22 min
Why I don't recommend Wordpress as a Fractional CMO. Ft. Lydia Chiu
By David Lee
Learn why Wordpress is no longer the best web platform and learn about the alternatives available for company websites.
INTRO
Dave: When I ran a full service marketing agency, I made the decision back in 2018 to move off of WordPress to HubSpot. Now in my role as a fractional CMO, I'm no longer constrained to a specific technology, but I find myself reluctant to recommend WordPress as a website to my clients.
I'm biased.
There's a whole bunch of reasons why I don't like WordPress.
So I thought it'd be a good idea to bring in a web developer who not only uses WordPress and HubSpot, but several other development platforms and really get her point of view.
So I'd like to introduce you, Lydia. Hey Lydia,
Lydia: Hi, Dave.
Dave: Why don't you go ahead and introduce yourself.
Lydia: All right.
Well, my name is Lydia Chu. I'm a partner at JubJub Interactive. I have been developing websites since websites started to exist and glad to be talking to you today.
Dave: Very cool.
So, there's other platforms that you have that you develop on besides WordPress and HubSpot. Can you just name a couple?
Lydia: Sure.
So yeah, we like we like WordPress. We like HubSpot. We also develop a lot we're a partner with Webflow and Expression Engine, CraftCMS is another one we love.
So there are a lot of alternatives out there that people don't necessarily know exist.
Dave: Very cool.
So let me set the table here. Because if we try answering the question, is WordPress a good platform for websites? It's going to kind of be difficult to answer that without some context.
So let's start out by first talking about companies who have at least 2 million or more in revenue.
Let's also limit ourselves to the B2B world. And let's also include e commerce into the discussion because selfishly, a lot of my clients are in the manufacturing distribution area who use e commerce to sell their products online. Does that sound okay?
Lydia: Sure, sure,
Dave: So there are three questions I'd like to frame up in this discussion.
The first is what are the benefits for choosing WordPress?
The second is what are the risks and challenges of using WordPress?
And then, so what are those alternatives that you talked about to WordPress and why would you recommend them over WordPress?
Benefits of Wordpress
So let's first start out with what are the benefits for choosing WordPress?
Lydia: So WordPress is the most popular website platform.
There are more websites on WordPress than any other single platform. And so I think in terms of, you know, the old adage, like, no one ever got fired for choosing Microsoft. You know, no one, it is potentially people might get fired for choosing WordPress, but it's like, it's a pretty safe platform just because of the numbers.
There are, because of the numbers, there are all sorts of add ons. If you, if there's something that you need to be built, somebody else probably encountered that same thing. It probably exists somewhere in the ecosystem. And so, it's also pretty flexible.
So it has grown a lot in the past few years and it's matured a lot. And there are some pretty good frameworks that have sort of become best practice standards. And you know, the other thing about it being so popular is that you can find a developer. It's really easy to find a developer.
Dave: Yeah, there's, because there's such a large ecosystem, there's a lot of developers out there that can support this as well as many choices of frameworks and different themes and that sort of stuff.
Lydia: Yeah.
Dave: So then, what are some of the challenges and risks of using WordPress? So I'm going to repeat the same list.
Challenges of using Wordpress
Security
Lydia: I think, because there are so many installations of WordPress. There's so many websites, it's an easy target for hackers. Not only just because of the numbers, but also, you know, given the fact that it's open source and all of that kind of stuff, it is there are a lot of exploits.
No one right way to build a Wordpress site
The other thing is there's no one way to build, there's no one right way to build a WordPress site. And so, because there are so many different implementations, you're not getting necessarily, if one company has a WordPress site built from one agency and another company has another site built from a different agency, those two sites might not actually look anything like each other on the back end.
And you can say it's WordPress, but with all of the add ons and frameworks and themes and everything that you have to implement in order to get the site up and running. It is, it could look totally different.
Wordpress can be difficult for end users
And so for example, one of our clients had a WordPress site developed before they were our client and they were given a 190 page user guide for how to use the WordPress CMS.
And one of the selling points is for WordPress is supposed to be that it's easy to use, but it is possible to make it completely difficult to use. So difficult that you need a hundred and ninety page user guide to try to figure out how to use it. So, so yeah, that's, one of the challenges is you don't quite know what you're going to get.
The best practices are a little bit more instead of industry wide, it's more sort of like sliver of industry or for a particular, but a particular development shop, they probably have, everyone should have their own best practices, but they are typically their own best practices.
Plug ins can increase complexity
So, the other challenge is that because there are so many add ons and the ecosystem is so big and because people can do whatever they want to. There are so many security exploits. Daily we get emailed security exploits and if you don't keep up to date with all of those security exploits and patches, then your site, it runs the risk of being hacked.
And the risk of that is that they can reach data that's in your site if you're collecting any kind of data. If there's data on users that are in your site, there's been form submissions on your site, they can get access to that kind of data. They can also start serving malware from your site, which then you become liable from a risk standpoint, if people are downloading malware that infects their site from your website,
I mean, that affects their network from your website. That's becomes an issue. So there's a lot of risk and not to mention the damage it can do to your brand if somebody goes to your brand and it's your website and it's been defaced. In particular with e commerce, if you have a lot of transactions and customer data in your database, then all of that could, could be at risk if there's, if there's a hack. So did I, that was kind of long. I don't know. Did I answer all of the questions or?
Wordpress builds are like "custom websites"
Dave: Yeah let's dive into a little bit deeper on a couple of those.
So Yeah, I remember, when I talk with developers, the thing they hate is reading their own code from like six months ago or reading someone else's code, because, like you said, everyone has their own best practices and different ways of doing it.
So are you saying that even though the front end can look the same, it's the back end coding that can be different. So when you, cause as a development agency, you've taken over WordPress sites from either the clients from inter internal dev team or from other agencies. Have, have you found that there's a standard model or does it really vary from every agency to agency or developer?
Lydia: It varies a lot.
And even, even agencies, I mean, because WordPress is so popular and there's so many people they may have a single developer, it may be a big agency, the way that the sites have put together, even within the same agency, sometimes it's not consistent and oftentimes, actually, when we inherit a new WordPress site, we will require that it is at least partially rebuilt so that we don't have all of the, we're not spending all of our time and our client's money trying to figure out what somebody else did, if it didn't make sense.
And part of the challenge with the, you know, inheriting sites is there can be add ons that are no longer supported as well or custom add ons. And so there's no guarantee that those are going to be updatable when WordPress releases new versions. And so that's you know, so we have to, you have to be very, very ultra diligent about all of that kind of stuff.
So yes, oftentimes. It's a first, at least a, behind the scenes rebuild prior to moving forward with new clients.
Dave: So even though that you can say, Oh, it's a WordPress site, what you're saying though, is yes, it's a WordPress site and it looks and acts like WordPress on the front when you look at it. But really almost every WordPress site is a custom website because every developer has their own way of coding things up.
Lydia: exactly. Yeah. Yeah, exactly.
Wordpress and keeping Plug ins up to date
Dave: And why don't we talk a little bit about some of the risks of the plugins being out of date or incompatible. And that's why maybe the WordPress engine hasn't been updated, which probably leads us into like a discussion around security risk. But can you talk a little bit about that compatibility and the upgrading the WordPress engine?
Lydia: Sure.
So, the WordPress core platform that comes out from, you know, WordPress itself, there are going to be, you can just plan that there's going to be a lot, it's a rapid update cycle. It's not like some software that will do a quarterly update or something like that because there are so many security exploits, we get, we get notifications daily, pretty much that something has to be updated. And so, because of that, not every add on is going to be future proof. And in fact, it's very difficult to be not to you know, give those developers a hard time. It's, it's very difficult to be absolutely future proof.
You have to be in in it all the time and just be ready. Like if you have a WordPress add on, you have to be prepared to support it on a code level basis. If you're the, if you're the add on provider and so it's, it's very tricky to you know, when there's a, when there's a, an update that comes out, if you try to just, just update everything. What happens to some people is they click the update buttons and then all of a sudden the site's broken. And it's because the add ons typically it's because the add ons or the theme are not compatible with whatever updates WordPress just did. And I think the key thing to realize, which I think that this is, you know.
It's generally not something that's super important to business, the, like the business side of things, but it's important to developers and it has, but it has business implications is that WordPress is more kind of a page level paradigm in terms of the design. And when you store how something looks in WordPress, the content and the design all get stored together.
And so you can't separate out the design from the coding and the content it's all together stored as one thing and other content management systems that are more kind of like true content management systems, the data is separate from the design. And so if something changes on the back end, you've always got the data and you don't have to worry about that.
And the design of the front end is separate and so updates on those types of systems don't tend to have this like massive ripple effect where they do in, in WordPress where you might update this one little thing and then all of a sudden everything's broken and it's because it's all stored in the same, it's all stored in the same place.
Dave: Yeah. You know, I remember when we were on WordPress and Devin WordPress, there was also like for the plugins, there's a timing issue, just kind of like what you talked about. You had to make sure that the, all the plugins had updated themselves to the current engine rev before you update it. So there's coordination that happens.
And the entire upgrade could be held up from one or two plugins that just haven't gotten around to certifying on that
Lydia: Yes. Exactly.
And something that we just encountered is there was a very popular plugin that did a very small thing and, it was pretty much like the industry standard plugin for this particular little piece of functionality. All of a sudden they stopped supporting it. it's a free plugin, which everybody loves you know, everybody loves that there's plugins that are free, but guess what? They have no obligation to support that plugin. And so all this, and there was a security exploit in the plugin. And so all of a sudden, you know, I think there were over a million installs of this of this plugin. All of a sudden, all of those sites had to swap out functionality.
They had to remove that plugin and put in a different plugin just so that a certain type of image file could be shown on the website. And so that type of thing will happen. And so it requires constant vigilance.
Dave: Everyone likes the free plugins. It becomes a question of support. So often people have to, you should be paying for the plugins because then, you know, there's a dedicated team behind the scenes supporting that.
Lydia: Yes. And there's some kind of an obligation that they have to the people that are using it as well. Oh yeah.
Wordpress Security plugins don't prevent hacks, just notify.
Dave: So another, one of the more popular plugins that I remember when we talk about security exploits is there's a lot of different like security plugins that can be used to help prevent hacking. Have you found those to be. Without naming names, but I mean, have you found those to be useful or have people still been able to get around those, you know, well known plugins for security?
Yeah.
Lydia: mean, there's a bunch of best of breed security plugins. There's also, you know, firewalls and stuff that you can, that, that you can use, on web hosting, there's always a way around it. It all comes down, it almost always comes down to, exploits in the WordPress code. And so even the best security plugins, if the WordPress code line is, if there's an exploit, then there's an exploit and it's about most of the, the way most of the plugins work is they notify you that there's a problem.
They don't necessarily prevent the problem. Or all of the problems, but yes, I mean, we have found that if you use the best practices plugins with best practices configuration and best of breed hosting and like the full stack sort of as recommended and you're extremely diligent about updating and you only use sort of a list of best of breed plugins and themes, then yes, you can have a successful, secure, uh, WordPress site.
Wordpress and choosing the right hosting company
Dave: And there's one final question I want to touch upon before we move on to some alternatives. And that's Lydia, your company does WordPress hosting, right? You have
Lydia: Yes, we do.
Dave: engineers, they, you have hosting servers. And so can you talk a little bit about what's involved in choosing the right hosting company?
Because it's not just selecting the right, you know, WordPress, the theme and the plugins. It's also what hosting company you use.
Lydia: Yes.
And some of this is going to be, you know, preference for the clients, but most of our clients, they don't want to be dealing with you know, if there is some sort of an issue, they don't want to be dealing with some sort of you know, ticketing system where they, put something into the void and then they don't know whether or not things are going to, you know, when they're going to be resolved at any of that type of thing.
But I think the main thing, so you want to be sure that you're using business level hosting. That's like the first thing. If we're talking about companies that are doing that are B2B companies that have 2 million in revenue and up you know, you want to have business level hosting because if you are on bargain hosting WordPress, if you're running all of the stuff you should be running, it will take up resources and your site will be slow if you're on servers that are oversold.
So that's the first thing is you want to have true business level hosting. You want to have hosting from people that are providing WordPress hosting in particular, so you can host WordPress on any, anything that has PHP and MySQL, but you want to be sure that it's not just sort of plain Jane hosting because there's special security set up that we would recommend for the servers.
And it's like at every level of your stack. So you have the databases set up a certain way. You have the server set up a certain way. You have backup set up a certain way, because oftentimes as we, as we mentioned, when you upgrade something, sometimes things break.
So you want to have it as, as easy as possible for users to or your developers to take a quick backup before running updates, it's also good to have a hosting provider, depending on how actively you're developing. It's good to have a hosting provider that has multiple environments available.
So you, you might have a development environment as well as your live environment. And that makes it easy to publish from one to another so that you can have kind of code level development level changes going on while the main site is live, and then you can test those changes safely. That's another thing that you'd want to look at for your host.
You'd want them to have you know, access to content delivery network layer, both for speed for WordPress and security. And I think those would probably be the main things, but like I started off mentioning support, support's a big thing.
You've got to figure out like, do you want to be able to talk to a human who's going to be able to stop to solve your problem? Or do you like not, you want to have chat support, you know, those types of things, and all of those things kind of go into different hosting companies are going to have different levels of service available for those types of you know, preferences.
Dave: And one of the things I also remember when we were developing WordPress, and if something breaks. There's always a conversation of like, well, is it the actual WordPress? Is it the actual website or is it the host? And you know, when you get to two different divisions or two different companies, everyone's like, Oh no, it's their fault.
It's their fault. And so one of the advantages is that I think your company has is that you have a development team and you host, so there's really no pointing fingers, maybe. Maybe internally there is, but for a customer facing or, but from a customer facing standpoint, there is, there's one single point of contact.
So, yeah, I remember when things went sideways on our WordPress sites, we had to liaison with our hosting company. It wasn't you. I didn't know you back then. And it was always a, it was always a push and pull between, is it the hosting problem or is it, is it actually the code that we developed on the backend?
So yeah, there is, there's, there's a lot of complexities it seems that with WordPress comes, there's a lot of choices, but there also becomes a lot of complexities. Everything from almost every WordPress install is air quotes here, custom because every developer does, does it slightly different. And there's all these plugins and there's hosting considerations, the interaction between the hosting and the developer.
There's a lot of balls in the air that you have to juggle when using WordPress.
Lydia: Yeah, for sure.
Alternatives to Wordpress
Dave: So then let's move on to the third topic then is really, so. What are alternatives to WordPress and when would you recommend using, you know, maybe HubSpot or a different CMS, or even when it comes to e commerce, you know, that sort of stuff, because a lot of people do run WooCommerce on as their e commerce platform.
So what are some of the, maybe the use cases where you'd recommend a different platform as opposed to WordPress, depending on the use case
Shopify for e-commerce
Lydia: Sure. I'm, I'm going to actually start with the last thing and that that's for e commerce. So. WooCommerce is powerful, but it is also updated constantly. And so, and not only just, you know, little updates for, to, for security, they redo their database there's, there's a lot of change, which means there's a lot of ongoing cost and babysitting with WooCommerce if there's any kind of complexity with what you're, with what you're selling.
And so for e commerce, I think that's the easiest recommendation. For almost all e commerce projects these days, we're recommending Shopify and we love Shopify. It is, you know, for a while there in the early days, it didn't have the rich feature set that it does now and all of the APIs and the developer friendly tools and all of that kind of stuff, but it has come so far and it is so easy to use and not only that, it's for the end user, for the clients, for the clients, whenever you're using WooCommerce, it's like you've got this little e commerce module within WordPress.
And so you kind of have to find your way into the e commerce thing when you log in from the, from the end user, and then you click around a whole bunch more to find the orders and all of that kind of stuff, but with Shopify. If, if it is primarily e commerce, then you know, it's so easy.
Everything's geared exactly towards that. They have millions of customers I feel like they really focused on usability for the people managing the website as well as the people using the website. So, I mean, they've got a ton of data they are constantly making improvements.
They just released, you know, like one of the big things they did in the last couple of years is they released this whole simplified checkout process. And, you know, that was based on users. They're doing the monitoring, they make it actually easier for you to use best practices because they're doing the, the, the data analysis to see how all of their millions of users are checking out and seeing how they can make that simpler and stickier. And also there's a great kind of upgrade and scale path with Shopify plus. And so if, we're not looking so much at the 2 million revenue, or maybe you're doing 2 million of revenue just from your store, you know, that kind of thing, you can upgrade to Shopify plus for more, distributor type or wholesale type functionality.
A lot of types of sophisticated functionality. And so it's really, you know, it's got the security. They have a great security record. You just don't have to worry about anywhere. Near as much and really from a, like a platform standpoint, the pricing is very comparable to, to WooCommerce because with the WooCommerce and, and the WordPress, you're still going to be paying for the WordPress hosting, you're going to be paying for all of the add ons it's, it's really, you know, from that perspective, the cost, I think it's, it's very comparable.
And ongoing development it's for WordPress you may be able to WordPress development I think can sometimes look a little lower than other types of development right at the beginning. But if you start looking at your two, your three, you're going to see other platforms give you more for your initial investment and not have to, not require as much upkeep or not, not cost as much to do additional things.
At least that's been our experience. So that's the first thing for Shop for, for e-commerce. Shopify's a fantastic a fantastic alternative with a, it. It also has a great add-on, environment. But it is, much more consolidated and vetted then, and it's then than a, than a WordPress, add-on situation.
HubSpot CMS and marketing / sales integration
So, for other types of sites, I think HubSpot is, is fantastic, especially if you're using any of their other types of functionality. So if you have a a CRM that you're trying to hook into, if you're, we've had more and more of our clients recently switch from Salesforce into HubSpot for that type of functionality.
And so the more that you can have just on the same platform, the better. Obviously, you know, their marketing automation tools are the industry leaders in that and their CRM is super easy to use compared to other CRMs. And so recently it used to be five, 10 years ago, the HubSpot CMS was kind of like, I don't know, it's like an afterthought compared to the other, there are other stuff, but recently, the last few years, they have devoted a lot of resources to it and they built it into a true CMS where you've got developer tools, you have much more sophisticated theming, you have, better themes available out of the box also but also true content management capabilities where you can define your own types of content, your own content model, there's a database, there's database functionality with hub DB that you can connect into and there's all sorts of third party APIs if you want to get data into or out of HubSpot.
And so, much like Shopify, it is a fantastic hosted platform that has a great security record. It typically performs really well on performance tests for site speed. And, you know, they're just a best of breed software platform. So we, we love developing and, and HubSpot, especially now that the tools have caught up.
Dave: I, yeah, obviously, I mean, we used to use Devon HubSpot, my team when
Lydia: yeah, yeah,
Dave: I love HubSpot for everything you just said. And yeah, I remember when HubSpot first launched, it was, it was kind of janky, but yeah, definitely over the last couple of years, they've really dialed in their tools and functionality.
So very cool. And, but there are other platforms besides HubSpot.
Lydia: Yes.
Webflow is great for designers
There are definitely. We also really love Webflow. Webflow has kind of become the darling of designers. And Webflow has really great integrations with all of the, the stack that designers love. So Figma, there's a Figma to work to to webflow workflow now. And what is really nice about Webflow is that it's a visual designer, kind of like what you get in WordPress.
So like maybe sort of like an Elementor or a divvy in, in the WordPress world. But on the backend you are actually defining styles and universal styles. And so where design is really important and brand is really important and the consistency, also for, for people who need to build landing pages that look really great and but are complex and maybe have complex content.
Webflow is a fantastic system. It is also hosted, and so you don't have any of the. Issues, with the add ons and upgrades and all of that could kind of go along with the security the WordPress security issues, but you have a lot of flexibility with the design and there's a really rich template ecosystem as well, the themes aren't as expensive as the HubSpot themes. And, but, uh, it's, it's great. It's, it's great for, for sites where you want rich design, where the design is, is really valued.
Expression Engine for high content sites
Another platform that we love and we're, we're partners for this as well is expression engine. Expression engine is a true CMS. It's commercially supported, it's commercial software and licensing is around the $300 mark. So really when you look at the core plus add ons, it's the pricing for the software is very similar to a WordPress, but, expression engine has an excellent security record. And a really good extensibility framework. And so for data driven sites where maybe you have thousands of products that have lots of information. So we were talking about e commerce type sites. If there's a site that has a lot of times you'll have product data. They'll maybe you need an MSDS sheet. Maybe you have a product spec sheet.
Maybe you have other supporting data. You have maybe related videos, related resources. Any type of related content, lots of content, multilingual content expression engine excels at that, and it is a true content management system where the design is totally separate from the data. And so once you have your 10, 000 items in the system, if you want to make it look entirely different, we can do that and you don't have to go and recreate all the pages and reenter all of the, you know, PDFs and all of that kind of stuff, it's all actually in the system. And so it's, it's always been a favorite of ours as well. And the, like I said, the security record is just it's fantastic.
Choosing the right platform: have solid requirements
Dave: So, I mean, it seems like, you know, there's a lot of choices besides WordPress. Maybe to kind of wrap up this conversation, what is the best way for companies to determine, well, which platform should I be using?
Lydia: Well, I would recommend seeking the advice of a, an expert actually, because it's, it's not necessarily an easy answer. There's some, I think it's important to understand the goals and risk tolerance of the company. So for example, and, and the type of company, whether they do business in multiple, locations around the world, whether, you know, they're in cybersecurity, you know, how, if they're a government contractor, there might be certain requirements and there's a whole breadth of things to take into consideration before making a recommendation.
What I would say is, you know, there's a lot of great choices out there. I think it's important to understand what the different factors are that you should be weighing in order to decide which, which direction to go.
Dave: Yeah, I mean, that, you're, you speak my language in terms of just gathering requirements. It's the requirements that's going to drive the system selection .
Lydia: Yes,
for sure.
Dave: cool. Well, I want to say thank you for spending the time with me, educating myself and other folks here on the different platforms and kind of really answering the question of is WordPress a good option?
And really it depends upon the requirements.
Lydia: Definitely.
Ending
Dave: Thank you for being here with me. For those who want to get in touch with Lydia, I'm going to be leaving her contact information at the bottom of this transcript. And thank you so much, Lydia.
Lydia: Thanks for having me, Dave. This is a lot of fun.
Dave: This is great. Thanks for spending time with us.
There's more great educational content and interviews for you at do what. works slash podcasts.
Lydia Chiu: Partner at Job Hub Interactive:
LinkedIn: https://www.linkedin.com/in/lydiachiu/
Website: https://www.jubjub.com/