There exists no doubt that WordPress is one of the, if not the, best blogging platform available today. Some people would even go so far as to say that it is one of the best general purpose content management systems. Whichever way you look at it or, what ever the purpose is when using WordPress, the fact remains, you want to provide the absolute best experience for yourself and your users.

WordPress is great straight out of the box, so to speak, but there is a lot that can be done after the base installation to improve the performance and security, aid in getting your writing or products out onto the social web and even make some extra money while you’re at it. In this article I will go over 17 WordPress plugins that have stood the test of time, and some new one’s, to help you get of to a flying start on a solid foundation.

Security

Akismet

These days the Akismet plugin comes standard with you WordPress installation but, in case you do not have it, or have not activated it yet, this is one of the most important plugins to ensure improved security on your website as well as allowing you to very easily manage comments spam.

Akismet checks your comments against the Akismet web service to see if they look like spam or not and lets you review the spam it catches under your blog’s “Comments” admin screen. To demonstrate the power and effectiveness of Akismet, see the stats below. Imagine having to manage that yourself.

WordPress File Monitor

Is someone manages to hack into your WordPress installation and get to the files of your installation and makes any changes, adds or removes any files, WordPress File Monitor will instantly alert you via email.

Features

• Monitors file system for added/deleted/changed files
• Sends email when a change is detected
• Multiple email formats for alerts
• Administration area alert to notify you of changes in case email is not received
• Ability to monitor files for changes based on file hash or timestamp
• Ability to exclude directories from scan (for instance if you use a cacheing system that stores its files within the monitored zone)
• Site URL included in notification email in case plugin is in use on multiple sites

WordPress Ultimate Security

The Ultimate Security plugin identifies security problems with your WordPress Installation. It scans your blog for hundreds of known threats, then gives you a security “grade” based on how well you have protected yourself. It provides clear descriptions of the problems it does find with your installation and you can go ahead and fix these yourself. If you are not really the DIY type, you can also make use of the online service to fix the problems for you, although this comes at a cost.

Features

• One click installation and activation
• Automatic security scan of your blog
• Calculation of a letter grade based on how protected your blog is
• One click to connect to the web app to fix the security problems found

Secure WordPress

There are a lot of little things that can be done to improve the security of your WordPress blog, one of the most basic one’s being ensuring you run the absolute latest version of WordPress. While Secure WordPress does not take care of that aspect it does take care of a bunch of all the other little things you might miss. The features below is not an all or nothing but are option driven so can be turned on or off as you prefer.

Features

• removes error-information on login-page
• adds index.php plugin-directory (virtual)
• removes the wp-version, except in admin-area
• removes Really Simple Discovery
• removes Windows Live Writer
• remove core update information for non-admins
• remove plugin-update information for non-admins
• remove theme-update informationfor non-admins (only WP 2.8 and higher)
• hide wp-version in backend-dashboard for non-admins
• Add string for use WP Scanner
• Block bad queries
• Validate your site with a free malware and vulnerabilities scan with SiteSecurityMonitor.com

Performance

W3 Total Cache

We all want our web projects or blogs to be successful but, with success comes some new challenges you might not have thought about before. Will your website be able to handle a huge amount of traffic whether it is constant or in a sudden burst? One of the ways that we can ensure an improved user experience and ensure our site stays up under load, is to cache as much of the information that is static or that changes very seldom and then serving these items from cache as apposed to making constant requests to the server.

W3 Total Cache goes a long way into optimizing caching for you WordPress site. Some of the benefits and features include:

Benefits

• At least 10x improvement in overall site performance (Grade A in YSlow or significant Google Page Speed improvements) when fully configured
• “Instant” second page views (browser caching after first page view)
• Improved web server performance (sustain high traffic periods)
• Up to 80% bandwidth savings via minify and HTTP compression of HTML, CSS, JavaScript and feeds

Features

• Compatible with shared hosting, virtual private / dedicated servers and dedicated servers / clusters
• Transparent content delivery network (CDN) integration with Media Library, theme files and WordPress itself
• Minification of posts and pages and feeds
• Minification of inline, embedded or 3rd party JavaScript (with automated updates)
• Minification of inline, embedded or 3rd party CSS (with automated updates)
• Caching of search results pages (i.e. URIs with query string variables) in memory or on disk

Optimize DB

As you use WordPress to add content, moderate comments, remove data, plugins etc. the tables in your database starts to get ‘fragmented’ which causes overhead and makes your site perform slower. While you can install phpMyAdmin and take care of this and other optimizations yourself manually, this plugin removes the need therefore and makes keeping your database optimized simple. This might seem like a small thing but over time it makes a real difference.

Amazon S3 for WordPress

One of the ways large websites are able to handle large amounts of traffic while still maintaining fast response time is by off loading content onto a content delivery network. In the past this was the sole domain off large companies such as Amazon, Google, CNN and the like and was not even a remote option for small to medium websites. But with Cloud Computing and the rise of services such as Amazon S3, this is truly open to everyone. And if you have an Amazon S3 account, this plugin makes integrating this into your WordPress environment a snap.

“Once setup, this plugin transparently integrates with your WordPress blog. File uploads are automatically saved into your Amazon S3 bucket without any extra steps. Once saved, these files will be delivered by Amazon S3, instead of your web host. Any image thumbnails that get created are saved to Amazon S3 too. You’ll also find an “Amazon S3″ tab next to your regular “Upload” tab, which allows you to easily browse and manage files that were not upload via WordPress.”

Social Networking, Syndication and Search Engines

All in One SEO Pack

Getting high ranking in search engines is still one off the most important ways to get constant traffic to your website however, to get to the top off the pile is not that easy and ensuring your site is optimized for search engines is important. There is a lot you can do by paying attention to the headings you use for you content and paying attention to the keywords you use in the body of your content and in general, writing great content that people want to read and find useful.

To add onto this the All in One SEO Pack helps you with all of the rest. Some of the features are:

• Only plugin to provide SEO Integration for WP e-Commerce sites
• Nonce Security
• Support for CMS-style WordPress installations
• Automatically optimizes your titles for search engines
• Generates META tags automatically
• Avoids the typical duplicate content found on WordPress blogs
• For beginners, you don’t even have to look at the options, it works out-of-the-box. Just install.
• For advanced users, you can fine-tune everything

Google XML Sitemaps

Doing the above will get you a long way towards moving up in the results and generating more traffic for your site however, there is another very important aspect that came in a while ago and that is XML sitemaps. If you have a Google Webmaster Tools account you would have surely seen that you have the ability to point it to such a file. To create these files and keep them up to date can be a complicated task. But thanks to the Google XML Sitemaps plugin this process is trivial. But not only does it generate and keep your XML sitemap up to date, every time new content is published on your website the plugin will send a ping through to for example Google and notify them of the change.

Sociable

Allowing your visitors to  easily share your content across various social networks and bookmarking sites increases the possibility to have your content go viral. The Sociable plugin makes it extremely easy to add this capability to your content and RSS feeds and gives you a wide selection off over 90 networks to share your content on.

TweetButton

Until very recently the defacto standard for retweeting content on the web has been Tweetmeme used by everyone from TechCrunch to Time Magazine. But two weeks or so ago  Twitter announced their own set of UI elements to integrate Twitter into your own site and one of these is the Tweet button. As can be expected it was not long before the first WordPress plugin arrived to easily enable you to add the new Tweet button to you site.

Twitter Tools

This plugin integrates your WordPress blog with your Twitter account allowing you to send new blog posts to Twitter as a tweet and and vice versa. Cross-promotion of a blog posts to Twitter is fairly common and can be automatically achieved with Twitter Tools. You can also create digests that consolidate all of your tweets.

Advertising

Advertising Manager

This plugin will manage and rotate your Google Adsense and other ads on your WordPress blog. It automatically recognises many ad networks including Google Adsense, AdBrite, Adify, AdGridWork, Adpinion, Adroll, Chitika, Commission Junction, CrispAds, OpenX, ShoppingAds, Yahoo!PN, and WidgetBucks. Some of the features include:

• Simple way to import all of your ads
• Widget can be used to place ads in the sidebar
• Put ads in your blog posts with the click of a button
• Ad limitations by author, category, tag, page type, and much more

Miscelanious

OpenID

I am sure you will agree that you have gotten tired of signing up for one service after the other and wish you could just use the same username and password for every site. This is never more true then when you want to simply leave a quick comment on a site. Adding the ability for people to use their OpenId when they want to add a comment is sure to bring you a lot more comments on your site.

OpenID is an open standard that allows users to authenticate to websites without having to create a new password. This plugin allows users to login to their local WordPress account using an OpenID, as well as enabling commenters to leave authenticated comments with OpenID.

Google Analytics for WordPress

Now that your site is up and running and the traffic is flowing in you surely want to learn more about the visitors that your site receives. One of the most popular services in use today is Google’s Analytics. The amount of information you can gain from Analytics is staggering and it’s all free. Adding Google Analytics to your WordPress site is simple in general and really the need for a plugin is not justified but, this plugin goes well beyond simply adding the analytics code to your site.

It adds the asynchronous tracking code for Google Analytics and automatically tracks and segments all outbound links from within posts, comment author links, links within comments, blogroll links and downloads. It’ll add custom variables while tracking to show you pageviews per author, post type, category or publication year. It’ll also allow you to track AdSense clicks, add extra search engines, ignore certain user levels, and much much more.

Contact Form 7

While you can create a contact page and add some contact information and perhaps your email address, if you are not afraid of spam, it is much more useful to provide users of your site with a simple and effective contact form. This also ensures that you receive all mail sent from the website as it will not be caught and blocked by your server side spam filters. One of the most popular choices for this purpose in WordPress is Contact form 7.

Contact Form 7 can manage multiple contact forms, plus you can customize the form and the mail contents flexibly with simple markup. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering and more. And adding a completely customized form to any page or content item is as simple as defining the fields via the setting page:

This will generate a simple piece of short code that you can paste into the page or post you want to add the form to.

SyntaxHighlighter Evolved

If you are adding code samples to your site it is much nicer to present this to your user in a color coded, numbered and structured manner. With SyntaxHighlighter Evolved you get this and much more. Some of the languages supported are:

• JavaScript
• PHP
• Python
• Ruby
• Java
• SQL
• CSS
• HTML

Beyond the standard default display of your code snippet there are several configuration parameters you can use to further enhance the display of your code. Some of these are:

• autolinks (true/false) — Makes all URLs in your posted code clickable. Defaults to true.
• collapse (true/false) — If true, the code box will be collapsed when the page loads, requiring the visitor to click to expand it. Good for large code posts. Defaults to false.
• firstline (number) — Use this to change what number the line numbering starts at. It defaults to 1.
• light (true/false) — If true, the gutter (line numbering) and toolbar (see below) will be hidden. This is helpful when posting only one or two lines of code. Defaults to false.
• wraplines (true/false) — If true, line line wrapping will be disabled. This will cause a horizontal scrollbar to appear for long lines of code.

For the complete documentation of this plugin head over the WordPress Codex entry.

There you are 17 WordPress plugins to get you off to a flying start. Which other plugins or manual changes can you suggest to improve performance and security? Any plugins you rely on that I missed? Looking forward to reading about all of them in the comments.