Article topics

The Top 10 WordPress plugins

Matthew Craft

This is my first blog post for Aubergine. My name is Matthew Craft and I am an apprentice web developer and am approaching the completion of my year-long web developer apprenticeship. During this time I’ve learnt that one of the best website CMS (content management systems) is WordPress. Whilst learning the basic languages of PHP, Javascript and also how to use MySQL databases to make a website dynamic, I have also been learning about the power of WordPress as a framework onto which I can build a custom website and still give the client all the admin controls they need to keep the website updated.

One of the most important aspects of WordPress is the huge range of plugins available to help achieve specific tasks and functions. Whilst I have learnt about how to achieve these functions by hand-coding them, using a pre-established plugin that’s out there and has been tested on thousands of sites makes much more commercial sense.

With that in mind, I have compiled a list of the Top 10 WordPress Plugins that I think are the most useful when it comes to setting up and running a WordPress website and for each, I’ve given an explanation as to what they do and why I think they are must-have plugins. Here goes:


1. ACF – Advanced Custom Fields

Used almost daily, ACF is extremely helpful. It is easy to set up, use, and is an efficient way to create custom functionality on pages that you want to repeat across different parts of the site but keep within, such as user-controlled header images content areas that are part of a custom theme.


2. ACF – Repeater Fields

Using repeaters is extremely useful, as we have built whole sites revolving around the repeater fields. It allows us to create an easy way for having sections of sites that we build into the wp-admin of a site that the owners can update content on easily means the client isn’t limited to the simple boxes or the default content area, they can add in as many editable content areas as they would like.


3. CPT UI – Custom Post Types

Another useful and used-daily plugin. It makes light work of adding different post types, and taxonomies that can so often restrict a custom WordPress site. Using custom post types in partnership with ACF allow you to easily create content that can be varied from one page template to another without it affecting the core blog post type.


4. Yoast SEO

Whilst not a magic bullet, definitely a time-saver when it comes to showing the right sort of meta data set up each page of a website needs to have and how well the page scores against basic principles and understanding of good SEO. It has easy to follow on-page tips and field labels so you know what to enter for each page and where and will give you a rough real-time guide as to how well the page scores according to the aforementioned SEO best practices. It won’t do it all for you – you still have to create the content and think about what gets entered and where, but it sets out the template.


5. Contact Form 7

Another daily install for our dev team. In a nutshell, it gives you the tools to easily create custom forms on a WordPress website. Saves time in not having to code up PHP mail scripts and can be configured to capture all the data entered by those who submit the form when using the Contact 7 Database bolt-on. As far as we can tell, there’s no limit to the number of custom forms you can make and the number of fields on the form. The form, once created, is then simply given a shortcode that you place on the page where you want it to appear. Just one thing – remember to make a custom ‘thank you’ page for the form submission and use the javascript of:

on_sent_ok: “location = ‘’;”

to redirect the user to it on successful submission. We also recommend using a captcha plugin to work with it to reduce the bot form submissions.


6. WooCommerce

What can we say about Woo? Put simply it creates the whole shop framework for us in a quick and simple install. It would take a very long time and be difficult to create the whole ordering, product manager, stock system, order information and payment systems from scratch and even then, there’d be all the cart and framework templates. WooCommerce gives us this well thought-out framework that we can then customise to the client’s design. Additionally, it has been configured to work with all the major payment gateway plugins and make an eCommerce install a much simpler and time-saving process.

We also highly recommend using it in conjunction with SSL protocol (https) as this will add user security measures, visible comfort and aid towards PCI compliance (you can read our recent article on this here).


7. Sagepay & Paypal plugins for WooCommerce

The SagePay and PayPal plugins are great because they make the process of hooking in a different type of payment system to the default Woocommerce very quick and easy. The plugins require very little configuration and as long as you have the client’s merchant account or PayPal credentials, you can be selling online in a very short set up time.


8. 301 Redirect

Nobody likes doing 301s but they are crucial to a new website’s success. An easy-to-use interface that makes light of a (usually) ball-aching job. Additionally, it also has a handy 301 importer that saves a lot of time of repeatedly typing in 301s if you have the list from Google WMT or Analytics.


9. iThemes Security

One of a few out there doing all the same sort of thing – Wordfence and Securi being the others. They won’t give you 100% protection, but they will give you peace of mind against the more common vulnerabilities and, if configured correctly, give you a better chance than most of not being brute-forced. A small word of warning thought – it can be a bit memory-hungry and slow some sites down. However, fine in most cases. Definitely a first line of defence.


10. Advanced Access Manager

Advanced access manager is a handy little plugin as it allows me to create custom user roles easily so that the clients can attribute different accesses and permissions to different team members and they can be controlled from one place in the wp-admin. You can clone an already-configured role using this plugin and tweak it so that you get slightly different aspects to different roles.


A final word about WordPress plugins

Keep them updated all the time. A plugin that works well or is safe today, can easily become broken or vulnerable. When the WP admin tells you there’s a plugin update – do them as it’s far simpler to fix a broken plugin than an entire site if it goes down or gets hacked and plugins are all-too often the culprit when it comes to new WordPress vulnerabilities.


Like what you read? You can get these news stories direct to your Facebook timeline each month by following us on Facebook.