Which WordPress Plugins are Recommended with Seravo.com?

With Seravo, you may install any WordPress plugins to your site. The best source for plugins is the official WordPress plugin list. You can also visit the VIP curated listing of the best plugins available.

We occasionally post to our blog about the most useful plugins available that are relevant to our customers. It's a good idea to keep an eye on new blog posts!

Preinstalled plugins on new websites

Each new Seravo website has a few useful plugins preinstalled for your convenience. You may remove them at your will.

Seravo's plugins

We have contributed by creating and publishing plugins. Seravo's published plugins can be found on WordPress.org with the keyword Seravo. Additionally Seravo has created custom plugins for expert use that have not been published on WordPress.org. These can be found on Seravo's Github-profile page.

Unnecessary or malicious plugins

WordPress plugins top 10 in vulnerabilities

Top 10 most vulnerable WordPress plugins

Most of the over 55 000 WordPress plugins serve their function well. However, we have identified some plugins that we can not endose to be used with your Seravo hosted website. Malicious plugins might cause severe issues with security or speed of your website. If the issue causes considerable harm, we can take action and automatically remove the plugins listed in this document from the customer's environment.

Cache plugins: Seravo has invested considerable effort into page speed optimization. Mainly any caching tricks done at the WordPress PHP-layer might actually hinder the website's performance by introducing new tasks and even as far as interfering with the low-level optimization in our infrastructure.

Popular caching plugins that are ineffectual with Seravo services are for example:

  • W3 Total Cache
  • WP Super Cache
  • WP File Cache

Security-plugins: Because Seravo has taken security seriously, the following plugins are mostly redundant and only help in making the website slower:

  • Better WP Security
  • iThemes Security
  • WordFence
  • Limit login attempts
  • Login wall
  • WordFence

The security plugin WordFence removes the readme.html -file which is a part of the WordPress Core. It is highly ill-advised to remove any files from the WordPress Core, because Seravo's automatic security services will alert whenever any files are missing from the WordPress Core. Seravo has taken measures to protect the readme.html and having WordFence remove it holds no additional value. Instead WordFence exposes it's readme-file in the directory /wp-content/plugins/wordfence/readme.txt. WordPress itself is infact safe with most of the security flaws rooting from plugins. Therefore we advise installing as few plugins as possible to minimize any potential vulnerabilities. To reiterate the fact the fact is that the top-10 most vulnerable plugins are mostly security-plugins. We suggest you install Google ReCaptcha integration plugin, because it effectively secures commenting functions and the login page against automated attacks.

Plugins creating issues with the database: A few common plugins slow the database down or make a mess in the database, making WordPress upkeep and performance worse.

  • Broken Link Checker
  • MyReviewPlugin
  • LinkMan
  • Fuzzy SEO Booster
  • WP PostViews
  • Tweet Blender

Backup plugins: Seravo backup is handled automatically daily and no such plugins are required.

  • Backup Guard
  • Backup Scheduler
  • Backup WordPress
  • BackWPup Free
  • BlogVault

Plugins with poor security: Plugins that are known for having multiple security issues or that intentionally open database- or file access are not allowed.

  • PHPMyAdmin or Adminer as is or as WordPress plugins. You are to use Seravo's services for accessing the database.
  • File Commander
  • Sweet Captcha
  • Upladify

Poorly programmed plugins: Programmers with varying backgrounds and skill levels contribute to WordPress by creating plugins. Therefore it's common to see plugins that are not written using the best practices. Sometimes the plugin creator does not improve their code despite improvement requests. If a plugin repeatedly causes issues, we advise removing it.

  • WPML: Preforms poorly and has issues in coding standards. Try Polylang instead.
  • TimThumb: Codebase has serious issues and commonly has security issues.
  • ReduxFramework: Has had a spotty history of not supporting websites using https. Uses a non-standard URL-framework which does not work on all sites. The team is reluctant in implementing improvements.

Unused plugins: Many websites have deactivated plugins that have not been used for a long time. These should be uninstalled completely, because at all PHP-code on the server can be considered as a potential security flaw. It's also a good practice to remove unnecessary files to save storage space. You can remove all unused plugins with the following command:

$ wp plugin delete $(wp plugin list --fields=name --status=inactive)

Did this solve your problem?