If you’re like most people, you’ve probably either started using WordPress for your website, or you’ve at least considered it as an option. After all, WordPress powers % of all websites and is trusted by millions of people. It’s also optimized for SEO, well-supported, open source, and free.
WordPress has a lot to offer, but there’s another perspective you need to consider that you may not be aware exists. Not everyone thinks WordPress is the best content management system (CMS) out there. Despite all the benefits and positive aspects, there are numerous reasons not to use WordPress for your website.
There are always cybersecurity risks associated with using a content management system to run your website. It’s just the nature of the game. Every CMS is essentially just a piece of software and software can be hacked.
If you search the internet, you’ll find many people saying that WordPress isn’t secure and puts websites at high risk for being hacked. While it’s true that WordPress sites get hacked frequently, it’s not that WordPress is inherently risky. It’s that less than half of WordPress installations get updated to the latest version at any given time. Failing to keep WordPress core files updated is what puts sites at risk.
Data from 2003 found that a whopping 95.5% of all infected websites using some kind of CMS are built on WordPress. Although, that doesn’t mean other CMS platforms are more secure. It just means that WordPress has a gigantic target on its back and attracts the most attention from hackers.
Source
Plugins present some of the biggest security risks. Even when you keep your plugins updated, that doesn’t mean there aren’t vulnerabilities. In fact, some of the most well-respected, trusted plugins of all time have vulnerabilities that get exploited. For example, WooCommerce, W3 Total Cache, Yoast SEO, Elementor, Contact Form 7, and WordFence have all been targeted by hackers. The vulnerabilities in these plugins have been patched, but it’s a cycle that never ends, and it’s unlikely that any plugin will be the exception.
The more plugins you have installed on your website, the more at risk you are for being hacked. Even if you keep them all updated, there’s no guarantee they’ll be secure. Developers aren’t required to ensure their plugins are flawless before uploading them to the WordPress plugin repository for people to download. There is a review process, but it’s not as thorough as it should be because that would require a budget to pay a team to test everything.
If you’re going to use WordPress, you need to be ready and willing to keep it up to date at all times. Thankfully, that’s easy if you use an installer, like Softaculous, within your hosting account’s cPanel. This is a feature offered by many popular hosting companies, and it gives you the option to enable automatic updates for WordPress core files, themes, and plugins during installation.
In addition to keeping everything up to date, there are a handful of tasks you’ll need to complete to maintain a secure WordPress installation. Here are the most important:
In addition to actively securing your WordPress installation, it’s crucial to create backups on a regular basis. Even if your content doesn’t change and you don’t have any user accounts, back up your entire website (files, core files, and database) at least once a week. In the event that you do get hacked, you’ll have an uninfected version of your files that you can restore.
You can install WordPress for free, along with a variety of basic plugins and basic themes. However, that’s not usually good enough for anyone, not even bloggers. If you plan on using WordPress to run your business website, especially if it’s ecommerce, you’ll need to spend a bit of money.
Source
The first thing you’ll need to buy is a theme. Great themes aren’t free, and free themes don’t typically work well because they look cheap, basic, and unprofessional. If you’re running a personal blog and don’t plan on collecting leads or making sales, you can probably get away with using a free theme. The reality is, if you’re serious about your business, you’ll need to buy a professionally designed theme.
You can find decent themes on sites like TemplateMonster and Envato’s ThemeForest for under $100. That’s pretty affordable. However, if you’re building a more complex site that requires sales funnels, email marketing integration, specific landing pages, a members-only area, different tiers for memberships, split testing, and other elements, you’ll find that most themes won’t support your needs out of the box.
There are several full suite website themes out there that will accommodate all of the aforementioned needs, but those require a monthly or yearly subscription, and it’s not cheap. If you decide you no longer want to pay that fee, you’ll have to redesign your entire website from scratch using a different theme.
If a standard theme won’t cut it, your only other option is to have your theme developed from scratch to accommodate all of your needs. This is where WordPress will become expensive and if you have to pay for customizations, you might be better off having your site designed to run on a different CMS altogether.
Just like themes, the best plugins also cost money. Developers who make free plugins don’t have any incentive to put a lot of time and energy into their efforts, and as such, they create basic plugins that don’t quite do enough. You’ll have to pay to get the functionality you want and need to run your business at a professional level.
As you’ll soon find out, or maybe you already have, there are free versions of paid plugins, but the features are limited. Most of the time, the features you want and need will only be available from a paid subscription to the plugin. That’s right, gone are the days where you could pay a one-time fee for the right to use a plugin to run your business. Just like other software applications, you’ll need to pay a fee every month forever.
As you can see, the need to buy themes and plugins and get customizations can quickly add up to a lot of money. So, WordPress itself is free, but running your business on WordPress is not.
Very few people can use WordPress as-is, even with a good theme. Most businesses require customizations, and that can get expensive. In some cases, it can cost as much to customize WordPress as it would to have your website built from scratch on another platform. Either way, you’ll have to spend money to get a custom website. It’s just a little riskier paying developers to customize someone else’s plugins and themes.
The problem with investing a lot of money into WordPress customizations is that one day, the plugins or themes you customize may no longer be supported. For security purposes, you never want to continue using a theme that doesn’t get updated to fix known vulnerabilities. If your theme or plugin developer calls it quits, every dollar you spent customizing that theme or plugin will be a waste.
You’ve probably noticed by now that most WordPress themes look the same. That’s by design. It’s not actually because those specific designs support higher conversions or get more sales. It’s because they’re easy to make, theme developers can create a bunch of variations of the same general layout, and people buy them, so developers keep making the same styles to get more sales.
Sometimes having a generic, boring theme isn’t necessarily harmful, but it’s not usually helpful. If you’re running a serious business, you need a website layout that supports your specific needs, and something generic won’t do the job. For example, if you own a law firm, you need to have your contact information at the top of every page, and a clean layout without any clutter. If you buy a pre-made template, you might not be able to add contact information without editing code, and you’ll be stuck with elements that may not support your ability to generate leads.
Likewise, if you’re running a marketing company, you need a theme that will make a strong impression on your leads and a design that has been crafted specifically to capture as many email addresses as possible. Most WordPress theme designers don’t have any marketing experience and only know how to create themes that look good, not themes designed to convert.
To get a truly effective theme that also looks good, you’ll need to hire a professional developer who knows marketing enough to intentionally place elements where they belong to support you in generating leads, sales, and any other conversions you’re after.
Since WordPress is self-hosted, the learning curve is steep. To get your website up and running, you’ll need to buy a hosting account and domain name, then connect your domain name to your hosting account by setting up custom nameservers. If at any time you want to change your domain name, you’ll need the technical knowledge required to move your website. Worse, if you make a mistake and your site won’t load, you won’t be able to log in from the front end and you’ll have to know your way around the back end to fix the issue.
Since WordPress themes and plugins are made by different, individual developers, there’s no guarantee they will all work together. Often, one plugin can cause a conflict that makes an entire site stop working. If a plugin or theme causes a conflict that breaks your site, there’s no way to fix the problem other than by not using that piece of software. That’s bad news if the plugin is essential to your business.
Since WordPress was built as a blogging platform, you’ll need to install quite a few plugins to make it function for business. The downside of this is that it will slow down your site significantly. You can use caching plugins to speed it up, but having too many plugins can still diminish the speed of your site.
If you’re not used to using WordPress, you’re likely to make technical mistakes that can negatively impact your business. For example, if you don’t set up permalinks correctly, you could end up with longer URLs than you’d like. If your pages have already been indexed in the search engines, and you choose to fix your permalink structure, you’ll have to create 301 permanent redirects.
Now that you know the top reasons to avoid building your website in WordPress, you’re probably wondering what else is left. The ideal solution is to choose a hosted CMS, like Wix, Weebly, or Shopify. As long as you don’t have any complex needs, these platforms are excellent choices. For a small monthly fee, they’ll handle everything for you, including hosting and security. You won’t have to worry about keeping everything up to date – they’ll handle all of that for you. All you’ll need to do is set up your store, upload your images, and write your content.
Although hosted CMS solutions typically offer paid plugins to expand your website’s functionality, you won’t have to pay to get basic ecommerce capabilities like you would with WordPress. Platforms like Wix and Shopify include the basics for ecommerce websites.
If you’re ready to launch your business and need a custom website, we’d love to partner with you. At Dev.co, our team of professional web developers can build your site on just about any platform and customize your theme just the way you like. Contact us today to learn more about how our development services can bring your vision to life.