Pantheon Community

Critique Request: Blog post about WordPress Disadvantages

I’m putting together a blog post to debunk, for prospective agency clients, those annoying ad/articles (this one, primarily) that purport to show how WordPress is actually “WorstPress” in various ways. It’s been a bee in my bonnet for quite some time. I’m hoping for some Pantheon Heroes’ and employees’ critiques of my diatribe…I mean my debunking of some of the myths. :slight_smile:

Am I characterizing the advantages correctly enough and debunking the myths appropriately? Anything you’d add, remove, or change?

It’s longer than I’d normally write, but the length is meant to cover the topic in some depth for keyword density, comprehensiveness, linkability, and content for people looking for specific topics within it. Plus I wanted to throw Pantheon some link love.

Thanks for any help and suggestions you can offer.

WordPress Advantages and Disadvantages: Setting the Record Straight

Quick Tips: How to Address Alleged WordPress Disadvantages

You can avoid most WordPress disadvantages if you:

  1. Choose a knowledgable WordPress developer or educate yourself on WordPress.
  2. Obtain high-quality hosting with automated backups and an included staging site or local machine development utility.
  3. Buy high-quality premium themes and plugins from prominent, highly-recommended vendors.
  4. Update often and use a staging site to test EVERY update BEFORE you commit the updates to the live site.
  5. Learn your site’s page builder, block editor, and theme customizer capabilities.
  6. Optimize your images and use CDNs, caching mechanisms, and mobile responsive best practices.

What are the advantages and disadvantages of WordPress? Well, that depends on who you ask. Many site owners love WordPress, and some developers love to hate it. But, ultimately, it’s not up to the developer. It’s up to the client, what they’re willing to pay for the total cost of ownership of a website, and the business value they want from their site.

WordPress Business Value

Stick with me through a quick review of website business value and I will show how any blog post focusing solely on WordPress disadvantages is wrong on a number of points.

Here at Webidextrous, we don’t keep it a secret that WordPress is our recommended content management system. Of all the various CMSes available today, WordPress is arguably one of the most popular, running up to 35% of websites in 2019.

That’s nothing to sneeze at. WordPress popularity totals are projected to grow for some time to come. Clearly, a significant number of people are choosing WordPress on purpose. They’re getting business value from it. That many website owners, many of them being developers themselves, can’t all be the “fools” that anti-WordPress developers suppose.

As to what prompted this post, from time to time I’ll see an ad on Facebook, Twitter, or in a Google search that just sets my teeth on edge. Not just because I’m a WordPress specialist, but because of the untruths. It’s usually in the form of an ad that links to an often-regurgitated blog post. Some web designers and developers use that blog post as a self-serving means of persuading clients to commit to a dependency on their billable content update hours. It’s a way of keeping clients from having the ability to update their own websites.

The ad and post could also have something to do with a developer trying to capitalize on visitor traffic searching for “WordPress disadvantages” and supplying just enough relevant content to game the search engines. That drives traffic to their website so they can attract more clients. Fair enough. It’s a valid technique, even if it isn’t a fully honest one relative to their skewed assessment of WordPress.

But, more specifically, it’s often a web developer/designer who is frustrated that their one-off, complex, custom website code is losing out to a popular open-source alternative. The reality is that the developer is producing little to no value for customers who simply want to update their websites at their own pace. Clients also want to update it with little need for technical knowledge. It’s a pain (and expensive) to have to contact your developer every time you want to update a page or a post or add new functionality.

In other words, WordPress’s greatest strength is the coding “purist’s” greatest weakness. Anti-Wordpress developers are not thinking far enough into the value and ROI proposition. Clients don’t just want websites from web professionals. They want results that come from websites, and they want the professional to spend more billable hours on getting the results than on updating content or adding features.

So, let’s begin debunking these WordPress myths, shall we?

1. WordPress is Vulnerable to Hackers and Other Security Issues

MYTH: All plugins and themes are laden with poor coding and malware with no governing body to control them. Hackers find WordPress to be the easiest target, so that’s why they target it the most. And when search engines find bad code on your site, they’ll downrank you immediately. Therefore, you are putting your site at risk by running it on WordPress.

REALITY: While it is true that there are plugins and themes that are problematic, it is not nearly the universal hellscape these anti-WordPress types claim.

WordPress’s popularity, more than anything else, is why hackers target it. Once-dominant Windows PCs used to suffer the most attacks from hackers until Apple and Android devices became more numerous. Now, all popular platforms are targets. WordPress is no different in that regard.

This problem is also a strength. Because of the enormity of the WordPress open source community, any vulnerabilities that do emerge are quickly found, flagged, and fixed. You (or your trusted developer) just have to subscribe the plugin’s support page in the repository to get informative updates from the forum threads. Good hosting companies will proactively inform you and give you options to update quickly.

Once you know a particular plugin or theme is faulty, you can take it upon yourself to upgrade to a fixed version or, if you like, swap it with any number of similarly popular replacements.

If a search engine flags your site for malware, simply removing the malware and reindexing your site is the fix.

The true remedy is to use secure hosting, like, that locks down the live site as “read-only”. Even though it’s a little less convenient in that you can no longer install new plugins willy-nilly on your live site (which you should never do), it does create an equal inconvenience to any hacker whose “Trojan horse” code can no longer deface your home page.

So, add and test plugins and themes on a staging site (again, provides this workflow) before deploying them to the live site. As with any site, good hosting and best practices in software deployment and testing cover the majority of WordPress “sins”.

2. Your WordPress Site Could Stop Working

MYTH: WordPress automatically updates itself. Updates are good but could break your site because plugins and themes might no longer be compatible with the WordPress core software. If the person who created the plugin or theme is no longer around to fix the problem, your site will need to be entirely rebuilt.

REALITY: Ok, this is a lot to unpack, so we’ll break it down into pieces.

WordPress Automatic Updates

WordPress doesn’t automatically update itself. There is talk that, for better security, Automattic might force updates to more modern versions of WordPress in the future, but in the past, and for the foreseeable future, this is not the case. Some hosting companies do update your site to either a minor version or to the major version as well. But that’s almost always a setting you can turn off or on and control which type of version to allow to update. (If your hosting doesn’t let you control this, do you really want that host?)

Proper Updating and Testing

Yes, updates are good. You should update WordPress core and any plugins as soon as possible. But, you should also test your site each time you update a single plugin or theme. Testing all changes is just good software deployment practice for any website, regardless of whether it runs WordPress or is just plain HTML. Never assume that any change to your site is going to be problem-free. Verify all assumptions.

What To Do If Authors Abandon WordPress Plugins and Themes

If the author of a plugin or theme ever becomes unresponsive, you still have options. There are plenty of PHP developers you can turn to for assistance, either at the community “free help” level (please be courteous to them) or that you can hire to make fixes.

But the problem of plugin and theme abandonment is best solved by choosing well-established, highly-used plugins and themes. Particularly with themes, using a very popular theme builder or page builder themes such as Oxygen, Elementor, Beaver Builder, or Divi is a way to hedge against abandonment. Those builders are not going away anytime soon. Even in the highly unlikely event that their original authors abandon them, under the 100% non-proprietary Gnu Public License, the WordPress community can, and will most certainly, “fork” the original and pick up where the author left off. I’ve seen some plugins and themes actually benefit from abandonment and new authorship.

3. WordPress Websites Need Maintenance

MYTH: Updates, compatibility issues, and security flaws are an ongoing and expensive problem for all WordPress sites. Hand-coded websites will probably never need maintenance.

REALITY: This is a common trope with developers who want to keep sharing misinformation about WordPress precisely to avoid conversations about WordPress with clients who want it for their sites. They don’t want to learn WordPress and adapt to new market realities, so they pretend its maintenance problems are worse than they actually are, or that their solution will never or rarely need maintenance.

The truth is that WordPress, being an advanced content management system serving the needs of many users with different skills, is not going to be the same thing as a hand-coded “pure stack” PHP/MySQL/HTML5/CSS/Javascript website. It’s true that it will have more maintenance tasks. But it’s simply not true that a hand-coded site hardly ever needs maintenance. Your feature requirements will change. PHP versions and capabilities will change. Databases will change. HTML will change. CSS will change. Javascript will change. Changes always require some degree of maintenance. Coders can make mistakes, not have enough foresight as to future use cases, or be just plain lazy, leading to other maintenance problems down the road as the site grows.

And it’s not true that WordPress is just a big maintenance headache. It’s not. If you make careful and wise hosting, plugin, and theme choices, and stay on top of and test all updates, your site can run problem-free for most if not all of its lifecycle.

4. WordPress Sites Can Be Slow

MYTH: WordPress sites are greatly slowed down because of their use of plugins. Plugins always add bloat. The more plugins you add the more bloat you’ll get and the slower your site will load. If your site takes too long to load, then Google will penalize you.

REALITY: While it’s true that Google will penalize your site for being slow, this is not all due to WordPress plugins. In the vast majority of situations I’ve observed, the problem of a slow site is primarily due to two things: bad hosting and laziness on the part of a designer.

Site Slowness Due To Hosting

Bad hosting is straightforward to replace. Just migrate your site to a better host. Reputable hosting companies will pair your site with the right sized server resources and will often migrate and even optimize your site for free. They’ll have fast, secure servers with caching and redundancy.

Image Optimization Improves Site Speed

You need to hold accountable any designer who just takes the original, high-resolution images you hand off to them and directly uploads them directly to the WordPress Media Library.

Every image, regardless of whether it’s WordPress or hand-coded, needs to be reduced in file size and resized to the exact dimensions at which you intend to display it for smartphones, tablets, and desktop devices. Your designer needs to use the srcset attribute of the img tag and CSS media queries to further “explain” to the browser which image and layout to display on which screen sizes. That’s called “optimization” and “mobile responsiveness”. The practice has been around for more than a decade, so there’s no excuse for your designer to do otherwise.

Increase Site Speed by Troubleshooting Plugins

Plugins do add overhead, but not always to the degree this myth states. For starters, just because you have, say, 20 plugins doesn’t mean that all 20 plugins are using as many resources as possible every second of every day. Most of them sit idle until a specific piece of their code is called upon, at which point they’ll do their thing and then go quiet again. Others that have scheduled tasks to perform can be adjusted to run those tasks less often. If your site has high traffic volume then, yes, your plugins can effectively be “always-on”.

For all sites, whether high or low volume, you can speed things further by using a Content Delivery Network (CDN) to locate a copy of your site geographically closer to visitors. Also, use a caching mechanism like Redis (database) and Varnish (everything else), or a WordPress caching plugin like WP Rocket.

Once your site’s images and code have been optimized and cached, and your plugins adjusted, if your WordPress site is still slow, do an audit of your plugins.

First, weed out the ones you absolutely don’t need or can replace with custom code. If that doesn’t help, use NewRelic or a similar performance testing tool to check the transactions, SQL queries, CPU, and memory usages to see which plugins are causing performance issues. Then, either replace a low-performing plugin with another plugin that does the same thing but faster, or contact the plugin’s support team for a fix. Reputable plugin providers, especially if you’ve paid them good money, will be more than happy to make improvements to retain customers and get new ones.

5. WordPress Sites Are Not Search Engine Friendly

MYTH: WordPress sites are coded in a way that makes them unfriendly to search engines. The PHP code on the back-end is directly responsible for this problem. WordPress coding is a proprietary, complicated mess, further confusing search engines.

REALITY: First of all, WordPress is well-known for being a top choice for SEO right out of the gate, so this myth is just…weird.

Second, PHP code itself is not a deterrent to search engine crawlers. They never see PHP code. They only see the resulting HTML that the PHP code is generating. It can be true that a WordPress theme’s PHP is generating poor quality HTML code. In that case, you simply move to a better theme (or do your homework and don’t choose a bad theme, to begin with).

Advanced, well-supported themes from prominent theme vendors are built to please most search engines. They also provide methods of adjusting your theme’s SEO output to fine-tune your SEO. It’s a primary, high-priority feature that most website owners demand, so these vendors provide that as a top feature. Choose from among the best premium themes and you won’t go wrong with search engines.

Besides the theme, most sites run some kind of SEO plugin that provides even further fine-grained controls to improve SEO. As always, do a little research now to avoid big problems later.

Oh, and WordPress code is not proprietary. It’s licensed under the Gnu Public License, which means all code must be released into the public domain. Everyone can make any change they want to WordPress code as long as they then release that new code to the public domain under the GPL. WordPress plugins and themes are governed by the GPL.

6. WordPress is Not As Easy As You Think

MYTH: WordPress is hard for users to update. Also, one little mistake will ruin your entire site. You have to know how to code HTML and CSS to keep a WordPress site running.

REALITY: Um…what? I honestly can’t tell you what developers are trying to get at with this criticism. And they use this a lot to try to scare clients away from WordPress so they can lock the client into an endless cycle of charging for manually-intensive updates to content that clients will never be able to do on their own.

The whole point of WordPress is to make site content updates simpler than learning how to code HTML and CSS. WordPress structures things to separate content from presentation and from data or business rules. Sure, any developer worth their salt is going to do a similar separation. Maybe they’ll even build you a customization and content updating tool. But you’re still locked into that particular developer’s proprietary code. Any advanced functionality you want in a custom-coded site will cost you many multiples more in billed hours than simply buying and installing a ready-made, supported plugin in WordPress.

With WordPress, you’re not locked into a relationship with any particular developer or their code. You have both a theme customizer and an advanced editor that allows you to build a page or post using all sorts of “blocks”. With blocks, you can click to add columns, drop in images and videos, insert headings, bold, italics, underline, tables, horizontal separators, and many, many other things. You can download custom blocks or hire a developer to build a quick custom block. If you’re adventurous, use the Advanced Custom Fields plugin along with adapting open source code already available to create a page builder for your WordPress theme.

7. WordPress Sites All Look the Same

MYTH : Only developers have the ability to customize a WordPress theme. If they don’t offer that service, you’re stuck with the same theme look-and-feel as all the other sites that use the theme. Even though many themes are attractive, sleek, and uncluttered if they all look the same, how do you differentiate your site from others?

REALITY : First of all, those of us who love WordPress will gladly accept the compliment that WordPress themes are attractive, sleek, and uncluttered. The rest of that series of statements is 100% incorrect. Good quality WordPress themes, especially the premium ones, provide access to a customizer tool that lets you change many things about the look of your site. Color, fonts, layouts, widths, images, and dozens of other “global” settings common to the vast majority of modern websites (hand-coded or otherwise) are all changeable. You can achieve a nearly infinite variety of custom designs for any theme. Whatever is not changeable soon will be if enough users request it. And they usually will.

In fact, the whole premise of this mythical claim is suspect. Since 1993, when websites first made baby steps into the collective consciousness, websites have evolved toward specific “design patterns“. Through a sort of digital natural selection, design patterns are proven to be the best ways of designing usable sites. Collectively, WordPress themes embody the vast majority of the best design patterns.

Some designers like to buck usability trends and show off their sometimes avant-garde artistic skills to clients. But what often happens is that they only produce a pretentious, lukewarm bowl of usability mush that site visitors find hard to navigate or understand. These “unique” designs are equally difficult to maintain because they rely on piles of super-custom, irregular CSS and HTML “tricks” to achieve their eye-popping effects. One little CSS or HTML tag deprecation or lack of support by a browser vendor can send these designs crashing down like a house of cards.

My advice is to only go with a developer who sticks with tried-and-true but beautified user interface elements. Your visitors will thank you and your bounce rate will decrease.

Summary of WordPress Advantages and Disadvantages

Don’t pay attention to the scare stories about WordPress. It’s popular for a reason: because it works well and adds value. The developers who complain aren’t willing to have honest conversations about real business value.

Regardless of what it’s running on, by simply operating your website based on well-established best practices in software development, development operations (DevOps), and web operations (WebOps), you can avoid a ton of problems.

Like a car, WordPress is just a vehicle to get you where you’re going. There are good drivers and there are bad drivers, good mechanics, and bad mechanics. Be a good driver, choose a good mechanic, and you’ll avoid accidents and get to your destination.


Hey @webidextrous–nice post! Here are a few suggestions, take 'em or leave 'em:

  1. I’d suggest cutting a little more from the intro section (header: “WordPress Business Value”), especially regarding the reason you are writing the post. I think it’s great context but you have so much awesome stuff below that and I’d hate for people to stop reading too soon.

  2. What about re-wording the myths instead of directly referencing the other post? Making them your own extends your post beyond a take-down of that other article.

  3. I think you undersell the speed of a WP website under #4. It’s the one section where I got bogged down in the “how to make it fast” details, instead of just knowing “WordPress can be fast.”

Overall, I think it’s great! Love the wrap-up metaphor of WP as a vehicle to get you to your destination.

1 Like

Thanks, @sparklingrobots, for these suggestions! I’ve put them into play and the post goes live Sept 24 at 7am Eastern. Here’s the link.