It’s the most common answer whenever I ask a WordPress expert why they love our favorite Content Management System (CMS) so much: extensibility.
When it comes to arguing for WordPress’ dominance over other CMS, extensibility is often the most compelling point of discussion. And with good reason – our ability to further WordPress’ capabilities with a seemingly endless selection of themes and plugins is the main reason why many of us use it.
But with great power comes great responsibility. And when that power is handed over to literally anyone, the end result can be unfavorable.
Open source extensibility has a dark side. Here’s why.
When installing a new theme, even the greenest of WordPress users will recognize that it is going to have a major impact on the presentation of their website. WordPress themes are often more than just “skins” – they can have a major impact on the usability of a website.
Although the broad intention is for themes to alter the design of a site, and plugins to add and/or edit its functionality, there is a lot of crossover between the two.
Take WooThemes’ suite of themes as an example, which come packaged with a selection of custom widgets:
Each WooThemes theme comes packaged with these widgets. You may well choose to use them on your site. If you decide in the future that you want a change of design and move away from WooThemes, you will also lose the functionality (which you may well wish to retain) via those custom widgets.
Crossover of functional elements is often unavoidable between themes and plugins, but could be better avoided under certain circumstances. For instance, WooThemes could package their custom widgets as a plugin, which could be retained even if their themes were no longer used.
Is there a logical reason why this kind of theme functionality shouldn’t be transferred to complimentary plugins wherever possible?
There is no doubt about it in my mind – plugins are truly awesome.
If you actually sit back and contemplate the scale of WordPress as a collaborative effort, it can be somewhat overwhelming. Nothing is more demonstrative of the power of the WordPress community than the number of free plugins available to us. Here’s a screenshot from the WordPress plugins repository at the time of writing:
Twenty thousand plugins. That is a truly extraordinary number – especially when you compare it to the number of plugins you have installed on your WordPress site. However, the abundance and perceived disposability of plugins can lead WordPress webmasters to some tricky areas.
First of all, the sheer number of plugins available can lead you to install and test a plethora of them. This can quickly lead to a bloated and slow to load website (and we all know how important site speed is). And don’t forget – many plugins you install leave a footprint which takes some doing to get rid of.
Secondly (and perhaps most importantly), many WordPress users treat plugins as if they are disposable, when often they are not. Take for example any plugin that employs the use of custom shortcodes to insert content into your site. Uninstalling such plugins can leave you with a site full of redundant shortcode tags.
Dedicating yourself to a plugin’s functionality can lead to big headaches in the future if you decide that you no longer want or need it (or if the plugin’s ongoing development and support is halted).
With Great Power Comes Great Responsibility
As a community, we face three issues regarding the above issues:
- Irresponsible developers develop plugins that leave a trail when uninstalled. Sometimes this is unavoidable – often it is not. Plugins that deconstruct elegantly should be a top priority, but often the opposite is the case.
- Naive/inexperienced users almost always stumble and fall when first presented with the full power of WordPress. That is of course part of the learning process, but the sooner they are aware of the potential pitfalls, the better.
- Unavoidable circumstances will always prevail, but it should be a responsibility of the developers to minimize such eventualities when possible. Furthermore, end users should be suitably educated to make informed decisions regarding extensibility.
Ultimately, WordPress’ extensibility is its greatest asset. We certainly don’t want that to go away. But the WordPress community as a whole should be better educated as to the associated risks, so that they can make informed decisions (and develop better themes and plugins).
Can you think of any other ways in which WordPress’ powerful extensibility can lead to unforeseen problems?
Creative Commons photo courtesy of dollen
Wow, didn’t realize how dangerous this is.
So there’s no way to know which plugins are coded properly? I don’t even see comments reflecting that, or maybe I just haven’t been reading carefully.
Do you have a list of plugins you recommend?
How does one get rid of those shortcut code once a plugin is uninstalled? Do website coders even know about that? This is the first time I’m hearing about it.
Thanks for the education.
First of all, don’t get too worried. Most plugins aren’t malicious, and won’t ruin your site. With a little bit of common sense, you’ll be okay.
Look for plugins that have been recently updated, have lots of downloads, are well rated, and marked as compatible with your version of WordPress (as voted by other users). Finding plugins through reputable sites (like managewp.com) is also a good idea.
You can just delete redundant shortcodes manually. They don’t do any harm – they just make your site look messy.
Ok, can you tell me how to find what you mentioned?
When I go to get a plugin, I normally just look at the number of stars. I don’t see any reviews. I will have to look at how many downloads there are. What’s a good number?
Also where does it say if it’s compatible with my version since I normally have the latest version (now that I have manage wp of course : )
Where on managewp am I supposed to find plugins?
Jason C. Levine
If you are adding the plugin from WordPress, click the Details link next to the Install link to get to the plugin repository page in a modal window. However, the information available there is limited and I strongly recommend you open a new tab and go to http://wordpress.org/extend/plugins/ and research your plugins there before installing anything.
On the full web view the number of downloads appears right above the star ratings on the right side of the screen and you can also see the download history by clicking the Stats tab.
Version compatibility is found at the bottom of the screen on the right and you can click on Support tab or the View Support Forum button to see if people are reporting issues with the plugin and also get a sense of the activity level of the plugin developer.
Michelle – what Jason said.
Jason – thanks for helping 🙂
Jason C. Levine
To Woo’s credit, they did realize that migrating away from one of their themes could cause a lot of pain and the Woo Dojo plugin replicates most of the widgets and shortcodes so you can get their functionality with a different theme. But your point about dependance on custom functions in a theme or plugin is well-taken and those of us who have gotten burned in the past now know to really document what function comes from where.
I do take slight issue with the plugins leading to a bloated and slow site. This can be the case with poorly coded plugins but if one restricts oneself to plugins that are well-coded and known to behave well with other plugins then one can have 30, 40, or even 50 plugins active on a site and not see much, if any, speed hit. The trick is knowing which plugins are good 🙂
And therein lies the true danger with WordPress extensibility. Out of the thousands upon thousands themes and plugins available for downloading, there really isn’t a good way for the average user to know if what they are downloading is coded awesomely or slapped together. The Repository does its best to review and filter but the sheer volume overwhelms and there are plenty of…um…less than awesome entries there. Even beyond crappy coding is the truly malicious stuff found in themes and plugins that are not part of the repository. Novice users may install those and that contributes to hacked sites, spam-generating sites, and worse.
I agree with everything you say – perhaps I was being too general with my “bloated” comment. You’re absolutely right – 50 well-coded and lightweight plugins are better than 10 of the opposite. I was actually planning on writing an article about just that in the not too distant future.
Let’s be honest – all sorts of crap gets in the repository. I don’t blame WordPress.org for this – the alternative is an Apple app-store style system, and migrating to such a system would be akin to ripping out WordPress’ beating heart.
I love WordPress, but we should tread carefully.
Jason C. Levine
“I was actually planning on writing an article about just that in the not too distant future”
Looking forward to reading it.
“Let’s be honest – all sorts of crap gets in the repository”
Yes, and it’s a shame. The star review system can be a nice filter as well as the “It works/it’s broken” stuff but other than that and other, soft, indicators like update frequency and download rate (both of which are poor indicators of quality) there isn’t a whole lot of information thus people download, test, disable, delete and leave junk behind.
I wish I had a good idea on how to fix it.
The geek in my likes the idea of some sort of weighted algorithm that weights up various different data points (rating, number of downloads, compatibility scores over time, regularity of updates) to produce an overall “quality score”.
If someone very clever had a lot of time on their hands, that could be a seriously useful thing to have.