-in forms come in many different shapes and sizes and they must be easy to integrate with popular email marketing services so that you can add your visitors to an email marketing campaign.
Such a campaign will allow you to earn your visitor’s trust through a regular drip of emails offering content that adds value to their lives.
In the opt-in business there are many players, but there's one that stands out: Optinmonster.
Their software is very easy to use, allowing you to create beautiful opt-in forms from scratch or from templates that can be structured to seamlessly fit into your marketing strategy.
For example, you can display opt-in forms as a:
- Lightbox popup
- Slide-in popup
- Welcome mat
- Full screen
- Floating bar
- Sidebar widget
- In content form
Where Optinmonster really shines is in the number of trigger options they offer. For example, your opt-in popup can be triggered:
- Immediately on page load
- After x seconds after landing on a page
- After the visitor scrolls past x percent of the page’s content
- On exit
- When the visitor clicks on a special link
- When you place a shortcode anywhere on a page
In addition, Optinmonster has great A/B test functionality where you can compare two versions of the same opt-in popup, or even test one type of popup (say, a welcome mat) vs. another type (say, a lightbox).
Optinmonster is a cloud application that links to your site via WordPress plugins, so if you have multiple websites you can access all your opt-in designs and analytics through a single portal.
Finally, you can create an unlimited number of opt-ins, e.g. different popups for different pages, and it can seamlessly integrate with most popular email marketing services so that you can create a number of different email campaigns based on the pages your visitors landed on.
With so much flexibility, Optinmonster will definitely become a great tool in your website monetization strategy.
Find Out More About Optinmonster Here.
Best Membership/ Subscription Plugin: MemberPress
One of the most profitable forms of website monetization is a recurring payment model, like a subscription or a membership.
If you create content that can be dripped on a regular basis, say monthly, you’ll be able to generate a consistent stream of recurring revenue in the long haul.
While you’ll experience some churn, or a small number of people cancelling their subscription in a given month, you’ll more than make up for that by building a growing pipeline of new subscribers.
How do you manage such a profitable business model? With membership/subscription WordPress plugins.
What you’re looking for in this type of WordPress plugins is the ability to:
- Collect payments on a regular basis through automatic credit card charges
- Deliver restricted content only available to paid members
- Drip content so that, say, someone with three paid months has access to more content than someone who’s only been a member for a month
- Have content expire if a member cancels a subscription or fails to renew their membership
- Offer multiple levels of memberships (e.g. bronze, silver, gold, etc.)
- Offer coupons or special offers
- Easily manage all members from a central dashboard
- Allow members to manage their own account profiles to minimize tying up your resources (e.g. changes of address, credit card details, passwords, etc)
- Create upgrade and downgrade paths
- Preferably support unlimited members and membership levels
- Easily integrate with popular email marketing platforms
- Easily integrate with popular payment processors
- Last but not least, ease of use is very important if you're a beginner
The MemberPress plugin checks all of the above boxes. For example, ActiveCampaign, a competitor, offers even more features and the ability to create complex rules, but chances are you’ll need to hire a systems developer to integrate it with your site (and they’re not cheap!).
But if you’re willing to go through their extensive documentation and learn a few basics of membership setups, you’ll be up to get going quickly with a membership module that works right out of the box.
MemberPress also offers features that are usually available in more expensive systems, for example, you can create a paywall to tease content to nonmembers while guiding them through a sign-up path.
It’ll also prorate subscriptions if a member comes in half way through your membership cycle or when they upgrade (or downgrade) their memberships half way through.
You can also drip content to individual members based on their actual registration date or based on a fixed date.
Plus it’ll take care of more mundane yet important tasks, like sending automated emails when a subscription or a credit card is about to expire.
Another useful feature is its ability to integrate multiple payment processors (e.g. Stripe as well as PayPa)l—some WordPress plugins only allow you to connect to a single payment processor for all transactions.
The reporting module is not the best in the business but it’s more than adequate (some competitors offer better reporting but at a higher cost and added complexity).
Finally, plans above the basic package allow you pretty fancy API integration with email marketing platforms to send notifications for every action a member takes, like renewing, upgrading, downgrading, cancelling, etc.
MemberPress doesn't have a free plan but they do offer a 14-day money-back guarantee, long enough to create a basic setup and take it out for a spin.
In my opinion, this is the best value for the money and actually the best all-around membership plugin in the WordPress ecosystem.
Find Out More About MemberPress Here.
Best Site Backup Plugin: UpdraftPlus
Your website is your primary online asset and doing regular scheduled backups of all your files and databases is like taking out an insurance policy. If something catastrophic happens to your site, you’ll be covered.
You may think that your self-hosting service provider has redundant servers and that nothing could go wrong with your files, so why schedule regular backups on your own?
Well, your site could get hacked or you might delete something by accident. Why take the risk?
When it comes to WordPress backup systems, you want to look for something that:
- Is designed with beginners in mind, so you don’t have to play with a lot of settings (the more things to tweak, the more things that could go wrong)
- Is reliable 100% of the time. You never want to do a backup that fails on restore
- It can save your backups on a remote location. You don’t want to keep your safety deposit box in your house because you’ll lose both in a fire
- Allows both scheduled and on-demand (manual) backups
- Won’t break your wallet
With over 3 million active installs, UpdraftPlus is a leading force in backup WordPress plugins. With single-click backup and restore functionality, it’s one of the most user friendly services out there.
In addition to offering their own paid off-site solution (UpdraftVault) you can link UpdraftPlus to your Google Drive account, Dropbox, Amazon S3 and many other remote storage platforms for complete peace of mind.
With a premium add-on, you can even store your backups in multiple locations and even store a clone of your website and have it restored at a different URL for push-button site migrations.
UpdraftPlus allows you to back up and restore all files, all files and databases or just specific files, and you can do backups on demand or schedule them every few hours, daily, weekly, bi-weekly or monthly.
For support they offer extensive documentation and a forum for users.
The only feature they are missing is built-in security scans and malware monitoring, however, if you use security WordPress plugins like Sucuri, which you should anyway, you’ll be covered there too.
Find Out More About UpdraftPlus Here.
Best Social Media Sharing Plugin: AddToAny
Next to Google searches, the best source of traffic for your website will likely be social media networks.
To ensure that your content is widely shared, you need to install social sharing buttons to all your posts and pages to make it super easy for visitors to share your content with a single click.
Now, there are many social sharing WordPress plugins and they all have their unique features, but for this task, I prefer simplicity over bells and whistles.
AddtoAny boasts over half a million active installations and it allows you to chose from a wide array of social sharing options. All you have to do is to select the default ones you want to display on your site, and all others can be accessed by pressing the “+” button.
You can set the social sharing buttons to float on your page as you scroll or to be in a fixed position, giving you the freedom to select the location and the type of content you want your buttons to appear on (e.g. you can choose to have buttons show up on posts but not pages).
By default, you can alter the size and color of the buttons and even upload your own button designs in SVG format. And if you know CSS you can do a lot more.
AddtoAny is open source, so with a bit of knowledge you can customize the buttons and their placement to your heart’s content.
In fact, with such a large user base, you’ll be able to find plenty of free resources online to alter your design so you can get it just right.
Find Out More About AddtoAny Here.
Best Upsell/Downsell Funnels Plugin: CartFlows
In the world of online income generation, one of the most effective techniques for increasing your profits with little extra effort is through the use of a sales funnel with upsells, downsells and order bumps.
An upsell is a page that customers land on when they click the order button on your checkout page. Here you can offer a product that complements the original purchase at a discount.
If your customer rejects the upsell offer, you can then present them with a downsell offer with a steeper discount than the upsell, basically an “offer they can’t refuse.”
If they say no thanks, you can even present them with a second downsell offer with an even better deal.
An order bump is a checkbox on your checkout page where customers can add an item before checking out, an impulse purchase with something that adds high value at a very low price point, making it hard to resist.
The sales funnel technique works something like this:
- First, your prospective customer “lands” on a landing page through your marketing funnel—this could be a thank you page after they click on an opt-in form, or by clicking through a Facebook or Google ad
- If they like the offer and buy into your sales letter on the thank you page, they’ll land on your checkout page
- Here, you can tempt them with a bump order checkbox
- On clicking the "order now" button, you then present them with a one-click upsell offer page. where their shopping cart remains open so that they won’t need to re-enter their credit card number
- If they take you up on the upsell, you then send them to your thank you page (step 7). If they don’t you then…
- Present them with a downsell offer. If they accept, you send them to your thank you page (step 7). If they don’t, you can then can present them with a second and even better downsell offer (you could do more than two, but after three it becomes really annoying)
- You finally display your thank you page with instructions on how to get your products.
In the not too distant past, you had to be locked into pretty pricey external platforms to do all of the above, and if you ended your subscription, you would have to walk away from all your hard work.
With the introduction of Cartflows, all of this great functionality is now available as a WordPress plugin, where you get to build all of your funnel pages locally on your own server using popular page builders.
In addition, Cartflows fully integrates with WooCommerce, the native WordPress eCommerce solution, allowing you to sell any of your WooCommerce products: physical, digital, services and memberships.
Cartflows also allows you to create an unlimited number funnels for multiple opt-ins plus it has a powerful A/B testing feature where you can have two versions of every page on your funnel compete to find out which one converts better.
Finally, they have many high-quality templates to choose from so you don’t have to build your funnel pages from scratch if you don't want to.
And the best part is that unlike their cloud-based counterparts, you get to build, host, control, customize and fully own your entire funnel stack!
Find Out More About CartFlows Here.
Best Website Caching Plugin: WP Rocket
Here’s a fact I’m sure you’ll agree with: people hate slow websites. Slow websites can kill your conversions and send people running for the hills.
But worse yet, search engines hate slow websites too because it hurts their bottom line, so to avoid annoying their customers they penalize slow websites by sending them to the bottom of their search rankings so people never find them.
The antidote? A strong caching plugin. These WordPress plugins use a lots of software tricks to really speed up page loading by:
- Creating static copies of each page (an analogy would be a photograph) and pre-loading them in browsers super fast instead of loading all the different elements of a page piecemeal every time
- Lazy loading images, in other words, only loading one image at a time as it becomes visible when you scroll down instead of loading all images on a page before they are visible
- Optimizing your database. Eliminating unnecessary data that’s no longer accessed or required
- Compressing the size of images to reduce their file sizes
WP Rocket always manages to come on top on side-by-side tests with its competitors and that’s why I’m recommending it here. They have one of the easiest user interfaces making it beginner friendly.
They achieve that by pre-configuring their settings to make them work right out of the box. Many of its competitors have screen fulls of settings that must be manually configured by the user, which require a lot of technical knowledge.
Worse of all, some settings could actually break your website if set up wrong. Mind you, this is not catastrophic because you can always go back to normal by deactivating the plugin.
But you can only do this by logging into your WordPress dashboard in "safe mode" because your normal website will no longer be functional, which will scare the bejesus out of you if you're a beginner!
But you're technically savvy and want to get into the weeds to play with advanced settings ,they have a ton of built-in informational popups in the plugin plus an extensive video library that shows you all the necessary step-by-steps.
You can even message their support team directly from within the plugin’s dashboard, which is a convenient feature.
Find Out More About WP Rocket Here.
Best Website Security/Firewall Plugin: Sucuri
When it comes to security, the Internet is like the wild west.
The arteries of the World Wide Web are jam packed with bad actors with malicious intent, whether it's to commandeer your server and your email to spread spam to unsuspecting visitors, inject malware on their computers, steal your affiliate links, or anything else under the sun that has malicious intent.
The only effective defense from becoming the recipient of malicious data packets coming your way is with the use of a powerful website security system to protect you, and the best globally-recognized security outfit for WordPress is Sucuri.
For a very reasonable cost, starting at $200/year or about $17/month (look at this as the cost of an Internet insurance policy) they will protect your website with a unique approach: they will route the entirety of your traffic to themselves, making it go through a cloudproxy firewall first.
This acts as a digital sieve that filters out all the bad actors before they even reach your server, sending your way only legitimate visitors.
In doing so, not only do they protect your website, but also they increase the speed and performance of your server because it no longer has to handle spurious traffic.
In addition to intercepting and removing bad traffic to your website through their external firewall, Sucuri will also:
- Monitor you site for security-related activities
- Monitor the integrity of your files, whether they’re WordPress related or not
- Scan your website for viruses and malware on a regular basis (you can choose the frequency)
- Keep a site audit log of all security activities
- Take actions to “harden” the security of your site to make it difficult to penetrate
Their support team works 24/7/365 and will even rescue you should an attack be successful by removing malware and restoring your site back to normal.
Without a doubt, this is the best insurance policy you can buy for your online business.
Find Out More About Sucuri Here.
What to Look for in a WordPress Plugin?
There are 7 key things that you should look for when choosing a WordPress plugin.
- First, make sure that the plugin is compatible with the latest version of WordPress.
- Second, check user reviews to see what other users have said about it and also check the number of downloads. Popular WordPress plugins tend to be well supported, a lot more stable and feature rich.
- Third, make sure the plugin is updated regularly. If the last update time was 6 months ago or longer, it's likely not supported anymore.
- Fourth, look for a plugin that has the features and options you're looking for but that's also lightweight so it doesn't bog down your site.
- Fifth, check to see if the plugin is available in your language.
- Sixth, choose WordPress plugins that have an intuitive user interface and don't require a steep learning curve to master.
- Seventh, finally, look for a plugin that has good customer support. Free WordPress plugins should offer email support with no more than a 24 hour turnaround for trouble tickets. Paid WordPress plugins should offer live chat and phone support.
What to Do Next
Phew! This was a long post, but a critical one. Your website will soon enough, if not already, become a key contributor to your livelihood and you want to protect it as much as humanely possible from malicious actors.
You also want to ensure that you're not leaving money on the table when it comes to your traffic by maximizing your opportunities to monetize your visitors.
And last but not least, you want to make sure that your WordPress site is screaming fast so that search engines don't handicap you with lower rankings.
For all of the above reasons, you need a solid suite of WordPress plugins that'll give you complete peace of mind so that you can do what you do best (run your business!) without having to waste your time sorting out a sea of technical details.