January 18th, 2015 → 1:44 pm @ iowawebguy // No Comments
Lately, I’ve been asked a lot if the WordPress platform is a good to build a website.
WordPress is the largest blogging platform on the Internet. It was first created in 2003 and today accounts for more than 20% of websites on the Internet.
I use WordPress for all of my blogs and most of my client blogs. After all, it’s was built for blogging. It is also very quick and inexpensive to setup. There are thousands of free (or inexpensive) templates, plugins and widgets you can use on your WordPress site.
However, its popularity is also its Achilles heel.
Because of its success, people have started expanding its capabilities to fit their other website needs. It has been reverse engineered into a content management system. This has created a firestorm of headaches for clients because this functionality was never intended to be there; it was added in down the road as an afterthought.
There are already plenty of blogs (see links at bottom) on the Internet tearing apart WordPress from a technical standpoint; but, as you know, I like to translate to the non-technical side for my readers.
As I mentioned before, there are several components (themes, plugins and widgets) on top of the “core” WordPress code. WordPress is constantly being updated to add functionality and improve security issues. When WordPress is updated, it forces the other components to be updated to be compatible so they work together… and down the line. When a theme is updated, the plugins and widgets must be updated to be compatible so they work together. When they’re not updated or not compatible all hell breaks loose.
All of these components must be updated. Who is ultimately responsible to make sure these components are updated and compatible? Not you. Not your ad agency. Not your web developer. The person who actually created the component. Where are they? What is their name? Are they getting paid? Is it a priority to them?
WordPress is open source and all the code is available for the public (even hackers) to view. That means hackers can openly look through the code to find vulnerabilities and exploit them. Since the WordPress code is the same on ALL WordPress sites, if ONE website is hacked they ALL can be hacked. That’s why hackers attack WordPress; they just have to hack one site and they have access to millions! That is really scary when you’re storing sensitive business and customer information.
One of the results of hacking is the installation of “malware” or viruses on your website. Your visitors can obtain viruses from your website. If that’s not bad enough, your website content also changes causing damage to your search engine results. Furthermore, you can become blacklisted from search engines and visitors will see nasty warning messages instead of your site.
While a WordPress site may be inexpensive to setup, it can become costly very quickly. When plugins are added willy-nilly, without research and testing, this can cause issues down the road you may not see for months. Proper maintenance can also help keep your site up and running. However, proper maintenance is very costly. When (not if) you get hacked, your site will be down for days waiting for a fix. Over the long run it is cheaper (and more peace of mind) to just have your website custom-built outside of WordPress from the beginning.
Malware and Hackers can overtake your Search Listing!
This an actual Google Search Result from someone that called and needed help!
This is the HTML from their website that the hackers placed!
This actual HTML code from their website! What a nasty mess!
People call and beg me to fix their WordPress website. Their “developer” added a bunch of plugins to add functionality. Either their developer flaked out and got in over their head or the plugins they used were no longer being updated and could no longer be used and the developer didn’t know what to do because they weren’t actually a developer (What a great time to find this out). The developer gives them every excuse in the book saying there’s “nothing we can do” or “it’s not our fault.” It’s a cluster mess and they usually have me develop it custom in .NET because they don’t want the headaches. There’s nothing fun about spending money twice, right?
I am NOT knocking WordPress for a blogging platform. However, if you need more than a blog or a few simple pages without any functionality, I would not advise anyone to use WordPress for their website.
When you’re hiring someone to develop your website, you need to know what content management system (CMS) they are going to use for your site. What is the plan for updates and maintenance? How is sensitive business or customer data being stored? Are they a “certified developer” by any reputable source? Ask for references!
If you’re paying more than a few thousand bucks for a WordPress site, you can have something custom developed without the headaches for around the same cost over the long run.
As always, if you have any questions, feel free to contact me.
— Iowa Web Guy
Here are some links to relating to WordPress and the more technical issues:
Here are some links to relating to WordPress on hacking and malware:
Blog &Questions &Search Engines &web development &Web Strategy &WordPress
 |
 |
 |
 |