5 reasons WordPress is a risky choice for your business
Updated: Aug 7, 2019
WordPress is a popular content management system — a web-based application for creating and managing the content of a website, including wikis, blogs and discussion boards.
WordPress offers thousands of themes that provide users with customization options. It also gives users the ability to scale websites to their business needs by adding different plug-ins.
This ease of use and utility is why almost 30 percent of websites and more than half of all CMSs use WordPress.
There’s a distinction between WordPress.org and WordPress.com. WordPress.org is a repository of open-source software that requires users to provide their own web hosting environment and some intermediate- to advanced-level web development skills. WordPress.com is a web hosting service that provides pre-made templates and themes. It sacrifices flexibility and customization for ease of use.
Both sound like attractive options, don’t they? Except, they’re not. At least, not for everyone.
Any company thinking about using WordPress as its CMS should consider the following points before creating a new website and while reevaluating its current system.
1. It’s designed for blogs
In 2003, WordPress was originally an offshoot of another project, b2/cafelog. It used a database to manage blog content.
WordPress.com powers approximately 75 million blogs. Yes, blogs. Not dynamic company websites meant to convert visitors into customers or securely process transactions.
If you’re only looking for an easy-to-use personal blogging platform, by all means use WordPress.com. Otherwise, there are other options that will better meet your company’s needs.
2. It uses stack design
There are some technical factors to consider when you’re deciding how to power the digital face of your company. WordPress.com is a web hosting site. It provides the tools to create and manage the look and behavior of a website through directions it stores in code. That programming language (PHP) requires translation to HTML in order for it to load on viewers’ computers. This process slows down the load time of the webpages significantly, especially during peak usage.
Trying to get around this issue by using the open-source WordPress.org? Even WordPress acknowledges its software has a performance issue: “Although WordPress is fast, it does contain a substantial quantity of code that needs to be loaded each time a page is displayed. This may or may not affect performance depending on the hosting environment, but on a shared hoasting [sic] environment using SuPhp (and thus without op code caching) it can add several seconds to each page load.”
A slow-loading site means impatient customers will leave — after all, time is money. In fact, according to a StrangeLoop case study, a 1-second delay in page load time can lead to a 7 percent loss in conversions, 11 percent fewer page views and a 16 percent decrease in customer satisfaction.
And if that’s not bad enough, Google has started pushing slow-loading websites further down in its search results, leading to fewer clicks and views.
3. It requires plug-ins
Plug-ins are extras added to a website to add function without completely changing the code that is already part of each theme and page template. There are more than 50,000 official WordPress plug-ins and tens of thousands of unofficial ones. These plug-ins do things like help your site run faster, record traffic, monitor screen comments, optimize keyword searches and more.
Why so many? Because the core software that runs WordPress is not designed to do all of those things. Each plug-in, even with the intent to make things run faster or safer or look cooler, adds bulkiness to your site. And worse — they add possible entryways for malware and hackers.
4. It’s a target for hackers
The widespread use of WordPress means there are both good guys and bad guys who specialize in finding bugs in the base code or in the many plug-ins. There are even cleverly packaged plug-ins with malware already programmed inside. The bad guys know that if there’s a hole in a plug-in, it can be an open door for all kinds of nefarious activity.
Unfortunately, many companies have experienced this kind of activity. For example, in 2010, thousands of companies using WordPress became targets in a pharma hack. This kind of attack is not readily apparent because it quietly loads webpages that promote pharmaceuticals, like Viagra and Cialis, under the main page’s directory. These webpages don’t appear to users; instead they exist for web crawlers to increase page ranks and directed ad traffic.
These attacks use multiple points of entry, are very hard to remove and have happened again and again in 2015, 2016 and 2017. Even as recently as February 2017, a similar attack of compromised plug-ins created a redirect that led visitors to websites that contained malware links or X-rated content. Google’s search engines, in turn, blacklisted these companies’ pages as websites containing harmful content.
Want a final example of a WordPress plug-in gone rogue? Many suspect that the leak of the Panama Papers, which revealed unsavory and illegal financial activities that led to the downfall of some global political and financial leaders, was due – in part – to an un-patched plug-in meant to aid in sending emails. When one adds all of this vulnerability to the fact that only 22 percent of users run the most updated WP version, you create a hacker bonanza.
5. It doesn’t integrate analytics
We all know that analytics is the name of the game these days. Understanding who visits your site, how they found you, keyword terms, click progression, time per page, fall-off rate, conversion rates and other metrics is critical for your marketing.
WordPress doesn’t have this kind of analysis software built in. Even one of its most popular plug-ins for analytics, Jetpack, doesn’t have the drill-down capabilities of Google Analytics or even other platforms designed for business lead capture and transformation. Data is a competitive advantage. Ignoring it because of inadequate website functionality is to your detriment.
Both WordPress.com and WordPress.org share the weaknesses mentioned above in varying degrees. For the company that needs speed, security, customization and detailed analytics designed into a corporate-level package, there are more reliable and sophisticated options.
Companies should use commercially acceptable software for marketing automation. Explore paid tools like HubSpot, Eloqua, Marketo and Infusionsoft for your content marketing, marketing automation and website CMS. Axia uses HubSpot. We recommend it to our clients.
These tools provide marketing integration, automation and analytics software. Ultimately, even as a paid solution, these tools saves time and money with all its integrated features:
Content optimization system (COS)Content management solution (CMS)Blog publishingSocial media managementSearch engine optimization (SEO)Calls to action (CTAs) Landing pages (LPs)Lead managementEmail marketingCalendarProject managementSales tools Customer relationship management (CRM)
When you're buying these tools and services from multiple providers, including WordPress, the amount of time and money you spend is similar to what an integrated costs, yet your program and data isn't integrated and the time to operate and connect each tool is substantial.
Paid solutions might not be for everyone. There are dozens of qualified CMS and marketing automation systems available. Just don’t leave your company dependent on WordPress. It’s not a commercially viable solution in our experience.