Okay, so I almost feel guilty about the clickbait title. Almost. But not really; I think that today’s post is something that many store owners should be aware of, so I’m trying to use the clickbait powers for good.
Anyway, the point is that you should answer, “No” to that question — unless of course the author is being generous.
I have lots of people that contact me each week asking for advice, which plugins they should research, etc. These people want help setting up an online store, so I try to point them in the right direction if I can and if I have time.
However, there are many times that I’ll suggest a premium plugin option that will do what they need. Sometimes, people thank me for the help at this point, but sometimes people tell me that the plugin is too expensive, or it’s not in their budget, or they think it’s a rip-off so they can’t buy it right now. Isn’t there a free option? Or can they just download it?
People, hold the phone. The most expensive plugin I can think of off the top of my head is probably $249. Seriously, you want to run a business without making a few hundred dollar investment?
I know you may have heard this before. I know it’s unpopular of me to say. I know that budgets are sensitive, and that obviously you don’t want to spend more than necessary. I get that you probably have to buy a lot of plugins, and $29 here or $49 there adds up, and you have to pay for hosting and domains and SSL certificates.
Your site costs can add up to thousands of dollars. I know that. I really do. I’m not making light of it, but I don’t buy this as an excuse for what typically happens next.
So you might make a choice. You buy plugins you think you might need support for, and then you might Google, “Plugin Name nulled” to find others for free. People do this so often Google auto-suggests it for me every time I search for a plugin name even though I’ve never actually typed the phrase “nulled” myself.
Does this really do any harm? I mean, you’re getting the same thing, right?
Aside from the fact that if you want updates to your software you should support them (though that’s a post for another day), no. It’s not the same. You’re not only putting your business at risk – and really, you don’t think your business is worth a $49 investment?! – but you could be compromising your customers. Fox-IT published a study in the past week showing that several sites, including the most popular “nulled” software sites, contain malicious backdoors in the software provided:
While investigating the ‘nulledstylez.com’ website we found that every pirated plug-in, theme and extension contained the same backdoor.
This isn’t a unique study. Sucuri has uncovered the same issues with free versions of premium plugins.
This isn’t unique to the Nulled Stylez site, either. The organization behind this campaign runs several sites. I found the Fox-IT study via ThreatPost, who describes that the backdoors are typically used for Blackhat SEO (which can hurt your site’s SEO), but these backdoors could be used for almost anything. Do you really want backdoors in the plugins you use for payment processing? For gathering personally identifying information from your customers?
For example, I once had someone say they couldn’t afford WooCommerce Subscriptions. If you can’t afford $199, you probably don’t have enough customers yet. Manually create renewal orders for each and customers can log in to pay each month. This is more work for you and you may lose renewals, but you can then purchase the extension to automate this once your revenue supports it. This is way better than exposing your site by downloading a nulled version.
If your business and your customers matter to you, then invest in taking care of them.
So why am I writing about them now? Because I know several people who download premium software, but this particular site was quite popular. I know that many of these people think there’s no harm in doing so, and I hope that this helps to open their eyes to how important the software is that runs their businesses. If you’re going to choose to download software from a source outside of the original author, then you should do so knowing that you take a risk.
You can launch a site for very little money — especially compared to launching a physical retail store. Here’s the cheapest method I recommend:
- Buy a domain name at NameCheap. I wish you’d choose someone else to do your DNS hosting, but it won’t be the end of the world if you leave it with NameCheap for now, and they’re a company I trust in terms of security and taking care of their customers.
- Host your site at SiteGround. I typically recommend their GoGeek plan, which will run you $15 per month for the first year of hosting. It offers the features you need to make sure your eCommerce site is secure, performs well, scales reasonably, and you can test out new plugins, themes, or updates on a staging site.
- Use one of the many WordPress eCommerce plugins we’ve written about. Most of them are free with paid extensions or are relatively inexpensive.
- Find other free useful plugins or themes on WordPress.org. Here you can typically find extensions for these eCommerce plugins that have been code-reviewed and tested. Themes are also reviewed rigorously before they can be posted, and there are several themes that integrate with eCommerce plugins available.
- Last, buy plugins from the author if you find that you need something else that you can’t get for free. If you’re not sure who the author is, email me or fill out our contact form and I’ll be happy to track down the author for you.
This may mean that you can’t afford all of the plugins or themes that you want. This is typically where the choice comes in: do you download it or wait until you can afford it? I really hope this has shown that the latter option is the only path that makes sense if you want to build a legitimate, sustainable eCommerce business.