We are often asked about WordPress as a content management system (CMS).
That’s not surprising because it is the most used open source CMS in the world. And because it is so popular, it is also a magnet for critics – many of whom are WordPress’ competitors.
Two criticisms that aren’t based on fact revolve around security and speed.
WordPress is a secure platform. Think about it: would technology leaders such as Microsoft choose WordPress if it was a security risk?
The caveat is that any open source CMS that is not updated will eventually become vulnerable, WordPress included. Security issues are typically related to websites where companies “set and forget” – and therefore do not have an upgrade plan in place.
WordPress must be kept updated. Hackers never sleep. WordPress is a big target. But if you keep your site up to date with the patches and new versions that are regularly releases, the chances of being infiltrated are not a concern.
It’s more important to focus internally. It is much more likely that one of your systems will be hacked not because of technology but because a staff member has fallen prey to a scam, you use weak passwords etc.
However, large and sophisticated clients such as Microsoft, continue to use it because it has many benefits and the security risks for a well-managed site are not significant.
Some of the WordPress sites Boylen manages are subject to third-party penetration tests. Our clients organise an attack or an infiltration to try to steal the company’s “crown jewels”. With high security hosting and continually updated WordPress websites, we have never had a serious issue.
The other security issue to consider is “security of supply”, which Covid-19 has shone a light on. A CMS that is not open source is not a bad CMS – but it will have fewer web developers with the skills and experience to work on it. With WordPress, you will never be locked into one provider because there are thousands of WordPress developers in South Australia.
The other concern we hear is that WordPress is slow. For the record, it’s not – and this has been proven time and time again.
However, the way some people misuse it makes their sites slow. Of course, the same applies to all content management systems. If you install a widget or plug-in that hasn’t been tested properly, you may find it affects speed. Or a member of staff might add a stack of images to a page, without optimising them for speed. Another mistake can be adding large videos to a page, rather than using WordPress or Vimeo, and embedding that into your site.
By deploying quality hosting, with proper configuration (eg. caching), quality control of external scripts, optimising images etc, you will normally not have an issue.
WordPress does in fact ‘tick the boxes’ when it comes to security and speed, as long as you approach it professionally.
The bottom line is that as the world’s most popular platform, WordPress is the subject of many unjust criticisms from its competitors. Do your own research.