WordPress remains a common tool for website development but it’s important to know the limitations involved and when other tools should be considered.
Whenever you utter the term “WordPress” to a group of people, you are likely to elicit several responses ranging from those who utterly hate it to those who love its ease of building out a website or blog. WordPress is not all bad. If all you want is a nice little space on the web where you can share your thoughts, photos, etc., and aren’t looking to build out a national (or international) website, then I have no issue with you wanting to use WordPress.
However, if you’re looking for a marketing tool that also allows you to perform online sales, I would say steer clear of it (especially if you’re working on an international level or in the realm of drugs, pharmaceuticals, life sciences, etc., as they tend to be the most attacked). If you do choose to use WordPress, be very careful of using the software. Why you ask? Read on…
Convenience and Performance
For the few of you who may not know what WordPress is, it’s mostly a free and open source content management system. When WordPress came out back in the early 2000s, it was a great tool for the blogging community because you could quickly build out nice looking websites and even have access to the code to do things very specific for your website.
Being an open source project, it encourages people to create things to better the users’ web experience, or simply fill a need that the next person could use to supplement a project they are working on. However, because you are relying on someone else’s code with these additions, you may never know exactly what you may be getting.
Just because you find something that may work for you doesn’t mean that the solution isn’t without security holes. I want to believe that most programmers are aware of this and try to lock down their code as best as they can, but sometimes you have those few rogue programmers, or the ones who simply don’t care and just want their module “to work.” And this isn’t just limited to WordPress – the same idea applies to any of the content management systems out there that are built on a community’s worth of code.
Popularity and Security
WordPress runs millions of websites across the internet. I have seen estimates suggesting as high as 30% of all websites running on the web use this software. And when you have that many sites running a specific program, you’re bound to have a few people who know the ins and outs of the software and what they can and cannot exploit. It has been documented over the years that there are many deficiencies with the WordPress programming that will allow the right person to do wrong with your website. The February article on Networld.com “Is it time to give up on WordPress sites?” looks at this very issue. The idea behind the article has to do with security, and that is a big deal nowadays. If you really insist on using an open source program such as this, make sure you are not only investing the time to make a great website, but also in making sure that it is a safe and secure experience for everyone, because just running WordPress “as is” is asking for trouble.
I have addressed this many times before, but I would always start with the basics when it comes to securing your website. Begin with using a tough password for both your hosting and WordPress login and change them every so often. You should also make frequent backups, or use a hosting provider that will do this for you. That way, if something does compromise your website, you can revert back to a previous iteration and get your website back up fairly quickly. When it comes to the actual protection of your files and helping to keep malicious users out, I would recommend using a trusted hosting provider and looking into options they have for keeping your website secure. If they don’t offer such security services, look into adding a company that specializes in things of this nature, like SiteLock.
Utilizing all of these options won’t guarantee that you won’t get attacked, but it will help minimize those chances if you really do want to stick with WordPress. Just make sure you know what you’re getting into, and if you ever aren’t 100% sure about using the program or a plugin, ask somebody who has some knowledge in this area. It’s always better to be safe than sorry.
About The Author
I have been a web programmer for nearly nine years now and have been involved with several projects that utilized WordPress in one shape or another. In those projects, WordPress has given me my fair share of headaches. While there are real benefits for small-scale website projects, companies still need an expert to guarantee the security of their site. Like most programmers though, if I never have to work with another WordPress installation, I won’t shed a tear.