I am terrible at sitting down and actually writing blog posts. I think about things to say every day from the mundane to the technical to the creative, but just can’t seem to set aside the time to actually write something. I am not looking to attract thousands of website visitors or to make any money with what I write, but if what I write helps one person, then it has been worthwhile. To that end, I am attempting once again to put words to the web. This will b a very short post.
I am a longtime user of ColdFusion and if I were building a bespoke website with a database back-end, and pulling from multiple data sources it would still be my tool of choice. However, most people don’t need this level of functionality and need something to create a web presence that looks nice and has some basic functionality. For me, WordPress is my product of choice. Not only does it have a ridiculously large following, but it also has an ecosystem that is pretty amazing. If you need some additional functionality there is probably a plugin for that. Need some particular look or feel, there are themes galore with additional plugins to go even further. While there are other tools out there – Drupal, Squarespace, Wix, Joomla, etc. – none of them have struck a chord with me. Honestly, if the ColdFusion community had a CMS with the level of functionality I can get from a single theme (more in another post), I would probably feel differently. Adobe, the owners of ColdFusion, use WordPress albeit implemented poorly (another rant for another day).
WordPress is not without issues. With such a large presence, it has become a target among those wishing to do others harm. The community as a whole does a very good job of keeping the core up to date. The plugin library includes numerous outdated plugins that are likely to cause security holes in your website, or potentially break it completely. My personal policy is not to install any third-party plugin that has not been updated in the last 12 months at all and seriously limits the use of plugins that have not been updated within the past six months. So far this rule has served me well and I also apply it to themes.
The single biggest risk with the use of WordPress, or any other digital product, is not understanding the importance of updating the code to keep it secure. More often than not, a small business will hire a company to create a site and once it is done, one of two things seems to happen. The contracted company attempts to gouge the customer for a maintenance contract or the customer tries to nickel and dime the company to get as much as they can for nothing. Both of these approaches are detrimental to the safety of the web not only for the customer but the WordPress community as a whole because these sites can become launching points for exploits. If you are a company seeking a new website, make sure your budget includes long-term sustainment, even if it is just limited to the core, plugin, and theme updates. Unless somebody in your company is literate in the use of WordPress, the theme, and plugins in your site, you will also need to include at least a few hours (80-160) for additional support.
Featured image by Fikret Tozak on Unsplash.
