Plugins Slow Down Your WordPress Site

on in SpeedFactor, Blog
Last modified on

“There’s a plugin for that” is a long-time notion in the global WordPress community. It’s a very positive example of the flexibility of WordPress, but over time it has created a mind-set of “everything should be solved using plugins”. We know slow WordPress plugins are one of the biggest performance killers in the WordPress ecosystem.

WordPress is not slow. It’s what we add to WordPress that makes it slow. For example, bloated themes and bloated plugins.

Before adding any plugin to WordPress, there are a few very important questions you need to ask yourself.

  1. Do I really need this plugin?
  2. Is the plugin a “must have” or just a “nice to have”?
  3. Can it be solved server-side or some other way outside of WordPress?

Many features found in WordPress plugins can easily be added through small code snippets in your theme’s functions.php file, or as a small plugin. So, if you just need one feature, you usually should not install a large plugin.

Every line of code you add to WordPress will increase your loading times. And all plugins slow down your site.

Just like 1000-in-1 themes, another important thing is to avoid using plugins that do it all. They tend to do a lot of things not that well and add bloat. It’s much better to add small, specialized plugins.

Plugins that perform scheduled tasks should of course be setup with server based CRON. WordPress CRON is a major performance killer.

Security

Security plugins don’t add that much security to WordPress. Instead, they tend to give a false sense of security. If you want to stay safe and secure with WordPress, the most important thing is to update WordPress with plugins and themes properly. When WordPress is hacked, it’s almost always due to an insecure plugin.

A firewall with your hosting provider or an application firewall with a provider such as Cloudflare is great for protection as well. They protect websites from known attacks (based on a database with vulnerabilities) even before the attacks hit your website.

The bad

  • WordFence Security
  • Sucuri Security
  • iThemes Security (Better WP Security)
  • All in One WP Security & Firewall

The alternatives

  • Firewall with your hosting provider
  • Cloudflare
  • Deactivate XML-RPC
  • Update plugins, themes and core regularly
  • Use & enforce safe passwords

Page Builders

Page builders can be both a blessing and a curse. Sometimes, they tend to make things a whole lot easier, but they also add a lot of bloated functions and unnecessary code. Especially in the front-end, such as unnecessary HTML elements or a lot of inline CSS styles. With the introduction of the block editor (Gutenberg), several page builders have become better, but they’re still far from good.

The bad

  • WPBakery (Visual Composer)
  • Beaver Builder
  • Elementor

The alternatives

  • WordPress Block Editor (Gutenberg)
  • Advanced Custom Fields – Flexible Content Fields

Image Management

The one thing that usually takes up most space in a website is the images. So it’s a very good idea to optimize the images, to reduce their size and loading time. Unfortunately, many users just install an image optimization plugin and think they’re good. But they’re really not.

If you have to use a plugin, it’s better to use plugins that off-load the optimization to a third-party provider or to a server app or resize them manually (if possible) before upload.

The bad

  • EWWW Image Optimizer
  • Smush Image Compression & Optimization
  • Imsanity
  • Various “resize” plugins

The alternatives

  • Server-based image optimization
  • Optimize images locally before upload
  • wp media regenerate (WP-CLI)
  • TinyPNG
  • ShortPixel Image Optimizer

These are plugins with scheduled tasks that benefit hugely from a proper CRON setup, as mentioned above. Best of all though is to use specialized external services, like the Google Search Console and Moz or Screaming Frog.

The bad

  • Broken Link Checker
  • WP Broken Link Status Checker
  • Yet Another Related Posts Plugin

The alternatives

  • Google Search Console
  • Moz, Screaming Frog, Sitebulb etc.
  • SEMrush

Backups

Backups can be really difficult to set up. We’ve seen many cases where backup plugins have completely “frozen” websites, causing them to not respond at all. The best way to do backups is always server-side, if it’s done in a way that doesn’t affect the web- and database services.

Traditional server-side programs like mysqldump/mysql and rsync are built for performance.

The bad

  • WP-DBManager
  • Updraft/Updraft Plus
  • Duplicator

The alternatives

  • Backups by hosting provider
  • mysqldump + rsync (command line)
  • wp db export/wp db import (WP-CLI)

Cache & Optimization

It’s much better to focus on the code rather than the cache.

Cache plugins speed up the requests that are cached, but slow down the requests that are not cached. Since a regular cache hit rate is somewhere between 10 and 25%, a cache plugin will slow down the site for 75-90% of your visitors.

If you still need cache, use a server-based cache solution. Another good alternative for caching of static resources (images, scripts and similar) is Cloudflare. And for optimization of database and scripts, use the proper server-side tools instead of adding more code to WordPress.

The bad

  • WP Super Cache, W3 Total Cache (+others)
  • WP-Optimize
  • Autoptimize
  • Minification plugins

The alternatives

  • Server based cache
  • Cloudflare Edge Cache
  • mysql/phpMyAdmin

Really Unnecessary Plugins

Don’t use the Slider Revolution (or Revolution Slider) plugin if you want performance with WordPress.
Use Vivid Slider, our alternative to Slider Revolution.

Don’t use the Jetpack plugin if you want performance with WordPress.

The same thing applies with Really Simple SSL (which only is necessary for broken WordPress installations). It’s more than enough to update the Site URL and Home URL, and do a search replace of http://domain.com with https://domain.com.

Instead, find smaller, more specialized plugins for each feature you require.

If possible, and within your knowledge or budget, use functions.php for your theme, or set up a child theme, or make a custom plugin. That’s how custom PHP or custom features are supposed to be managed with WordPress.

Related posts