D'Arcy J.M. Cain

Musings and Rants

 

Entries

Why not Wordpress?

Last updated: None
As an owner of an ISP that supports all sorts of web pages I have to support Wordpress for my clients. I never create one for myself however. Why? Because I don't believe it to be appropriate for professional web site architects.

I do understand the attraction. If someone wants to build their own site and building sites is not what they do for a living Wordpress makes it easy to slap up a site. They even have thousands of themes to choose from so you can make a pretty reasonable site very quickly. I have set up Wordpress for friends and family for this reason.

However, when a client comes to me to build a professional web site I cannot build them a Wordpress site. If I tried I would be making compromises all through the process. Here are some of the reasons that I don't use Wordpress.

First of all, it's written in PHP. I have worked in all sorts of languages over the years and have even been published for my work in some. PHP is one of the worst I have ever seen. That's a rant for another time but the issue here is that Wordpress, like most distributed PHP systems, assumes that you are running under Apache with the PHP plug-in. This means that you can't run your virtual sites under a separate user. It must run as the web user. This might be "nobody" or a special user such as "web" set up just to run Apache. In any case every PHP script runs as the same user and so every PHP user is at the mercy of every other PHP user on that system.

It is possible to keep the files owned by the individual users but then Wordpress can't write into the folder. This causes all sorts of headaches when upgrading and for other operations. It can all be worked around but it does need to be worked around.

Even when locked down on the server, Wordpress has a huge following and that makes it an attractive target for hackers. All those nice themes and plugins make it even easier because no one can guarantee every single one. It's just too easy to get a vulnerability into Wordpress.

Wordpress is bloated. It has to be in order to cater to everyone out there. When I build a web site I only include things that the client needs. That makes the site more responsive. It also reduces developer time when changes need to be made and changes ALWAYS need to be made.

Worse, because Wordpress is backed by a database, every single page needs a database lookup, possibly more than one. That just slows down the site. My sites tend to make heavy use of style sheets and server side includes. They only run CGI scripts and access a database in the dynamic parts of the site.

Probably the biggest argument I get for Wordpress is that it allows the owner to maintain and update their site them self. This seems to assume that Wordpress has a monopoly on dynamic sites. This page is written in my own software that allows me to add articles and modify existing ones. I have some very non-technical people using this same software. Not only is this possible but it's easier than doing the same thing in Wordpress because this program only has to do one thing. Wordpress has to manage all sorts of input so it gets more complicated.

The rest of my site is more static and requires some HTML and CSS editing. Even then I use server side includes to keep things as simple as possible to allow users to make simple edits. In some cases the only technical skills needed are running an FTP program and learning about the HTML paragraph tag.

In any case, I haven't yet found anyone that this simplicity is supposedly for that actually uses it. Other than simple blogs or journals like this one they always get their "geek" to do the updates.

As I said at the start, Wordpress is a fine tool for the amateur web builder but for a professionally built site, talk to a professional and have them build you your own.