WordPress Powers the Internet
WordPress is easily the most popular website building platform in the world, and it has the stats to prove it.
- Currently (2021 Q1), almost 40% of websites are built in it. With about 1.2 billion websites globally, that means that roughly 480 million sites run on WordPress.
- That’s a 5% increase in websites from 2020.
- Looking at CMS-built sites (CMS is Content Management System. Essentially, blogging), WordPress powers 64% of those sites.
- 28% of eCommerce sites are built using WooCommerce – the primary WordPress eCommerce plugin.
- On average, 661 new WordPress sites are created every day. 281 of those are WooCommerce sites. WooCommerce is the primary eCommerce store for WordPress.
While WordPress started as a blogging platform, it has transformed into the most widely used website creation & management platform in the world, and it shows no sign of backing off.
But is it Secure?
In 8 years as a WordPress designer, I’ve built sites for individually-owned, locally run businesses to global enterprises with thousands of employees. At some point, all of them ask about security. If you Google the phrase, “WordPress most hacked platform,” you’ll get over 1.5 million results.
A little over a year ago, I had a client who was concerned about WordPress security & sent me a hacked website report from Sucuri.net – a trusted website security company (we use Securi’s security plugin on all of our customer sites). The report said that 90% of the sites they fixed were WordPress. That sure sounds like WordPress is insecure and unfit for business use!
Not so fast. While the graphic at the top of that article gets your attention, it’s necessary to read the article to gain much-needed perspective.
- With the massive marketshare that WordPress has, it’s reasonable that it would also lead the pack of hacked websites.
- The article points out that many of the compromised websites were hacked through outdated software. Keeping your website updated goes a long way towards securing it.
- Another leading cause was configuration or deploment errors with some part of the website.
One of the reasons WordPress is so widely used is because it is free. Anyone can create a website with it, with little to no technical knowledge. But it does take technical knowledge to properly deploy, configure, and secure a website.
You can have the most advanced home security system in the world with the strongest locks & deadbolts known to humankind, but if you leave the keys and security codes laying on the welcome mat, they’re useless. Similarly, when WordPress and its security plugins are miconfigured, it ecomes an easy target.
However, when properly configured and secured, WordPress is as secure as any internet-connected application can be.
What Makes it Secure?
WordPress is open source
This means that anyone can download the source code and review or edit it. There are hundreds of thousands of developers who can inspect code and verify that it’s safe (or not) to use. That level of transparency means that it’s easy to remain secure, since the WordPress development community is quick to discover security holes & patch them.
True, hackers can also take that code and modify it to serve their purposes. It’s easier to avoid this than you may think.
- Only install WordPress core files from WordPress or your hosting company.
- Only install plugins and themes from the WordPress repository or reputable developers.
- Just because it’s on the WorPress repository doesn’t mean it’s 100% secure. Look for plugins that have a relatively high number of active installs, look at the reviews, and make sure it’s been updated recently. Old plugins may have been abandoned, and while they may have nothing malicious in them, they likely have unpatched security holes.
- If a plugin costs money, but you find it somewhere for free, NEVER use it. Hackers like to buy a legitimate license, then add malicious code & make it available for free online.
If you’re a corporate IT security type, you’re scratching your head right now. You’ve been trained to run at the mention of open source software. It’s true that back in the day, open source software was riddled with security flaws and malicious code, and you can still find open source code that is. But WordPress – like so many other open source projects – has enough people reviewing the code to keep bad actors in check.
It’s a Stable, Mature Platform
WordPress has been around since 2001, and is actively supported and developed. Evidence of this can be seen with the evolution of the Gutenberg builder. Over the past 3-5 years, page builders have become all the rage in the WordPress ecosystem. They make beautiful & complex websites, but often add a lot of bloat to the site (that means they slow it considerably). Gutenberg was introduced a few years ago and has evolved quickly into a native page builder that some say will be the end of page builders. Whether that’s true or not isn’t too important here, the way Gutenberg has improved since its release show how serious Automattic – the company that founded & owns WordPress – is about the platform.
Is it Fast, and Why Should I Care About Speed?
Another part of WordPress’ continuing growth is to improve speed. If you own a business, you want people to find you in search engines. Google prioritizes speed in its algorithm (this article is technical, but everything talks about how quickly a page loads), so a fast site means the potential for more visitors. WordPress has been focused on speed for some time now.
Of course, for a website to be fast, it has to be designed & optimized properly. Just like adding water to a Ferrari’s gas tank will slow it down (a lot), using poorly written plugins, poor site structure, and unoptimized images will slow a website.
How to Decide if WordPress is Right for Your Business
How can you tell if WordPress is right for your business? With 50,000+ plugins available in the WordPress repository, and an open-source platform that allows for easy customization, WordPress has wide-ranging abilities for everything from personal blogs to global eCommerce stores. Here’s a recap of what WordPress can do. If your business needs these capabilities from your website, WordPress may be a good fit.
A Low Barrier to Entry
WordPress itself is free (just get it from your hosting provider or WordPRess directly), and many outstanding plugins, like WooCommerce for online stores, are free too. Most paid plugins are generally very affordable and use a subscription model. Yes, you will have to pay for a domain name and hosting, but not having to pay for the base platform makes it very appealing, even for huge businesses.
Open Source Development
While already discussed, this is worth repeating. If you need specific functionality but can’t find any plugins that do what you need, you can talk with a developer, who can evaluate your needs and determine if it’s possible. In the development world, it’s safe to say that given enough time and money, anything is possible, sometimes that cost isn’t worth it.
That’s the beauty of open source. You can use the platform and existing plugins to get you most of the way to where you want to be, then hire a developer to custom code a plugin that gets you all the way there. That approach is much faster and much mpr economical.
Built-in SEO Optimization
WordPress starts off being well suited for SEO, and with constant development, it’s always quick to adapt to Google’s never-ending SEO best practices. Adding in a good SEO plugin, and getting to page one in the search engine rankings – while always challenging – becomes easier.
It’s Natively Responsive
A website designer always needs to check that their creations display properly on all screen sizes, but WordPress already has much of that functionality built-in.
This is another benefit of an open-source platform. With so many people able to look at code, finding and fixing security issues is much faster and easier.
It Works for DIYers and developers
Whether you’re a one-person shop & have to do it all yourself, or can hire the best & brightest in the world. WordPress can work for anyone. The user interface is intuitive and easy to learn, the online support community is a large group of helpful people, and with so many plugins available, finding exactly what you need, is relatively simple.
WordPress is a great platform to use as the foundation for a business website. With the proper setup & configuration, it can serve just about any business use case out there. If you have questions about your specific case, please contact us, we’re happy to learn what your needs are and provide some recommendations.