Really! You should not use WordPress.
I recently discussed with a potential client her business needs. Her business is growing and she wants to establish an online presence. She already has a Facebook Fan Page and wants to build a website and eventually add an online scheduling tool; but the immediate need is for a clean, simple site.
As part of the consultation I recommended she look at a WordPress site. It is easy to get a site up and running quickly. Themes are plentiful and it is fairly cost effective. I did issue a word of caution though.
You Should NOT use WordPress if…
You do not plan to invest either the time or money in the maintenance of your website. I highly recommend a HTML, Drupal or other type of site if you are really only doing an online brochure and you want to set it and forget it.
WordPress Upside
WordPress is awesome and has great SEO and tremendous plug-ins to add easy functionality to your site. It is fairly inexpensive to get up and running and many web host companies will help you install the WordPress software (which is free) on your domain.
WordPress Downside
Hackers love un-maintained WordPress sites. I no longer will do a WordPress site if the client does not agree to maintain the site or signs a maintenance contract with me. If you do not update the back-end software on the site, including plug-ins, you are waving a red flag in front of the raging bull; hackers.
One of the first websites I did was for a coaching client. The client declined our maintenance package. They have been hacked twice since and I can tell you from painful experience it is not cost-effective for the client or for me to have to hunt down the malware, retrieve a back up of the site (if one exists) and get everything back up and running.
In July, 2014 PCWorld reported that 50,000 sites where hacked through a WordPress plug-in vulnerability. In today’s online world it is impossible to give a 100 percent guarantee that a website will not be hacked. With that being said, we want to leave all back doors firmly closed!
There are plug-ins available to secure your site, but you have to make sure everything is compatible with the theme you are using. I recently added a security plug-in, that I used successfully on many sites to a Thesis site. I then spent several hours trying to figure out why I could not access the cpanel. After removing the plug-in, everything worked fine.
A programming friend gave me a trick that allows you to change the .htaccess file to block any IP address other than your own from accessing your site. This works only if you have the IP address of anyone who is accessing your site.
So my advice is if you do not want to invest in maintenance on your site (your time or someone else’s) then I recommend you do not use WordPress. There are other options available.
What is your experience?