WordPress Plugins – Replacing Old Plugins With Newer Ones To Protect Site Stability and Security

October 21, 2012 · 23 comments

in WordPress

wordpress logoTwo Similar Plugins 
Which To Use?

While these plugins may not apply to you… the process of quickly determining which plugin to use is a good skill to know! 

Recently, a marketer who had just changed his permalinks advised his followers to use the “Permalinks Moved Permanently” plugin to clean up any URL redirects that they might have missed when adding them to the .htaccess file. 

Sounds good… except… when you open the link for the plugin you discover that it’s a plugin that has not been updated since 2007… yikes! 

While the plugin does work at this moment… such an old plugin is a nasty time-bomb waiting to break your site (or cause you to get hacked).

The plugin is a settings-less plugin that simply looks at a visited URL … and if it does not exist… tries to match it to a URL slug that does exist. It tells Google a “301 code” which is what Google needs, improving traffic and improving the user experience. All automagically. 

What it does not do is actually patch the .htaccess file so it is really only a band-aid. 

No sense in using a dirty band-aid!  

A plugin like this is useful in the short interval while you are getting all of your redirects rewrote in your htaccess file. It ensures that Google won’t find broken links while giving you a short window to get things set up correctly.

A quick walk through the WordPress repository finds us “Change Permalink Helper” which is functionally the same plugin.

In fact, because both plugins are (correctly) GPL licensed, there is a good chance that this is a later version of the original, by another developer.

And… we notice that it was last updated 2 months ago! Yay! (And has plenty of 5 star ratings)

This simple “switcheroo”… from a dangerous older plugin… to a newer version that does similar things… is an important part of keeping your WordPress site safe, stable, and secure!

If you’ve been blogging for two years or more (or ever consulted an old top plugin list), you would be very wise to go through your current plugins (both active and inactive) and check them against the WordPress repository to make sure that they are still listed AND updated within the last 2 years.

While occasionally an old plugin will remain both safe and viable (such as ReplyMe), this really is the exception rather than the rule!

Two  plugins that can, when used together, help us identify problematic plugins we may have installed are “No Longer In Directory” and “Better Plugin Compatibility Control“. 

Have you ever encountered trouble from an old or out of date plugin? 

~ Kim ~ 
Simple Tech Tips For Marketing

Get The Inside Scoop!
social tripletKeep up with all the latest social marketing changes!


20 comments
Kim Castleberry
Kim Castleberry

If you configured your permalinks with that when you first started blogging... thing you need nothing more. Unfortunately however, a lot of bloggers start out with one permalink structure and later change to this one. That causes all of their old incoming backlinks to be broken URLs. There's a ton of work that goes into resolving that. This is why setting permalinks is one of the very very first things a blogger should do!

Kim

pete chapman
pete chapman

Thank you Kim,

Great advice for bloggers... must audit my plug ins this week.

Sometimes we get so involved in other stuff, simple administration can get forgotten..

Best wishes for your health and prosperity.

Peter

Sadie-Michaela Harris
Sadie-Michaela Harris

Top tips Kim and there are those plugins which we have deactivated and have sitting in dashboards for a rainy day which should not be overlooked either!

Anne Perez
Anne Perez

I learned the hard way to keep wordpress plugins up to date. My sites were hacked and all went down and it was traced back to a virus placed into an outdated plugin.

Celeste Smucker
Celeste Smucker

Good to know...I have had problems with plug ins in the past...and often it is because they are old...will definitely add this to the checklist of things to do to keep my blog running smoothly. Thanks Kim.

Donna Merrill
Donna Merrill

Oh Boy!

More work to do Kim! Pretty soon I need to connect with you and hire you to clean sweep my blog! I just have a funny feeling I can get hacked ....Call it intuition lol.

I have been blogging for over 2 years and I think things are up to date. But to me my blog is like a car, I cannot change the oil, rotate the tires, etc. I need to take it in for a tune up by a professional.

You will be hearing from me soon my friend.

Donna

marquita herald
marquita herald

Honestly had to smile when I read this title because I learned this valuable lesson from you last year - and I do check and keep my plugins up to date. A few months ago I was asked to join a blogger community and part of the deal was adding a plugin to my blog to "link" members. The problem was the plugin was seriously outdated and they got a little miffed when I pointed that out. They felt I was being picky - I took that as a good sign this was probably not the right group for me :-)

chanikacha
chanikacha

This is great! Since they had release a new plugins that we can try it is a great idea to try it and make some necessary changes in our blog. Thank for the update kim!

Carolyn
Carolyn

Hi Kim, Great advice. Most of the plugins we use are free and we don't give them a second thought after we install them. I will definitely do a plugin audit to see which plugins need to be replaced with current plugins.

Thanks for bringing this important issue to our attention!

Angela
Angela

Great advice Kim! A good reminder to go through my Plugins and make sure they are up to date. Quick question for you, is it best to completely delete a plugin if you are not using it at the moment and you don't have it activated?

Brian
Brian

Hi Kim, Great post. I fail miserably at updating old plugins, but I know I should, for the reasons you suggest. One thing I'm better at is when installing new plugins to my site, I may find three similar plugins, but only add the one that has been updated the most recently. Plugins that say "Last updated 459 days ago," will never be added to my site : )

Russ Turner
Russ Turner

WP will always remind the user if a newer version is available of the plugins they have installed and I will always update to this later version.

You quite rightly point out though that there are plugins that are never maintained and can pose a threat to user sites, the best policy is to use recommended plugins by well established authors, or if you are feeling flushed go for a paid version.

Thanks for the article Kim

Kim Castleberry
Kim Castleberry

Wow, yuck Anne, that's no fun at all!! I'm glad to hear you're keeping everything up to date and backed up now! Stay safe!

Kim

Kim Castleberry
Kim Castleberry

Wow, actually you probably saved yourself a serious SEO penalty. Google has been slapping link networks very very hard. Sounds like your gut instinct paid off! Well done luv!

Kim

Kim Castleberry
Kim Castleberry

If you haven't already done your plugin audit... I just published a post with a tool that makes it much easier! Enjoy!

Kim

Kim Castleberry
Kim Castleberry

Angela, it definitely improves your security if you delete it. Some plugins we need to keep around, deactivated, because they have very elaborate settings that get lost when we deactivate (and we activate them often) but for the most part, removing deactivated plugins is something we need to do. The same is true of themes. Even though they are not active they can still be used as a "doorway" for hacking.

Kim

Kim Castleberry
Kim Castleberry

Definitely Brian! 459 days ago is quite a few (unless there is particularly good reason and evidence why). There are a few systems in WordPress that have not changed much in years - but most of them change so often that lack of updates is playing with a great big ball of fire!

Kim

Kim Castleberry
Kim Castleberry

We actually have to be careful with Premium plugins as well. Many of them are actually LESS well tested than plugins that get into the WordPress repository. Premium plugins do not go through at least a base level security check and other fail-safes. Like anything - there are premium plugins that come from coders that are positively the best in existence.... and then there are premium plugins that were whipped up in someone's basement last night in India and have never had an ounce of real world testing. It's always important to, as you mentioned, stick with well established authors with a strong track record of PROVEN plugins. An example of that would be Yoast with his new (premium) video sitemap plugin.

Kim