7 Essential WordPress Plugins for a New Client’s Website

Posted on by Anjali Punjab

One of the great things about building a website with WordPress is the versatility of the platform. You can build high-traffic blogs, money-making machines, and lead-generating business websites with WordPress. Even then, there are so many directions you can go in.

A lot of this is due to WordPress plugins.

Rather than devote all your time to building out every feature from scratch (or sacrifice some functionality because you don’t know how to build it), you install trustworthy plugins to do the heavy lifting for you.

But when it comes to essential plugins, what are we really talking about? Because for an eCommerce site, for instance, you’d need plugins to do things like process payments or add product variations. That may be essential for ecommerce, but not for other types of sites.

So, what I want to focus on are 7 universally essential WordPress plugins every website should have installed:

1. Yoast SEO

As a web designer, many of the choices you make for a new client’s website will impact its performance in search engines (i.e. how well it ranks). However, you can’t do it alone.

Yoast SEO is a plugin that will help you and your clients optimize the words and pages on their websites. But that’s not all.

One of the best things about the Yoast SEO plugin is that it covers so many critical SEO bases:

  • XML sitemap creation
  • Search results appearance optimization
  • Keyword optimization
  • SEO analysis and suggestions
  • Readability analysis and suggestions
  • Internal link analysis

In addition, Yoast recently added integrations to SEMrush and Ryte to help WordPress users choose stronger keywords.

A screenshot of the Yoast plugin, displaying a preview of Google's mobile search result, SEO title formatting, and a field for Meta description

The above snapshot is just one of the helpful SEO tools Yoast provides its users with to ensure that every page is properly optimized.

2. iThemes Security

Unsurprisingly, WordPress websites continue to be the main targets for hackers, according to Sucuri’s latest hacked website report. It makes sense when you think about it. WordPress is the most popular CMS in the world and its vulnerabilities are well-known. So, why wouldn’t hackers take the easy route?

Just because WordPress has a bullseye on its back, that doesn’t mean your clients’ websites need to fall prey to hackers. Here’s what you can do:

Comprehensive security for a site should always include server-side protections, including a firewall and SSL certificate. That should be your first line of defense.

However, you should also install a security plugin to help cover WordPress’s specific vulnerabilities.

Screenshot of the iThemes Security plugin's options, including File Permissions, Password Requirements, WordPress Salts, and more

iThemes Security is a good choice as it provides a good array of coverage. In fact, after the plugin is installed, it quickly gets to work on scanning your site and implementing all of the security measures you need, including:

  • Strong password enforcement
  • Brute force protection
  • File change monitoring
  • Security key management
  • Database backups

The Pro version gets you even more protection and proactive monitoring.

3. UpdraftPlus

Backups and security go hand-in-hand. You can’t have one without the other.

And while I’ve heard the argument that you don’t need a backup plugin if your web host generates backups for you, I don’t agree with that.

The reason I’m adamant about using a WordPress backup plugin is that I believe in fail over. You should always have a backup plan or system in place for everything you do (including backups for backups) because you never know when one part of your business may go down or be lost.

With UpdraftPlus, you control how frequently your website is backed up as well as where those backups are stored.

A screenshot of UpdraftPlus' backup options and the options available for backup locations

What’s more, restoring a previous version of your site doesn’t require you to log into your web host’s control panel. You can do it instantly from WordPress.

4. WP-Optimize

WordPress isn’t just notorious for its security problems. It’s also made quite a name for itself as a very slow CMS.

According to a Backlinko report on page speed, WordPress is one of the poorest performing CMS when it comes to average loading speeds:

A visualization of WordPress's average loading speeds, with 38.5% reported as slow (the highest in this category among a list of content management systems

But similar to the security issue, this is something that can easily be remedied from site to site.

One thing you can do is ensure that you use a web hosting plan that prioritizes performance, with built-in server caching and other server-side speed-ups.

Another thing you can do is use a performance optimization plugin.

Unlike other plugins, WP-Optimize tackles speed from all angles as opposed to just being a caching plugin or an image optimization plugin. Its speedy features include:

  • Website caching
  • HTML, CSS, and JavaScript minification
  • Image compression
  • Gzip compression
  • Database cleanup

What’s more, it integrates with UpdraftPlus, so you can automatically generate a backup of your site before doing any cleanup. You can also schedule cleanup and optimization so it’s one less thing you have to worry about.

5. Contact Form by WPForms

There are certain pages and features that every website needs to have. The Contact page and contact form, for example, are non-negotiable.

The contact form is a fast, easy, and convenient way for visitors to get in touch with the people on the other side of a website.

Because of the vital role it plays in online communication, you have to be careful about which contact form plugin you use.

A screenshot of the Contact Form builder, with options for a wide variety of fields being placed in a Contact Us form.

Among the dozen or so I’ve played around with over the years, WPForms stands out to me as the clear winner for a number of reasons:

  • There are templates available if you want to shorten the time it takes to create new ones.
  • The plugin produces attractive, user-friendly forms.
  • You and your clients can easily edit the form with the visual drag-and-drop builder.
  • You have a lot of control over how the form looks and each field works.
  • Anti-spam features like CAPTCHA and a honeypot are included.

With an upgrade, you can automate a lot of business tasks on your websites, like collecting payments, receiving file uploads, and running surveys.

6. Google Analytics Dashboard Plugin for WordPress by MonsterInsights

This one I often struggle with recommending because it’s very easy to add the Google Analytics code to the backend of your website. Which also means one less plugin you have to install. But…

I also want to take into consideration your clients’ experience.

One of the most common complaints I’ve heard from business owners is that they have no idea how well or poorly their website is doing. They know they have Google Analytics tracking its performance, but they’re overwhelmed with all of the data that’s presented to them.

With MonsterInsights’s Google Analytics plugin, though, that data is more simply presented.

A screenshot of MonsterInsights' reporting dashboard, featuring large clear visualizations of key data like New vs Returning Visitors and Device Breakdown

Business owners can see the most important data pertaining to website traffic as well as how positively people are responding to their content – right from their WordPress dashboard. And a Pro upgrade unlocks access to extra tracking for publishers, eCommerce, and contact forms, among other things.

If you want to take away the confusion and frustration your clients may experience post-launch, this plugin will help.

7. WP AutoTerms

This is the least exciting of the essential WordPress plugins, but it’s a critical one to have in this day and age.

With consumers growing wary of security breaches and data misuse, they need assurances that the website you build and the brand behind it take those concerns seriously. By providing information related to privacy, terms, and more, you can put some of their minds at ease.

Of course, generating legal pages isn’t really a task a web designer should be doing nor do many business owners know what to do with them. That’s why I’m a big fan of the WP AutoTerms plugin.

A screenshot of WP AutoTerms' plugin, including options for creating CCPA & GDPR policies and other legal pages and privacy policies

The plugin provides pre-made templates for Privacy Policy, Terms and Conditions, as well as GDPR pages. All you need to do is fill in basic information about the company and where they’re located. The plugin does the rest, unless your client decides to customize the pages (which is easy to do).

Oh, and for websites that need to comply with GDPR or CCPA, or to announce affiliate partnerships, the paid license unlocks those features and will help you add a consent notice to your website, too.

Wrapping Up

There are so many possibilities when building a WordPress website, and plugins are often the best way to achieve this versatility in design and development. However, when it comes to the core plugin functionality that every website needs, the 7 essential plugins above are the ones you need to start with.

Anjali Punjab

Anjali Punjab is a freelance writer, blogger, and ghostwriter who develops high-quality content for businesses. She is also a HubSpot Inbound Marketing Certified and Google Analytics Qualified Professional.

More Posts Twitter Facebook LinkedIn