If there were no plug-ins, the World Wide Web as we know it today would probably be a little different. A lot of features that we use without really thinking about them are only possible because a plug-in performs tasks in the back­ground. Every time we click on a video or open a document in a web browser, these helpful browser add-ons ensure that we actually see the in­form­a­tion we want. But what is a plug-in exactly?

Cheap domain names – buy yours now
  • Free website pro­tec­tion with SSL Wildcard included
  • Free private re­gis­tra­tion for greater privacy
  • Free Domain Connect for easy DNS setup

What is a plug-in?

Plug-ins are small add-on programs that extend the func­tion­al­ity of web ap­plic­a­tions and desktop programs. When you install a plug-in, your software is usually enhanced with a new feature that it didn't have before. You're probably already familiar with plug-ins for web browsers. For example, if you want to display PDF documents in your web browser, you first have to install a plug-in for Adobe Acrobat Reader (or another PDF program), otherwise your browser won’t be able to process the data.

However, plug-ins are not only used in web browsers, they are also commonly used in all kinds of programs and ap­plic­a­tions. No matter where they are used, the principle is always the same: By in­stalling a plug-in, you add new features to existing software without having to rewrite the entire program.

Plug-ins are im­ple­men­ted using stand­ard­ised ap­plic­a­tion pro­gram­ming in­ter­faces (APIs). APIs use shared libraries to stand­ard­ise the transfer of data between different parts of a program. Put simply, a plug-in uses certain elements of the host ap­plic­a­tion without changing its source code. This makes it easy to install a plug-in as an add-on component.

Note

Plug-ins were first used in the 1970s in text editors such as Hypercard or the QuarkX­Press pub­lish­ing software on Apple Macintosh computers. Silicon Beach used plug-ins to expand the func­tion­al­ity of graphics programs such as Digital Darkroom and Su­per­Paint. The company is also credited for having coined the term ‘plug-in’.

What is the function of a plug-in?

The purpose of a plug-in is to add features to web ap­plic­a­tions or computer programs. For example, if a company wants to encrypt its internal email com­mu­nic­a­tions, it can develop and install a special plug-in if the email client doesn’t support this feature by default. Since plug-ins merely extend existing programs, they can only be used in con­junc­tion with the host ap­plic­a­tion and can never be used alone.

One advantage of plug-ins is that you can easily add new functions to programs and ap­plic­a­tions without sig­ni­fic­antly in­creas­ing the size of the host ap­plic­a­tion. The program code with the new features is out­sourced to the plug-in. When you uninstall the plug-in, the ap­plic­a­tion is auto­mat­ic­ally restored to its original state. In addition, plug-ins allow third-party providers to expand an existing program without having to make any changes to the actual source code.

What are the different types of plug-ins?

Nowadays, there are plug-ins for almost every area of software and for all types of programs. You’re most likely familiar with plug-ins for web browsers such as Firefox or Chrome. You can use these browser plug-ins or add-ons to modify the ap­pear­ance of your browser, for example by adding toolbars or ad­di­tion­al search functions.

You can also use browser plug-ins to display certain ad­di­tion­al in­form­a­tion or media in your browser. Examples of popular browser plug-ins include Flash Player for flash videos or Acrobat Reader for viewing PDF files. Most browsers now support a wide variety of file formats. As a result, many browser plug-ins that were once popular have fallen out of use.

In addition to plug-ins for web browsers, there are many other types of plug-ins, including:

  • Audio plug-ins: Audio plug-ins are used in digital recording studios to create certain sound effects or to simulate musical in­stru­ments. Whereas tra­di­tion­al recording studios have to purchase real in­stru­ments or equipment, digital studios can simply install a plug-in in a virtual software en­vir­on­ment.
     
  • Graphics and video plug-ins: Graphics programs like Photoshop make use of plug-ins to add new effects or to support certain file and image formats. Video plug-ins are mainly used in media players to ensure that the player can play videos and files in specific formats (such as MPEG, AVI, WMV, etc.).
     
  • Social plug-ins: These plug-ins can be embedded into your website so that the site is linked and in­teg­rated with popular social networks such as Facebook or Twitter. You can use social plug-ins to add functions such as liking, sharing or com­ment­ing to your website.
     
  • Plug-ins for in­teg­rated de­vel­op­ment en­vir­on­ments: You can use plug-ins to add support for ad­di­tion­al pro­gram­ming languages in in­teg­rated de­vel­op­ment en­vir­on­ments (IDEs). Some IDEs such as Microsoft Visual Studio can be com­pletely in­teg­rated into other programs using plug-ins.
     
  • Email plug-ins: Email plug-ins are often used to add en­cryp­tion methods, tracking functions or pre-built templates to email clients.
     
  • CMS plug-ins: Content man­age­ment systems like WordPress are extremely popular, in large part due to the thousands of plug-ins available for these systems. There is a dedicated plug-in for almost every con­ceiv­able function. That way, even beginners can quickly create their own custom website. Advanced users can even develop their own WordPress plug-in.
Tip

We put together a list of the best Wordpress plug-ins in a separate article.

How secure are plug-ins?

Plug-ins always present certain security risks because hackers can use these add-ons as attack gateways. In recent years, attackers have in­creas­ingly exploited plug-ins (es­pe­cially browser add-ons) in order to spread malicious code and gain un­au­thor­ised access to websites.

There are many reasons for this trend. One reason is plug-ins have a large user base. Popular plug-ins are often installed by millions of users. If hackers manage to exploit a security vul­ner­ab­il­ity, they can po­ten­tially reach a large number of victims. In addition, plug-ins are used in many different areas and cover a wide range of ap­plic­a­tions. This means that the security risks are not limited to a specific target group of users.

Another fun­da­ment­al problem: Many plug-ins (such as WordPress plug-ins) are developed by single in­di­vidu­als or hobbyist pro­gram­mers. As a user, it’s often im­possible or difficult to determine how clean the code really is and whether it has vul­ner­ab­il­it­ies that cy­ber­crim­in­als could exploit. Even more prob­lem­at­ic are plug-ins that are spe­cific­ally pro­grammed to spread malware, spyware and other malicious code.

That's why it’s important to choose plug-ins carefully. Most im­port­antly, always use plug-ins from reputable sources instead of just in­stalling the first plug-in you come across with features that sound in­ter­est­ing. Ul­ti­mately, even plug-ins that are installed but not activated can pose a threat. Last but not least, always keep installed plug-ins up to date by in­stalling the latest updates to eliminate known security vul­ner­ab­il­it­ies.

Note

Of course, plug-ins are not in­her­ently unsafe. Nev­er­the­less, if your company is con­sid­er­ing using plug-ins for online services, your corporate network or websites, we recommend per­form­ing a com­pre­hens­ive risk as­sess­ment of your existing server and IT in­fra­struc­ture. Otherwise, an attack could not only com­prom­ise sensitive company data, it could also affect potential customers. That’s why you should always consult qualified IT spe­cial­ists whenever you use plug-ins at your company.

Go to Main Menu