I'm a geek, and WordPress does not meet my requirements for speed, security and customization needs.
Last Updated: Monday, March 11, 2019
First published: Friday, October 12, 2018
WordPress may be the most popular and easiest to use blogging software and claims to power more that 30% of all websites in the world, there are some factors which prevents from running my blog using it.
WordPress is written in PHP, which it an interpreted language and I'll be honest: it is slow. In order to generate a page, WordPress needs to access the database for content and merge it with a template and theme. This is why caching management (activated and controlled by plug-ins) is almost always used for WordPress deployments. The bad news is that even with caching WordPress is still not fast enough and a memory hog.
In a WordPress setup, you need multiple software applications to be running: a MySQL server, the PHP interpreter and the web server software (such as nginx). Make no mistake, all these software takes up memory to run, and don't forget that these applications also cache data. To go into more details: the MySQL server caches raw content so that it can responds more quickly when accessed simultaneously; the WordPress-PHP application is configured to cache the generated pages so it doesn't have to do repeated processing again for the set of data; and the web server also caches to optimize performance.
Deploying a blog or website using static-gen software is extremely popular among geeks because it is fast, efficient and lean. It is fast and efficient because no processing is needed as all files are already pre-generated, stored in the directory ready to be picked up by the web server. It is lean because there is no need to run any database or middleware, and there is only one copy of cache which is managed by the web server.
A barebones WordPress installation is fairly safe. That is, it is relatively safe if you use WordPress "as it is" without any third-party plug-ins. However, such installations isn't practical for many sites and the features and functionality would be quite limited. Therefore, we understand that in any WordPress deployment - and your deployment - it would be necessary to add plug-ins to enhance the functionality of the site or blog.
WordPress plug-ins are are a huge security problem because historically there had been discoveries of critical vulnerabilities and backdoors putting thousands of sites and millions of users' data at risk. While previously discovered security loopholes may have already been fixed, there could more undiscovered one that are already actively exploited by hackers.
The more plug-ins you use with your WordPress site, the higher the risk it is susceptible to being compromised.
The infamous "5-minute install" and themes are perhaps the greatest scams of the WordPress platform, and plug-ins fail to deliver.
The "5-minute install" marketing is a shameless misrepresentation. It probably just means the time it takes to download, unzip the file, put it into a directory and configure the database connectivity.
In any practical WordPress deployment, you'll need to set up and configure the server operating system (or at least start and launch and Amazon EC2 instance), install and set up MySQL, PHP and a web server to be running. Sure, you can use LAMP, but all these will take up much more than 5 minutes.
Before you download WordPress, you'll need to configure your WordPress site, configure the theme (assuming it is already pre-designed), plug-ins (assuming you're an expert for all the plug-ins you're going to use), etc. Even if you are an expert, it will practically take 1 day to a week.
There is no way in any practical sense you can have a WordPress site ready in just 5 minutes.
There are thousands of themes in the marketplace. Some are free, while the premium ones sell for a fee. Unlike compiled software and due to the nature of the web and architecture of WordPress, there is no way to provide trials or "test it before you buy it". You must pay for a theme in order to download and try it.
WordPress theme designers are great smart scam artists. They design the pages using extremely beautiful background images, nice-looking fonts and icons. They look pleasing to your eyes to make you imagine your site will look so nice with it.
The reality: there are no pre-made themes which will fit perfectly with your site's content and marketing message. You'll therefore need to insert your own logos, images, etc. And when you try to replace the logo and substitute the images, you realize that they don't match and this is where the horror begins. It is not so easy and you'll need to do programming to tweak it. As you modify the code, they are not only improperly formatted, but you can see that the CSS are poorly written and the HTML code has many validation errors. All these are common complaints from experienced WordPress developers. Finally, the themes are sold "as is", that means if you want custom development, you'll have to pay premium fees.
It is being said that WordPress is the CMS and blogging platform with the most plug-ins available. However, the reality is that most are unusable and not updated to work the latest issue, not to mentioned the irresponsible security issues.
WordPress plug-ins often don't work; or if they work, they don't work exactly to what you'd like them to. Therefore, you need to custom-develop your needs in PHP coding.
A professional WordPress site needs to be properly planned and custom-developed. Server setup needs architectural planning of optimization and efficiency. The site's theme should not be bought (ie. no pre-made themes) but custom-designed from the ground up. Features and functionality should be carefully considered and practically custom-developed. Plug-ins need to be fully-tested and be accepted or rejected. It is a full-fledged software development project. And if so, is it the best platform?
Obviously, no, and therefore I'd rather develop it and run it using static-gen technology so I don't have those security issues to worry about and the site is fully optimized for speed and memory efficiency.
Your choice: themes and plug-ins are too problematic and needs to be custom developed. Do you prefer to develop and try to fix problemetic software, or do everything from ground-up where those issues do not exist?