Replace nRelate Related Posts Plugin with the best alternatives
What should you do now that nRelate is shutting down? What's the best nRelate Related Post Plugin alternative for WordPress?Read More
The last few years haven’t been the best for what was once the pick of social media sharing plugins: Social Warfare. Since their 2.0 release, there have been constant issues with update procedures, missing functions, and other code quality or deployment problems.
Today, an update to the plugin introduced Zero-Day exploits which were duly exploited to redirect users to undesirable websites. This impacted a subset of our clients who still use Social Warfare, and we want to make it easy for them — and maybe you — to find alternatives to Social Warfare and move away if you want. At the end of this post, we’ll also talk a little about our security stance and steps, in the light of this incident.
Alternatives to Social Warfare
You may be asking yourself: What plugin I can use to replace the Social Warfare Plugin? or What is the best social media plugin for WordPress? We are here to help you answer that question! We have listed below the 5 best plugins that our clients are already using, we tested, and that you can start using right now. We can’t guarantee the performance or security of any third party plugin.
1. Social Pug
Social Pug currently has over 60,000 active installs with an impressive 4.8 out of 5-star rating.
In our exclusive Facebook group, Social Pug was the most recommended by our clients by far! A lot of people were already using it, and we have been hearing good things about it from them. There is an option to import Social Warfare settings into Social Pug, which can shorten your setup time.
The free version of the plugin comes with five of the biggest social media platforms, mainly Facebook, Twitter, Google+, Pinterest and LinkedIn.
For each social media platform, you can customize the social share button to your liking. You can choose to have a simple social media icon share button, a share button with a bold label to catch the eye and even social sharing buttons with social share counts so that your visitors have social media proof. We don’t recommend using social share counts though!
You can read more and download it here.
2. Scriptless Social Sharing
Scriptless Social Sharing is a lesser-known plugin for social-sharing, with 4,000 active installs and a really impressive rating of 5 out of 5-stars!
People like using this plugin because of its simplicity and lightweight approach. By avoiding all the tracking scripts that come with many buttons you make your site faster and reduce privacy compliance issue. It comes with 9 social media platforms to share on your website: Facebook, Twitter, Google +, Pinterest, Linkedin, Pinterest and even WhatsApp and Reddit!
The sharing links use the most basic methods provided by each network. There is no JavaScript, nothing fancy included in this plugin, so if you want fancy, this is not the plugin you’re looking for. It just builds a set of links.
You can read more and download it here.
3. Sassy Social Share
Sassy Social Share is a well known free social sharing plugin, with more than 80,000 active installations and an impressive 4.9 out of 5-star rating.
If you want a LOT of social sharing options, this will be a good choice.
The mains differential of Sassy Social Share is that it enables your website users to share the content over Facebook, Twitter, Google, LinkedIn, Whatsapp, Tumblr, Pinterest, Reddit and over 100 more social sharing and bookmarking services, so no matter what social network you want to share you will probably have no problem here.
Remember: more options on your site lead to tired servers, and tired users — try to target your sharing rather than create overwhelm for them!
Look at all those options that you can share!
The settings are really straightforward too, so you can have all these social media sharing buttons working on your website really quickly!
You can read more and download it here.
4. Jetpack by WordPress
If you already use Jetpack, one of the most popular WordPress plugins with more than 5 million active installations, you don’t need to install any new plugin to do social sharing. All you need to do is activate the Sharing Module and choose your desired sharing buttons, he has more than 10 social media platforms available!
Jetpack does add some overhead, so if you’re not using it, I’d consider one of the other options first — but if you already have it, turning on this option can be an easy next step.
You can read more and download it here.
Thanks, especially to the Performance Foundry Success Network, for making recommendations based on your experiences!
WordPress has a lot of very good social sharing plugins, and you can try and see what fits best for you. The perfect solution for one site might not scale well to your next 10x visitors, or play nicely with another plugin, so one size does not fit all! We hope this post helps you to find the best alternative to the Social Warfare plugin!
Performance Foundry, security and Social Warfare
Performance Foundry manages specialist WordPress hosting and WordPress retainers for companies around the world. A small subset of those hosted clients were impacted by the security issues in Social Warfare today.
The first we heard about it, late on Thursday, March 21 GMT, was an email to our helpdesk saying a site was acting strangely and redirecting to other sites. We immediately started an investigation and involved our security partners. Within 20 minutes we had isolated the issue and realised that it was tied to Social Warfare. We immediately created a plan to identify impacted sites, then backup and deactivate Social Warfare across our network. With our Customer Service Director in the air, our newest staff member, Victor, came on point for communications. Talk about a trial by fire! Senior developers coded and deployed the fix, and validated that sites were back to normal — sans sharing buttons. It was around an hour after first contact. At that point, we could take a deep breath and start looking at proactively contacting people.
The WordPress security team was already alerted, independently, and they pulled the plugin from the repo during our own handling of the incident to stop further downloads. Our security partners were obviously aware, and everyone who had emailed us had also received a response. We decided to issue a system-wide update to all our hosting and retainer clients, and sent updates by both email and Facebook group. At this point, official channels had started reporting on worldwide issues as well.
Our senior developers continued looking at the impacted sites and identified the malicious code injected into the database. This was also checked for across all sites on our network and cleaned up with a series of database operations. We decided to recommend a switch away from Social Warfare, rather than recommending re-activating it.
Security is a massive issue in the online world, and it’s one that’s picking up speed rather than decreasing. As a WordPress services provider, we try to create the safest possible environment for our hosted clients including investigations like this one, a web application firewall and security scanning by default for all clients, and a server environment that’s multiple times more secure than the standard. We see tens of thousands of potential attacks every day. Sometimes every hour.
Incidents like these are not ideal, but we have policies and playbooks in place to deal with them promptly and thoroughly. We’ll be reviewing our post-incident report next week to see where we could have been that little bit faster, or possibly pre-empted the issue, but overall it was a prompt response to a serious exploit in the wild.
