I am expecting a backlash for the headline of this month's blog. I understand that users have a fondness for WordPress that can border on infatuation! The WordPress community do not take well to any negative comments about the webs largest CMS platform but let's run through a few facts here first.
WordPress is indeed that web's largest platform accounting for 24.6% of all websites, and a content management system (CMS) market share of 58.7%. The next most used platform - Joomla only manages a 6.7% share which is only 2.8% of all websites with Drupal coming in just below this.
Data security firm Imperva are due to release their annual Web Application Attack report (WAAR) this week. Last year they reported that WordPress sites suffer 24.1% more attacks than all other CMS platforms systems 'combined'. It is not expected to read well for WordPress this year either particularly given that they have increased their market share further over the last 12 months.
In truth WordPress is a victim of its own success. It has become so popular that hackers know that attacking it will be a fruitful exercise. It doesn't help however that its code is written in a way that makes it very vulnerable, it is extremely prone to RFI and SQL injection attacks. There are methods that developers can deploy to shore up these vulnerabilities but it would seem to me a better option to simply choose a more robust platform if starting from scratch.
When choosing your platform you have to consider what you plan to do with it in the future. Many websites start out simply offering information but can then evolve to include e-commerce, forums and other integrated applications. This process will be much easier if you start with a solid base. Its best to investigate the merits of each of the major platforms before deciding which one best suits your requirements.
Although I mostly build custom applications on open source frameworks I can see the cost and time benefit of choosing a recognised CMS platform in most cases. A custom option is usually only necessary if the functionality request is unique to the point that an off-the-shelf system is incapable of meeting the requirements. The larger CMS platforms are also very well served with templates and plugins etc. which can help get your site up and running quickly and cost effectively.
I hope this goes some way to informing your decision-making on this subject. I understand it can be bamboozling particularly when different providers promote their preferred option which might not necessarily be yours.. In short your decision will be best informed by taking some time to investigate before making the final call - oh and did I mention, don't choose WordPress….!!