Kamil Porembiński
Kamil Porembiński

Prohibited and forbidden plugins for WordPress

If you already know how to choose a WordPress plug-in and what plugins to install, it’s time to get to know the banned and not recommended to install. Many of them may spoil your website, slow it down or are completely unnecessary.

The plug-in catalogue contains more than 55,000 add-ons, and this number is constantly growing. Despite their verification, there are some that can slow down the website, do not do what they should or simply spoil it. I divided unrecommended plugins into several groups.


Prohibited and forbidden plugins for WordPress

Plugs of this type give a false sense of security, and many of them actually have a lot of security bugs themselves. Unfortunately, it is not enough to press a magic button or add a plug-in to every system. It is a continuous and complicated process. If you want to protect WordPress, read the article: Compendium: Compendium: how to secure your WordPress?

Plugs not recommended:

  • Wordfence Security
  • iThemes Security
  • Limit Login Attempts


Plug-ins that collect visitor statistics on the WordPress website should be prohibited. Due to such plugins, the database of our website is constantly growing. The more frequently we visit a website, the more data will have to be saved in the database. This, of course, causes performance problems and takes up a lot of space on hosting.

  • WP PostViews
  • NewStatPress


With plugins that send a large number of messages there is always the same problem – we may be accused of sending SPAM, especially as we do with a single IP address from the hosting account. If we have a small number of recipients, nothing stands in the way of using them. With more and more frequent mailing, it is worth thinking about the services that implement such mailing.

Sample plugs:

  • MailPoet
  • Newsletter


It is better to have a backup than not. An old saying says that people are divided into those who make backups and those who start making them. The backup plug-ins must be handled wisely so that they don’t harm us. If our host provider makes backups and, more importantly, can recover files, we can think about whether it makes sense to have such a plug-in.

What should I pay attention to when using backup plug-ins?

First of all, the safety of such plugins and the fact that we provide data for other servers in them. Unfortunately, very often logins and passwords are not stored in encrypted form. If an attacker accesses the WordPress panel, they will also have access to our backups.

Another thing to remember is the place where we make backups. If it is the same hosting server, such a backup can take up a lot of space on hosting. The hosting company will make a backup of your backups which will only prolong the process of backup and recovery.

Backup, a backup that takes up almost 100GB on the server.
Backup, a backup that takes up almost 100GB on the server.

Apart from the place it takes to backup, it is worth remembering that its very execution from the plug-in level puts a burden on the server. Operation of such plug-ins may make our website run more slowly during the backup process. The bigger the page, the longer it is backed up, the more space it takes up.

(Un)recommended plugs:

  • UpdraftPlus
  • Duplicator
  • BackUpWordPress
  • BackupBuddy
  • BackWPup
  • WP-DB-Backup


Below is a list of plugins that causes a significant load on the web server, database or has a lot of security vulnerabilities. This list will be updated.

  • Really Simple SSL
  • Broken Link Checker
  • Dynamic Related Posts
  • Yet Another Related Posts Plugin
  • Yuzo Related Posts
  • SEO Auto Links & Related Posts
  • Similar Posts
  • wp-tab-widget
  • wp-phpmyadmin
  • wordpress-popular-posts
  • wordpress-gzip-compression
  • wordpress-database-reset
  • watermark-my-image
  • ultimate-social-deux
  • Tevolution
  • Tevolution-Directory
  • Tevolution-LocationManager
  • simple-session-support
  • similar-posts
  • seo-automatic-links
  • portable-phpmyadmin
  • fuzzy-seo-booster
  • agd-star-rating
  • mappress-google-maps-for-wordpress
  • Licznik odwiedzin
  • media-deduper-pro
  • pie-register
  • plugin-organizer
  • exec-php
  • ewww-image-optimizer
  • easy-social-share-buttons
  • dynamic-related-posts
  • custom-field-template
  • contextual-related-posts
  • ad-blocking-detector
  • accesspress-social-pro
  • qtranslatex
  • GDPR Compliance
  • WP File Manager