How to do a plugin audit

Plugins can be a wonderful way to add new features and unique functionality to your website. But they can have a dark side. It's important to keep your list of installed plugins streamlined and updated. Let's dive in below:

Large number of plugins

A large number of plugins is going to slow your site down — period. You want to try to keep your list of plugins as lean as possible. If you have more than 25-30 plugins, it's time for a plugin audit. We'll go over what that means at the end of this article.

Outdated plugins

Plugins add new code to your site to perform different functions. Outdated plugins, or plugins that have not been updated in more than a year, may contain code that hackers and bots can exploit to gain access to your site. It's very important to monitor your plugins on a regular basis and remove any that are not being regularly updated.

The only exception to this is any plugins that are essential for the functionality of your theme. For example, the Genesis Connect for WooCommerce plugin is not regularly updated, but is required for compatibility between Genesis and WooCommerce. This is a very basic plugin that does not require frequent updates.

Duplicate plugins

When you have two (or more) plugins installed that are performing the same functionality, your site is ripe for a plugin conflict. Multiple plugins trying to perform the same function can also slow down your website. Common duplicate plugins we see are:

  • SEO plugins (i.e. All in One SEO and Yoast)
  • Security plugins (i.e. Wordfence Security and All in One WP Security)
  • Caching plugins (i.e. W3 Total Cache and WP Rocket)

Be sure to never install duplicate plugins. For example, if you already have Yoast installed and want to try All in One SEO instead, deactivate Yoast FIRST.

Plugin updates

Good plugins release frequent or semi-frequent updates. When plugin updates become available, update them. It is vital to keep your plugins up to date so that your site remains as secure as possible (see "outdated plugins" above).

Note about plugin updates: If a plugin just released a major update (i.e. a whole version number changed, like 5.9 to 6.0), it is wise to wait a couple of weeks before updating. That gives the plugin developers time to wrinkle out any bugs in a big update.

Inactive plugins

Inactive plugins should be deleted from your website. You can always re-install the plugin later if needed.

How to "audit" your plugins

Here's what we mean when we say audit your plugins:

  1. Go to your WordPress dashboard > Plugins > Installed Plugins.
  2. Remove any plugins that you are no longer using.
  3. Remove any plugins that haven't been updated in 18 months or more.
  4. Remove any plugins that are duplicating functionality (i.e. 2 SEO plugins).
  5. Update all remaining plugins.