My concerns on the ‘most popular’ WordPress plugin of the moment: Jetpack

september 5, 2017

LAST UPDATED: FEBRUARY 2019

Jetpack is one of the most popular WordPress plugins. Yet I rather don’t use Jetpack in any of my projects. Even though it may seem to be the best option available sometimes, it actually says more about the (lack of) quality for the alternatives.

Connect it with wordpress.com

The reason why I don’t like Jetpack has nothing to do with performance for me. I leave that discussion to the WordPress ‘speed scientists’. I simply do not like the fact that I have to connect to WordPress.com. On that note: I sense there is a trend going on where theme and plugin devs want you to connect with their system in order to get something. These can be updates, notifications, support or you name it.  Before you know it a single website has 3 or 4 cross domain connections. That can’t be right… Therefor I try to limit the amount of connections to only the ones that I find really important and trust. And Jetpack isn’t one of those.

To be honest I don’t understand why they want you to connect. It’s not updates. These happen through the repo anyway.  I suspect it has something to do with data and tracking as a currency for you to be able to use it. It may be in their right (or not) but I don’t like it. Sure I can put it in dev-mode and still use it’s main features. The fact that this isn’t the standard makes me feel uncomfortable.

Update 2019

I just came across this tweet-thread. It gives you quite an insight on why Jetpack kind of forces you to connect the software. It’s even worse than I thought at the time of writing this post nearly two years ago. Open the thread and read it all.

Security

Another reason why I’m not so fond of Jetpack is that I don’t like to have code in my WP install that is not going to be used. One of WordPress security best practices is to delete plugins and themes you don’t actually use. Yet with Jetpack you may have a lot of modules just waiting around in order to be activated. Even though Jetpack is maintained very well by a professional team, the implications of a vulnerability can be huge. You may end up with (temporarily) deleting Jetpack,as disabling isn’t enough, and loosing all the functionality along which leaves you with a kind of broken website.

Don’t lock me in

In conclusive I will not consider Jetpack in order to gain some functionality to the websites I built. I rather choose a similar free or premium plugin or write my own code. That’s why I’m disappointed by the fact that more theme devs team up with Jetpack and lock in Jetpack functionality in order to get the best out of the theme.