Hacker News new | comments | show | ask | jobs | submit login
Show HN: I Write In-Depth Wordpress Plugin Reviews (wpplugincheck.com)
104 points by shash7 4 months ago | hide | past | web | favorite | 36 comments

Hey, I like your idea.

I'm not accepting clients, so this is not a plug, I'm just saying this to frame where I am coming from. I do audits and WordPress code reviews for folks like junior college districts and largish content marketing sites; these range from load-testing and auditing the servers to examining the code quality of custom plugins and themes. I also do a lot of one-off and custom WP work for similar levels of clients.

Here's one element that you might find useful that I wasn't seeing in your reviews and that I don't see in a lot of reviews (because it's a pain in the butt to do the work to uncover):

looking at the hooks/ expandability of the plugin.

Like, you might audit the actual code quality and see how easy you think it might be to accomplish various customizations without, say, forking the plug.

I'm always surprised at the variability on this point among various plugins. Some plugins are filtering all kinds of things, some don't filter much at all. Some have really flexible and easy to modify CPTs, some have a ton of functionality hard coded. Some things have really baroque systems that would be easy to expand, but they are written using some crazy complicated architecture and you have to do hours of reading code to understand what you'd want to do.

A second thing that you might look at is the nature of "paid-ness" of the plugins. There is one business listing plugin (which I hate writing extensions for) that basically breaks the site if you don't re-up the subscription every year. There are other plugins that play nice-- you buy them once, and they work everywhere just fine and if they release a new major version you can buy it again. I don't like paid-for commercial stuff in GPL, but that's at least reasonable. What isn't reasonable are licensing schemes that do things like break local/staging/test/prod environments because the license is tied to some crazy thing like the URL.

Anyhow, it's a pretty site, so I wish you well.

I’d like to second the comment about url binding. Using a host like WPengine and similar allow for rapid creation of clone environments where one can test things out, code or content related. But if I have to go and register domains on another party site it takes what would be a cool feature and drags a lot of time in to something that should be otherwise solved. The workflow of the above also makes a lot of assumptions about who has access to the 3rd party plugin accounts. Testing some css with a contractor shouldn’t mean they need to login to all plugin accounts.

Also to add on the code quality. It would be nice to know if the plugin properly registers styles and js. A ton of plugins arbitrarily inject to header or footer or inline or all three. One of the first things I do when we test a plugin is to see if it functions as needed and then I go see what wreckage it has caused to the html/perf. I then decide if I can live with myself.

To all Wordpress plugin developers. I’d easily pay 2-10x for higher quality considerations. Most plugins I find so cheap $ they take away my ability to complain or have a high expectation.

Maybe we need a linter for plugins, and a score board or minimum score requirement for premier listing on wordpress.org...

To that list I'd like to add documentation,as well as support. I know the cliche "code should be self documenting." But that's rare. Even so key sections should set context.

A free plugin isn't free if you have to slave through the code trying to sort somwthing out.

Hey thanks for the writeup!

Code review/table structure, etc are highly requested featured right now. I'm working on it but I don't want to rush and put something wrong out there.

I don't understand your second point. Can you point me to the plugin which keeps breaking after the license expires.

"I don't understand your second point. Can you point me to the plugin which keeps breaking after the license expires."

Well, that, once again, is a pain in the ass to find.

For instance, there is this business listings plugin:


Personally, I found it a massive pain in the ass to use, but on top of that the add-on plugins are setup to work only with the specific version of the main plugin. So you can't update just one, you have to update them all, and you have to pay for them all each update== regardless of if there is an actual change to the software.

IMO, that's BS. The WordPress community, in general, disagrees with me, but whatever :D

Another example is that ACF used to (and maybe still does, I have an unlimited license and this doesn't seem to be a problem) set its license based on the URL of the site, so if I clone the site to another URL (like for staging on WPEngine) then the key is no longer functional and the plugin breaks.

I'm not sure about the businessdirectory plugin but I can vouch for ACF. The plugin doesn't break if you remove the license key. In fact, you can actually give someone the pro version's plugin folder and they can use it for free(it just won't be able to update that's all)

Perhaps this used to happen in the past but not anymore.

Not the OP, but what he likely means is some plugins calling home using a unique url tied to the licence, that can then be removed to revoke the ability to use the plugin.

Plugin developer here. Just had a look at some of the review... they are in no way in-depth.

I would call them plugin descriptions at best, but not reviews. Each of the bigger plugins like Gravity Forms or Advanced Custom Fields has so much functionality under the hood that I feel you're not even touching the surface.

Again, good and possibly useful description of each plugin, but they are not in-depth reviews.

Hey folks I write in-depth Wordpress Plugin reviews. So if you're on the ledge about buying or installing a particular plugin you can check out my reviews.

I keep this in mind while reviewing plugins:

- Functionality of the plugin

- Any security issue the plugin has

- Support offered by the devs as well as the pricing

- Any weird gotchas or unexpected behavior with other plugins

Recently I posted an in-depth review of Carbon Fields and ACF.

Let me know what you think about it!

The TinyMCE review, at least, has a bunch of spelling mistakes and duplicate words / broken sentences. Would be worth doing a once-over of the article.

Yeah I kinda pushed it today. Gonna spellcheck it tonight.

I'm quite proud of the plugin I wrote so I'm going to plug it here: https://wordpress.org/plugins/revisionize/

Looks good bro. You getting feedback from paid users?

This is great. What we really need is a curated list of good plugins.

This is great. One piece of feedback, about the reviews themselves: Every time you use parentheses, there’s no space between the preceding word and the opening paren(like this).

I only read through the ACF review, but I saw it a number of times there.

Interesting you say that. Where are you from?

The reason I ask is I've always learned to put a space in front of the parentheses and a quick Google search also only yields sources that say to do so. That being said, I'm American and my Google sources seem to be mostly American sources. Are you British, perhaps?

I think he's saying that the article omits that space, but should include it.

Could be a play on the WP coding standard which I believe is generous with spacing and parens :)

Probably not, but it sounds like good spin.

Hmm I though there's no space traditionally. I'll check it out.

Are you from India? I checked out your LinkedIn (HN profile > Website > LinkedIn)

Apparently there are others who have asked the same https://www.quora.com/Why-do-many-Indians-not-use-spaces-pro...

For the link, I don't use WP myself but if I ever do I'll find this post again.

I think the custom is different depending on where you're from. I'm American and I have always used a space between the text and the opening paren. On that note, another American thing is to put two spaces after a period (something I've long stopped doing).

I think two spaces after a period is more of a typewriter bad habit than American thing. Back when you had a single monospace typeface, I think it just made things more legible. People who learned it then passed it on to generations who never used a typewriter.

anecdotal, but when I was in grade school (in the US) I was taught that it was a MLA rule to use two spaces after a period. I had teachers that deducted points from a paper if the extra spaces were missing.

Good on you for this contribution. Plugins can be a liability in so many ways. I remember almost a decade ago, a favorite plugin of my clients' was sold by the original dev to a third party. From that day on the quality of support and release schedule both took a dive, and soon after we started receiving telecommunications product spam from the new vendor. Like telephony solutions, which were completely unrelated to the plugin.

After having spent hundreds of hours customizing that plugin, this was a devastating experience. I'm still leery of plugins and rarely install anything that could leave me stranded if it went unsupported one day.

Yeah they can be downright dangerous. Some time ago, hackers got access to a plugin on wordpress.org and injected it with malicious code. Nobody even knew until Sucuri released a blog post about it.

At wpplugincheck we verify the plugin is clean by checking for any issues at wpvulndb. I'm also looking at automating plugin code testing.

Cool site! I recently made a plugin to turn WordPress into an academic labbook and found that the ecosystem is so, so full of absolute rubbish. If a plugin isn't immediately and continuously bugging you to buy the pro version, it's modifying core WordPress look and feel (either admin or public facing pages, or both) in such a fundamental way that it is an eyesore. No, I don't want your crappy little plugin with grammar and spelling mistakes to have its own top level menu on the admin dashboard.

In my plugin therefore tried to do things properly and avoid changing too much core functionality. It would be great if your site could review plugins on that sort of criteria.

My plugin (basically finished but not fully tested)) for anyone that's interested: https://github.com/SeanDS/alp

Very useful. It may help to be explicit about relationships with the makers. Something like a blanket statement of “I don’t get paid for writing reviews and don’t accet sponsorships” or “I review on request if the makers but don’t charge them for it.”

It could also help to know the spread. Why % are 4 stars? 5?

Yeah that's true. I'm redesigning the site currently and all these notices will be in new site.

Looks good for the most part. That said, I do feel like you should maybe go into a bit more depth about certain things, like how quick/detailed support responses are (if possible), the quality of the code itself, the viability of the pricing schemes, etc.

But that's just my opinion here.

I agree. These reviews were pretty light on content few months ago but they are constantly being updated. In fact I just updated Updraft's review today based on a user's feedback.

Reviewing the quality of code is not exactly straightforward. Right now, I'm looking at how to address code review/table structure/api access of plugins while keeping the review concise enough so that non-techy Wordpress users can understand.

Maybe another page for the tech side, so those interested can read it and those aren't can skip it?

If that fails, a (hidden by default) box with the content could work. Have it open when they click some button or what not.

If you're anything like me this may have been inspired by some plugins you absolutely hate. My advice would be to get a couple of 1 star reviews up, knowing which to avoid is maybe more powerful than the plugins to install! Keep up the good work :)

Yeah true. I'm gonna review Visual Composer in the near future :P

stupid question but, what is the business model with plugin reviews?

Nothing stupid about it. The plan is to support the business with affiliate links to the plugins and get some sponsorship on the side.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact