WordPress in the Wrong Hands

We love WordPress here at Zee Creative.  It is a great content management and blogging platform that allows us to create almost anything we or our clients can dream up.  As fantastic of a platform as it is for us, it can be an entirely different experience in the hands of the wrong person.

A good quantity of website owners and web developers use WordPress on a basic level.  Utilizing pre-made template designs and third-party plugins to quickly build and add functionality your website.  Unfortunately, this ease of use masks maintenance responsibilities and security risks for many of those that use it.

Below are a few areas to consider when assessing whether building your own WordPress site makes sense.

 

Templates

Templates are usually the first thing people are drawn to when starting a WordPress site. This certainly makes sense since they are responsible for the look of the site.  It’s very easy to get lost viewing website themes and installing different ones out to see how they look.  With most of them having little to no cost there is not much standing in the way of trying out several different designs.

What most WordPress users don’t realize is each template has its own impact on their site’s complexity, compatibility, and security.  Some themes are built by reputable developers and designed well but we have seen numerous examples that are quite the opposite with dreadful support, fraught with coding errors and serious security concerns.

When you select a web theme you may be affecting how you will administer your website.  A properly built theme should be intuitive and easy to use and not rely heavily on shortcodes or ill-conceived solutions.  Unfortunately, it is common to find a theme that looks quite nice but is very difficult for the typical website owner to use.

 

Plugins

Plugins allow a WordPress website owner to expand their website’s functionality by adding pieces of software. WordPress makes it very simple to add them to your site but this also makes it easy to go overboard by adding too many.  Each one adding yet more code to the base WordPress installation.  WordPress plugins increase exposure to security threats and general site issues.  Because plugins work largely behind the scenes and are generally less visible when compared to a theme, many website owners and inexperienced web developers don’t realize how much they are adding or changing in WordPress.

 

Security

WordPress, along with third-party themes and plugins, is continually being developed and has a regular stream of updates being released with new features and security patches.  WordPress tries to make this easy for site owners to keep up with these updates by including a built-in feature which will install new versions of WordPress upon their release automatically.  This leads many to assume that by using this everything will be updated and secured as well as hassle free.  We sure wish it were that easy but the reality is that this update features only pertains to WordPress itself and currently does not have any built-in auto update abilities for plugins or themes.  This automated process can also can create incompatibilities with your theme and/or plugins causing your site to break or not come up at all.  For most websites, particularly custom ones, this feature can be a major headache.

Another overlooked security concern are the inactive themes and plugins. Even though they aren’t installed or are toggled inactive, their code is still resident on the site and, if vulnerable, can be exploited.

If you are planning a simple blog or small site and are comfortable digging into what’s needed to keep a WordPress site running well it may be a good solution for you. If you find running a WordPress site is more complicated and time consuming than you want to deal with or would rather just have the pros deal with it – give us call.