5 WordPress Plugins Our Website Developers Recommend

Published: June 8, 2021

Jessica Miracle


With over 50,000 WordPress plugins, it can be difficult to know where to start. Some of the first plugins a website developer adds to a site should be for security measures.

Being on the Internet means dealing with spam and potential hacking, and WordPress has its fair share of vulnerabilities–especially if not properly maintained.

Here at BrandCraft, our website developers offer maintenance packages to ensure your site is functioning properly and securely. Learn why we like to use WordPress.

There are a few plugins we like to use to help keep a WP site protected, including security measures and spam protection. Below, we’ll cover a few examples so that you know where to begin with your site.

5 WordPress Plugins Our Website Developers Recommend

Your plugins can make a huge difference in how your site operates. Discover these five WordPress plugins recommended by our website developer team:

#1: Akismet

Used for: Spam filtering

Akismet is a plugin that website developers love using to filter out spam comments and emails. It has been around since 2005 and it integrates with other popular WordPress plugins.

It’s a great, trusted, and streamlined plugin with some customization options to get the site protection you need. Want to review what it flags as spam? Akismet can file all spam received in a folder and hold onto it for 15 days.

You can also have it remove the spam messages so that you never have to look at or worry about them again. Akismet is free for personal sites, but the price for business sites is low and worth it if you get mid-to-high traffic.

#2: WPS Hide Login

Used for: Changing the admin login URL

WordPress uses the same basic admin login URL across every site: mydomain.com/wp-admin (as an example). This means that anyone can attempt logging into your site since the login path is easy to reach.

There are various ways to solve this problem. We like to use WPS Hide Login to customize that login URL.

The plugin is light and easy to use. It allows you to change the slug and the text that comes after the backslash to anything you want. We recommend website developers changing it to something unique that will be easy for you to remember but difficult for hackers to guess.

NOTE: Don’t forget to save your new login slug. Bookmark it, or write it down so that you can always get into your site.

#3: Limit Login Attempts Reloaded

Used for: Preventing brute-force login attempts

Hacking sometimes is achieved by brute-forcing passwords and usernames. With unlimited login attempts or even just a small slap on the wrist by waiting 20 minutes to reattempt the login, your site is at a greater risk for hacks.

Limit Login Attempts Reloaded does more than what the name suggests. Website developers can customize specific lockout times, notify you of blocked attempts, log all blocked attempts, and plenty more. It integrates with other plugins like WooCommerce and Sucuri, which makes it a valuable security asset for your site. (Have questions? Get in touch with a “website developer near me.”)

#4: Redirection

Used for: Redirecting URLs

There are many good redirection management plugins. What is Redirection? A light and simple plugin that gets the job done.

This plugin is 100 percent free and has been around for quite a few years–with consistent updates. You have the ability to set it to log when redirects are triggered. Plus it gives you quite a bit of detail in these logs.

Redirection has a robust number of features, and it can use imports from other redirection plugins so that you don’t lose data. If you don’t need any of the fancier features, it makes the setup easy and quick–perfect for both new and seasoned website developers.

#5: WP Mail Logging

Used for: Logging all emails sent by WordPress

WordPress, by default, does not log any emails it sends out, so without a plugin to do this. there will be no record for a website developer to review if problems arise.

WP Mail Logging not only logs emails sent by WordPress (e.g., password resets, version updates, and new account emails) but also WooCommerce emails (such as failed orders, customer invoices and notes, and canceled orders).

It’s a good idea to have a record of these for various reasons (namely, to refer back to in case there are issues with people not receiving emails or confirming what’s being sent). If you wait to add it until you do need them, you’ll already be behind.


With so many plugins to choose from, remember that it’s important to have a set of security-based plugins on your WordPress site so that you can focus on other things. Plugins like WPS Hide Login and Limit Login Attempts Reloaded are a powerful combination to prevent hacking attempts, while Akismet is a great plugin to filter out unwanted spam emails and comments.

Redirection is highly recommended if you’re redesigning with a website developer, moving or renaming pages, or running into issues with 404 errors. Keeping a log of emails WordPress and WooCommerce send out with the WP Mail Logging plugin is smart as well–just so that you have them available when you need them.

Need a Kennewick website development team to make sure your website has everything it needs? BrandCraft is at your service. Contact us now to schedule a free consultation.

Keep Reading

Subscribe to the BrandCraft Blog

Get the latest and greatest digital marketing + social media tips every week!

BrandCraft needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at any time. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, please review our Privacy Policy.