1. How to search and filter the WordPress Plugins Directory

How to search and filter the WordPress Plugins Directory

The WordPress Plugins Directory is the place to go for thousands of free plugins for WordPress.

But it’s large size also makes it hard to select the best plugins.

This is made worse by it not having filter or sort options.

Here’s some tips to help you work through the WordPress Plugins Directory.

These links offer a basic form of filtering – allow you to narrow down key areas.


This link lists by the number of installs the plugin has.


New plugins

This link lists plugins recently added to the directory – up to two months ago.



This link can be used to filter by tags.

Note that tags are not always added by plugin authors and may not truly represent the plugin.

To use – replace ‘seo’ with the tag of your choosing.


Zepper Plugin Search is a third-party website which allows you to search and filter plugins.

The website takes a copy of the WordPress plugin directory once a day – and has added filter options:

  • Category
  • Rating
  • Number of installs
  • Last updated


Five websites to help you choose perfect colours

Choosing the right colours for your website is important – the right colour scheme can instantly communicate what the website is about – and getting it wrong can leave a negative experience for the users.

But with so many choices and complexity – actually choosing the colours can be painstaking and tedious.

Fortunately there are websites deciated to helping  you select colours – from individual colours to complicated pallets.

Here’s my five favourite

Google Colour Picker

Google has a simple colour picker you can use to choose individual colours.

To access it all you need to do is Google search for “colour picker” (or “color picker” if you’re American!)

It’s simple but quick and effective and gives you the various colour values such as HEX and RGB.

It works great for quickly choosing a single colour but doesn’t work with colour pallets or consider colour theory.


Flatuicolorpicker (flat ui colour picker) provides a selection of “flat” colours for using in “flat web designs”.

Colours are grouped by primary and secondary colours – red, purple, blue, green, yellow, orange and grey – and are displayed in a pallet layout.

It doesn’t provide colour pallets – but is useful if you’re looking for a simple and modern “flat” colour.


0to255 allows you to select from a pallet of colours or enter a specific HEX value for a colour.

It’s simple and effective and gives you various shades of the colour to help you select exactly the right shade for your website.

Canva Colors

Canva run a powerful color tool that helps choose a colour by:

  1. uploading an image and automatically generate a colour pallet
  2. existing colour pallets
  3. colour wheel – complementary, monochromatic, analogous, triadic and tetradic

Colour pallets can be browsed or searched using keywords.

They even provide explanations of key colours such as light blue.

Adobe Color

Adobe Color helps you select colour pallets by:

  1. colour wheel
  2. existing colour pallets
  3. “trends”

The colour wheel provide granular adjustments for individual colours – which is useful for matching existing brand colours.

The trends feature helps you choose colours assosiated with popular themes such as “fashion” and “architecture”.

How often should a WordPress website be backed up

Backups are without a doubt an important way to safeguard a website from damage.

Websites are increasingly becoming a critical part of running a business – they often serve as the first point of contact with a customer – proving details of goods and services as well as contact details. For e-commerce businesses they can be entirely ran from the website.

With this increased reliance on websites the importance of a good working and reliable backup increases.

Which leads to the question – how often should you backup a WordPress website?

There’s two parts to this –

  1. how much can you afford to lose (should damage happen)
  2. how often is the website updated – e.g. posts, comments, sales data

For an active website this would mean daily backups with a thirty day retention. As well as periodic backups before updates are installed.

Daily backups strike a balance between minimising data loss and not consuming too many resources.

Ultimately the answer depends on your website and how much data loss you can afford, compared to how much resources for backups you can afford. An active e-commerce website may need real-time instant backups or a one-page business website may not need regular backups. However – at very least I would recommend weekly backups with a monthly retention.

8 reasons to not trust web host backups

Having up-to-date reliable backups of your WordPress site is one of the best steps to protecting it from disaster.

Web hosts often provide a backup service. They’re typically automatic and managed by your host – which makes them an attractive option – but can you trust it?

Let’s explore some of the reasons why you shouldn’t trust your web host backups.

1. Additional fees

More often than not a web host will charge additional fees associated with the backup service.

Whether it be requiring you to be on a “premium” plan, it being a “add on” or charging to access and restore backups. And if they don’t – chances are they’re a “premium” host, with the added cost already factored in.

At the end of the day – it’s a service provided to you and you will pay for it.

2. Can’t control frequency

When designing a disaster plan – the frequency of backups is one of the first questions to ask.

How often backups are made depends on the website itself – how often is content updated, is it business critical etc.

But backup services provided by web hosts are typically daily – so if you have an online store you could loose up to a days worth of sales data if disaster struck.

3. Can’t do once off backups

Have you ever installed new plugins or updated WordPress, plugins or themes?

The first thing you should do is backup! – This serves as a way to undo the changes if something go wrong.

But chances are your web host doesn’t support backups on demand.

Being able to backup before installing updates is important and shouldn’t be ignored.

4. Backup coverage

Having someone else manage your backups is convenient – but also very risky.

You put faith in them to backup all the necessary files – when changes are they know very little about your website, where important files are, which databases it uses.

Perhaps your website stores images in a different directory or uses a separate database for sales or CRM data – will your host back these up as well?

5. Access to backups

Constant 24/7 access to backups should be part of any disaster plan.

However web host backups are not always accessible. Often the host will treat the service as “managed backups” – meaning you need to go to them to access the backup and have restorations done.

6. Partial restores

What if you installed a plugin update which corrupted part of your database – the website continues working as normal until you release only part of it is corrupted.

Will your host be able to do a partial restore – or is it a all or nothing restore?

Many websites are constantly changing so the ability to merge a backup into a live website is important.

7. Independent “off site” backups

Having your backups with your website is like putting all your eggs into one basket.

Web hosts can get hacked, have hardware failures, loose Internet connectivity and even go out of business!

A good backup will be stored and accessible independently from the host.

8. Not tested

There’s little point in having a backup if it’s not tested periodically.

But when it’s managed by your host you never see the backup logs to confirm the backup ran successful or have the ability to test the restore process.

Ideally, backups should be periodically tested by restoring to a separate local development site. This ensures the backup is complete and confirms the process to do a restoration.

So how should you handle backups?

If your web host does backups, that’s fine – but consider it your “plan b”.

Your “plan a” should:

  • be configured to run and be retained as required by your website
  • support on demand backups
  • be off-site – e.g. to a Google Drive

I use UpdraftPlus to manage my updates, backing up to cloud storage.

How to style links for maximum visibility and accessibility

Linked text on websites needs to stand out for users to know they can click them.

But doing this right is surprisingly hard, because you need to finely balance the colour contrast between the background, non-linked text and linked text.

For maximum visibility I like to rely on the WCAG 2.0 AA standard, which defines the minimum contrast as:

  • 4.5:1 contrast between the background and non-linked text
  • 4.5:1 contrast between the background and linked text
  • 3:1 contrast between non-linked and linked text.

When you start to look at these ratios you soon see how limited the colour choices are.

I typically stick to:

Purpose Colour (Hex)
Non-linked text #000000
Linked text #606CCD
Hover #BB1122
Visited #814181

Links don’t need to be underlined (not even according to the WCAG 2.0 specification) – but underlined text is universally accepted as being a link.

If we refer back to the WCAG 2.0 standard we see that

For these reasons I prefer to underline links in body copy (articles), making links underlined by default but not when hovered over.

It’s not necessary, but if you’re trying to stick to the WCAG 2.0 standard – it depends on if you think whether a link has been visited is information.

But even then – if the “visited” state is information to convey – it can’t be communicated just with colour.

Personally, I do not use a different colour for visited links.

How to check colour contrast?

My favourite tool is the Link Contrast Checker by WebAIM.

It lets you pick a link, text and background colour and gives you the ratio and whether they’re OK.

5 Rules for making a good 404 “page not found” message

When a website visitor tries to view a page that does not exist they see a 404 “page not found” page.

This typically happens because

  • the page has been removed,
  • the visitor has clicked a broken link,
  • the visitor typed a URL wrong.

This can be a frustrating or confusing experience for the visitor – but by applying some simple rules you can turn that experience into a positive one.

1 – Never blame the visitor

Never blame the visitor for the error. Instead, be apologetic and empathetic.

Consider the words used to avoid the visitor feeling like the error is their fault. Words and phrases like “might have” or “possibly” are less likely to offend.

2 – Say what has happened

All the visitor will know is they’re not seeing what they expected – so the first thing you need to do is say what has happened.

Keeping it simple is REALLY important. The message needs to be short and short using plain simple English, no technical jargon or long explanations.

You may even consider using humour or informal language like “oops!”.

Using the term “404” is not necessary. The average user will not know (or care) what a “404” message is – and it’s not important to them. Just make sure the page returns a 404 header response.

For example: “Oops! That page can not be found.”

3 – Give options for what to do next

Now the visitor knows something has gone wrong, you need to give them options for what to do next.

Ideally you should be trying to help them find the page that they were trying to access.

A simple but effective way to do this is to provide a link to the home page and a search box – this caters for both people that aren’t sure and want to click and those that know what they’re looking for.

You may also want to provide a list of popular content – perhaps you don’t have what they’re looking for but you can provide other great content.

4 – Consistent with design

Make sure your 404 page uses the same look and feel as the rest of your site.

This includes:

  • colour
  • fonts
  • images
  • menus
  • header
  • footer.

This will help establish the visitors confidence in the website.

And remember – don’t make users scroll. This is a one-screen design.

5 – Contact and feedback

Provide a way for a visitor to contact you – for example an email address or a contact form.

This allows them to report a broken link – giving you the opportunity to fix it and retain the visitor.

What does this look like?

Here’s how I handle the 404 “page not found” page for this website.

Key features are:

  • branding is maintained
  • language is short and straight to the point
  • there is a link to the home page
  • there is a search box
  • linked text is at the end of the sentence
  • there is the ability to report a broken link

What order should WordPress updates be installed?

WordPress administrators will be familiar with this screen – updates available for WordPress core, themes and plugins – but what order should they be installed in?

When faced with multiple updates I follow this order:

  1. themes
  2. plugins
  3. WordPress core

Why this order?

This order is based on the risk of something breaking, changing or being lost.

While all updates present a level of risk – but each is slightly different.

Themes are relatively low risk – as long as customisations haven’t been made directly to the theme’s files (e.g. functions.php or styles.css).

Plugins are a bit of a wildcard. The code quality varies greatly – but plugin developers do get the opportunity to test WordPress updates before they’re released and sometimes release updates specifically to address compatibility with future versions of WordPress core.

Finally, WordPress core updates are installed – hopefully with themes and plugins that are fully compatible with the update.

Just remember – before installing updates make sure to backup.

Beware WordPress developers that rely on third-party plugins

Beware WordPress developers that rely on third-party plugin

When engaging a WordPress developer there’s one very simple but important question you must ask – do they develop or implement.

With hundreds of thousands of free plugins and many more premium plugins there’s an alarming trend of people claiming to be ‘WordPress developers’ but when it comes to the development they rely on these third-party plugins, earning themselves the title of ‘WordPress implementer’ and putting your project in a very dangerous territory.

What’s the difference?

A decent developer or implementer will listen to your requirements and work through them with you – but when it comes to the actual development,

  • the developer will build a solution to your exact requirements and
  • the implementer will start looking for solutions to each of your requirements, usually patching together several third-party solutions.

Why does it matter?

A developer or implement may be able to get the same results for your project, but what matters is how they achieve the results – as it affects the quality of the product, securitylicencing and the ongoing maintenance.


Plugin bloat is a well known fact in the WordPress community – the more plugins installed, the slower the site runs.

This is exactly what the implementer is doing to your site. They’re more than likely going to install multiple plugins with little regard to how the plugin affects your sites performance. Furthermore since the plugin is developed by a third-party developer for a the WordPress community it’s likely to be feature rich – features you most likely don’t need but contribute to the bloat.

On the other side the developer will use their expertise to code to your requirements – they will know 100% what code is running and when with no bloat.


It’s highly unlikely the implementer is going to read through the plugins code, if they even could understand the code they would be much more likely to develop.

The third-party plugin is a point of weakness in your websites security – without knowing exactly what the code does your website could be open to any number of vulnerabilities.

Engaging a developer involves trust – if you’ve ended up with an implementer you need ask yourself – do I trust all these third-party plugin developers with my website?


Licencing is something that’s easy to overlook, especially when you’re employing someone else to build the website.

With the developer you can simply stipulate no licence on the development, however when an implementer installs all those third-party plugins what they’re doing is making your agree to the terms of the third-party plugins. They may even be locking you into ongoing licence fees to the third-party plugin developer.


When you patch together several solutions you create a delicate balance that keeps things working.

When one plugin updates, that balance may break leaving your website broken.

When it comes to support instead of having the one developer that knows your code, you have several developers that may or may not be interested in supporting you.


I’m not advocating bespoke solutions for every project, I’m saying that people need to be aware of how their project will be achieved and what the implications are.

You need to ask – do I want a developed solution or an implemented Frankenstein patch work solution?

If you’re comfortable with an implemented solution, for each plugin you need to ask:

  1. Who developed it? Are they well established and trustworthy.
  2. When was it last updated? Is the plugin being maintained, does it work on the latest version of WordPress.
  3. Is it well supported? Is the third-party developer providing ongoing support.

And finally, remember that your site is only as secure and efficient as the code runs it.

The curiously grey market of GPL licensing

What is the GPL?

When WordPress plugins and themes are released they’re typically licensed under the GPL (General Public License) – this spells out the rights and limitations to using the software.

Whilst licensing under the GPL isn’t a requirement, it is the preferred license as it used for software in the WordPress plugin and theme directories.

The GPL is all about making sure software is free to run, study, share and modify. This makes the software is free to distribute (and modify) as long as you acknowledge the author.

GPL and premium software

Whilst the GPL is about free access to open source software it doesn’t out rule charging a fee for the distribution (access to and download) of the software (and updates).

When you purchase a “premium” plugin or theme that is licensed under the GPL you’re really paying for distribution and access to support.

Enter the grey market

Nothing in the GPL forbids you from taking someone’s software and redistributing it (as long as you acknowledge the author) – in fact it encourages it because it’s what makes open source software grow so quickly.

Some people take advantage of this by simply taking the software and adding their own price to access it, normally without support or updates.

What I find interesting is there are markets dedicated to this activity – where you pay a few dollars instead of the full price to download the software – most don’t even hide that they’re a third-party.

Whilst this is perfectly legal, it undermines the value of the GPL and the business model that supports the development of the software. Without the income developers will be forced to focus on other activities or release under a more restrictive license.

Ultimately purchasing the software from the developer provides you with updates and support and funds future development that is in everyone’s interest.



For more information on GPL licensing and fees see: