There's no denying that Wordpress is an extremely popular base on which to build a website. Statistics vary on exactly how many Wordpress websites there are on the web but it's a huge number that's for sure.
So why, as a company, have we chosen to give this massively popular system a wide berth? Heck, we've even turned down a number of projects where potential clients were already sold on Wordpress and we regularly turn down work taking over maintenance on Wordpress websites too!
The answer lies in a couple of major concerns...
If you work in web development for any length of time the vulnerabilities of the Wordpress platform become self-evident. Part of the issue is the popularity of Wordpress itself. Afterall, if you're the most popular system then you'll attract more attention from hackers because, if a hacker finds a vulnerability in a popular system, then they have more websites to hack.
No software system is fully secure but some are more exposed and vulnerable than others. Choosing a system means mitigating the risk of attack with the potential cost of the time spent repairing damage, both in technology and reputation, that a hack might cause.
Because of these issues owners of Wordpress websites find themselves running fairly regular updates to the core Wordpress program to maintain security and these updates don't always go smoothly because...
Wordpress was initially built as a blogging system and a very good one it was too! To perform other functions (for example holding other page types like a product catalogue or eCommerce section) the Wordpress needs additional 'modules' to be added in. These modules usually come from third party developers, i.e. not the Wordpress organisation itself. The idea of add-on modules is not a bad one and many website systems work the same way. However, when the Wordpress core gets updated it can bring compatibility issues with installed modules and this can mean big trouble!
If the incompatible module is from an active developer then they'll often update the module to suit the new version of Wordpress pretty quickly. You'll then need to login and update that module. If it's not from an active developer then you may have to ditch that module and rebuild that part of your website. That can be both expensive and time consuming.
One aspect of our website builds that we're proud of is how easy they are to administer for the owner. When making changes every page is easily accessible from a simple list that's easy to navigate and, for the most part, every aspect of that page is editable in one place. Another reason we've decided against Wordpress is that we do not find it easy to use for our clients. This has been reported to us again and again from clients migrating away from Wordpress.
In part these usability issues are, again, caused by the nature of third party modules and their inherently variable approach to administration.
In recent years we've taken to building our website projects using a system called 'Processwire'. You can read about the many reasons we use Processwire in this recent article on that subject. To sum up, it doesn't require lots of add-on modules, has superb security and is REALLY easy to use for site owners when making changes to their website. Oh, and it's really fast at delivering pages to your users too!
Don't get us wrong, we're not totally dissing Wordpress. It's helped many people launch and edit their websites and certainly isn't going away. However, we believe that we've found something that works much better for our clients in Processwire.
If you choose us as your website supplier, we're confident you'll agree with our choice.