Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In with OpenID
Advertise on LowEndTalk.com

In this Discussion

What's wrong with WordPress?

What's wrong with WordPress?

YokedEggYokedEgg Member
edited April 16 in General

In all seriousness, what's wrong with WordPress?

Seems to be generally disliked here, although it's powering upwards of 25% of sites according to WordPress themselves, which is believable from me.

I know people say it's insecure, but that seems to only be so without the right configuration (which could happen to any script, really), and insecure plugins being installed.

People say it's slow because of php + database (not static), but when you cache it (both php and the actual site), it can work just fine.

So convince me here, why not just use WordPress?

There's just too big of a plugin ecosystem and too much functionality to leave, and nearly every business needs a blog.

P.S. I understand every use may not fit WordPress.

Yoked or Yolked? You decide.

Tagged:
«1

Comments

  • WSCallumWSCallum Member, Provider

    WordPress is a good platform to work with if you keep it updated, well managed and well secured, a lot of people use poorly coded plugins/themes which are easily exploited and that's where a lot of bad blood comes from when it comes to wordpress.

    It is definitely one of the most popular platforms to use and it's that way for a reason.

    WebSound - Affordable, reliable hosting solutions
    UK SSD Web & Reseller Hosting / VPS / Minecraft Servers - www.websound.co.uk

    Thanked by 1YokedEgg
  • HoostHoost Member, Provider

    Maybe it's not WordPress that's the actual problem for most things. Perhaps just some of the people using it. It can be secure, if you use it right, don't add dumb themes and add-ons etc, but not everyone knows/cares about that.

    Michael From Ho-ost | Social at HoostSolutions

    Thanked by 1YokedEgg
  • @WSCallum said: WordPress is a good platform to work with if you keep it updated, well managed and well secured, a lot of people use poorly coded plugins/themes which are easily exploited and that's where a lot of bad blood comes from when it comes to wordpress.

    It is definitely one of the most popular platforms to use and it's that way for a reason.

    I pay for my major plugins & my only (customizable & brandable) theme I use.

    Which are beaver builder theme & page building plugin. I love it, it was cheap enough for me, and since I'm actually paying for it, I receive updates on both.

    Yoked or Yolked? You decide.

    Thanked by 1WSCallum
  • deankdeank Member
    edited April 16

    The issue with WP is that it got too popular. Every single script kiddies find it the easiest target to hack into.

    Bundled with a common trend of "install and forget" and downloading pirated themes cuz it's free, it creates a nice recipe for disaster.

    Of course, when actually hacked, WP users blame the host first always.

    The end is nigh. Why? Because the end is actually nigh.

  • @deank said: The issue with WP is that it got too popular. Every single script kiddies find it the easiest target to hack into.

    Bundled with a common trend of "install and forget" and downloading pirated themes cuz it's free, it creates a nice recipe for disaster.

    Of course, when actually hacked, bloggers blame the host first. I don't think I've seen any bloggers voluntarily admitting that it was their fault.

    Anyone that doesn't know what they're doing should use Centminmod, it secures it down by default if you let it use it by default settings.

    Vast majority of hacked WordPress sites are a sys admin error in configuration, or a insecure plugin install.

    Yoked or Yolked? You decide.

  • jhjh Member
    edited April 16

    I don't hate Wordpress but it does encourage idiots to do stupid things..

    Plugin store be like "here's a list of packages written by random people on the internet - click here to download and run them!"

    Wordpress owner be like "Ooooh a plugin that lets me edit my robots.txt file!"

  • deankdeank Member

    I generally avoid using WP. Using something even slightly less popular reduces general risk by shit ton.

    The end is nigh. Why? Because the end is actually nigh.

  • raindog308raindog308 Moderator

    I think the chief problems are:

    (1) The base platform is so widely used that it's a huge attack surface. Then again, one could argue that any problems are swiftly exposed, so...

    (2) There are a billion plugins for it, and with any given plugin, you're trust that one developer with your site.

    I use WP but stick will well-known theme vendors and plug-in providers.

    jh said: Wordpress owner be like "Ooooh a plugin that lets me edit my robots.txt file!"

    Yeah, the best attitude with WP is "don't use a plugin if you can avoid it".

    My Advice: VPS Advice

    For LET support, please click here.

    Thanked by 1Clouvider
  • @deank said: I generally avoid using WP. Using something even slightly less popular reduces general risk by shit ton.

    Idk, that's another change the SSH port = secure argument. It's just hiding really, I think it's better to use software you can rely on the team existing in a year from now. For example HTMLY is pretty much dead now already.

    Yoked or Yolked? You decide.

    Thanked by 1Abdussamad
  • deankdeank Member

    @raindog308 said: Yeah, the best attitude with WP is "don't use a plugin if you can avoid it".

    That's true to any CMS. The opposite usually happens though.

    The end is nigh. Why? Because the end is actually nigh.

  • As you pointed out, the plugin ecosystem is quite out of control. A good chunk of plugins were coded for earlier releases and haven't been given a second look. Why? For one, the world is always looking for something newer and with a slightly different functionality. I have seen so many forks and versions of the Site statistics plugin (don't remember the actual name now). So plugin X gives you 5 options, plugin X+ gives you 10 options, Plugin Ultimate X gives you a different set of 10 options and so on.. You never know which is the "good" one out of the bunch.

    Because plugin & theme development is often lucrative and the fact that a lot of code is GPL licensed, half-assed developers can put together something that looks amazing. (Though in reality opens a lot of vulnerabilities and slows down the website).

    Many years ago when I was on shared hosting, a bad neighbor would cause my site to also be vulnerable. I have seen email sending php scripts on my home directory even though I don't have any thing running other than a default Twenty Fourteen/Fifteen theme.

    While I don't think I can convince you that you should move away from Wordpress (I run 90% of my sites on it), I think it takes a lot of tending to, like a garden.

    Are you looking for some textual fun?

  • For siteowners that are going to use Wordpress for business use, its wrong to do it without professional help, I'm pretty sure 90% of those "hacked", "broken" wordpress sites seeking help are because they don't have the right knowledge to use it.

    On developer perspective when I discuss it with my colleagues, its always mixed, some just hates PHP so they hate Wordpress; some are turned off because its not fully OOP; some hates using a "blogging" software for a fully content management system.

  • deankdeank Member
    edited April 16

    Another issue is that, until one's hacked, they don't feel being hacked is their reality.

    It's the same as making backups. One doesn't usually have a habit of backing up things until he loses his data catastrophically. Even then, there are those who don't learn from their own mistakes.

    The end is nigh. Why? Because the end is actually nigh.

    Thanked by 1Aidan
  • Static sites FTW

  • elliotcelliotc Member

    Wordpress is a good way to consume my Idle vps.

    Looking for cheap vps to monitor the uptime of idle vps.

    Thanked by 1ariq01
  • emgemg Member

    WordPress suffers from frequent security issues. Keeping up with patches adds to the workload. Automated exploits for script kiddies appear quickly, so you don't get a lot of time to patch, and let's not ignore the occasional zero day exploits.

    How often do we see headlines where "thousands of WordPress sites" were infected or taken over by bots? That says it all to me.

  • @emg said: WordPress suffers from frequent security issues. Keeping up with patches adds to the workload. Automated exploits for script kiddies appear quickly, so you don't get a lot of time to patch, and let's not ignore the occasional zero day exploits.

    How often do we see headlines where "thousands of WordPress sites" were infected or taken over by bots? That says it all to me.

    Being a bit dramatic, also use WP-CLI for automatic updates.

    Yoked or Yolked? You decide.

  • @jh said: I don't hate Wordpress but it does encourage idiots to do stupid things..

    Plugin store be like "here's a list of packages written by random people on the internet - click here to download and run them!"

    Wordpress owner be like "Ooooh a plugin that lets me edit my robots.txt file!"

    lol

  • kasslekassle Member

    because we're anti-mainstream ?

    the only acceptable mainstream product is whmcs and cpanel

    for me, the biggest obstacle to use wordpress is no postgresql support. yes there is pg4wp, but unofficial and abandoned.

  • @kassle said: because we're anti-mainstream ?

    the only acceptable mainstream product is whmcs and cpanel

    for me, the biggest obstacle to use wordpress is no postgresql support. yes there is pg4wp, but unofficial and abandoned.

    I dislike both whmcs and cpanel, to be honest with you.

    Yoked or Yolked? You decide.

    Thanked by 1kassle
  • HxxxHxxx Member
    edited April 16

    As long as you use the right plugins and keep everything on auto-update, assuming you did things correctly, maintenance job is next to none. WP Security is very decent as long as you use Wordfence free or paid. This is just like cPanel, after install, **harden **it then you are good to go.

  • @Hxxx said: As long as you use the right plugins and keep everything on auto-update, assuming you did things correctly, maintenance job is next to none. WP Security is very decent as long as you use Wordfence free or paid. This is just like cPanel, after install, **harden **it then you are good to go.

    Sucuri or WordFence both work good.

    Yoked or Yolked? You decide.

  • HxxxHxxx Member

    IMO the wordfence company has a lot more to show when it comes to experience. Sucuri is pretty nice specially to change those salt keys after being compromised.

    @YokedEgg said:

    @Hxxx said: As long as you use the right plugins and keep everything on auto-update, assuming you did things correctly, maintenance job is next to none. WP Security is very decent as long as you use Wordfence free or paid. This is just like cPanel, after install, **harden **it then you are good to go.

    Sucuri or WordFence both work good.

  • PUSHR_VictorPUSHR_Victor Member, Provider
    edited April 16

    There is absolutely zero need to use any plug-in for security purposes with WP. Same with using caching plugins. Just throw Nginx, fail2ban and Varnish in, come up with a few fail2ban rules for the most probable attacks (xmlrpc, admin-ajax, search dos, a default catch-all for non-existing URLs, etc.) and call it a day. And make sure WP auto-updates itself.

    WP is a brilliant CMS.

  • @PUSHR_Victor said: There is absolutely zero need to use any plug-in for security purposes with WP. Same with using caching plugins. Just throw Nginx, fail2ban and Varnish in, come up with a few fail2ban rules for the most probable attacks (xmlrpc, admin-ajax, etc) and call it a day. And make sure WP auto-updates itself.

    WP is a brilliant CMS.

    Disagree on the first part, I always suggest using WordFence personally.

    Yoked or Yolked? You decide.

  • PUSHR_VictorPUSHR_Victor Member, Provider
    edited April 16

    @YokedEgg said:

    @PUSHR_Victor said: There is absolutely zero need to use any plug-in for security purposes with WP. Same with using caching plugins. Just throw Nginx, fail2ban and Varnish in, come up with a few fail2ban rules for the most probable attacks (xmlrpc, admin-ajax, etc) and call it a day. And make sure WP auto-updates itself.

    WP is a brilliant CMS.

    Disagree on the first part, I always suggest using WordFence personally.

    I am probably a bit too much an anti-plugins guy, but what is it the WordFence does for you that my no-plugins approach does not? I have seen what a mess WordFence does to the DB which is the main reason why I dislike it, and not how effective it is (if it really is, because I have not had a need for it on a few very high-profile WP sites).

  • @PUSHR_Victor said:

    @YokedEgg said:

    @PUSHR_Victor said: There is absolutely zero need to use any plug-in for security purposes with WP. Same with using caching plugins. Just throw Nginx, fail2ban and Varnish in, come up with a few fail2ban rules for the most probable attacks (xmlrpc, admin-ajax, etc) and call it a day. And make sure WP auto-updates itself.

    WP is a brilliant CMS.

    Disagree on the first part, I always suggest using WordFence personally.

    I am probably a bit too much an anti-plugins guy, but what is it the WordFence does for you that my no-plugins approach does not? I have seen what a mess WordFence does to the DB which is the main reason why I dislike it, and not how effective it is (if it really is, because I have not had a need for it on a few very high-profile WP sites).

    Well for one, brute force blocking unless you plan on creating access restriction with nginx.

    It does a lot of things other than that obviously.

    Yoked or Yolked? You decide.

  • GravelyGravely Member

    As most people have stated. Its not WordPress itself, its things like not updating plugins regularly that creates security breaches.

    Occasionally there are issues with WordPress it self that is normally resolved within 24 hours by updating WordPress.

    i have tried ManageWP to update plugins daily + backups etc. and it has worked well. If there is anything better that people have used please let me know :)

  • From a host standpoint WordPress has become an abuse problem. The WordPress core itself is secure, but when you add in free third party plugins and themes it can become a hassle to deal with. Sites get hacked and send spam, or host phishing content.

    DataPacket - Visit us at: datapacket.net

  • MikeAMikeA Member, Provider

    I run a few Wordpress installs (Nginx, PHP 7.2 + CloudFlare). Obviously secured, they're fast and I've never had a problem. Most of the problem is probably people installing a shit load of random plugins or never updating them.

    ExtraVM DDoS Protected VPS

  • Bloatware. Greedy for resources, insecure by concept. Too many poorly coded plugins; API, where security and simplicity were the last things developers thought about. Also, one cannot rely on plugin remaining in up-to-date state - so always be ready to replace the obsolete one and find an alternative.

    If I really need really powerful extendable CMS, I'll take Drupal.

    If I need really light and yet useful blog engine, I'll take TextPattern.

    If I would need to create a quick and secure site, I'll use a static site generator.

    Of course, WordPress success resulted in appearing of myriads of parasite services - those setting that damned thing securely, those developing plugins for it etc etc etc. So everyone happy, everyone busy. Long live WordPress!

    Monitor your network assets with IPHost (PM me for discount code)
    Thanked by 1Blazing
  • FHRFHR Member

    @Master_Bo said: Bloatware. Greedy for resources, insecure by concept. Too many poorly coded plugins; API, where security and simplicity were the last things developers thought about. Also, one cannot rely on plugin remaining in up-to-date state - so always be ready to replace the obsolete one and find an alternative.

    If I really need really powerful extendable CMS, I'll take Drupal.

    If I need really light and yet useful blog engine, I'll take TextPattern.

    If I would need to create a quick and secure site, I'll use a static site generator.

    Of course, WordPress success resulted in appearing of myriads of parasite services - those setting that damned thing securely, those developing plugins for it etc etc etc. So everyone happy, everyone busy. Long live WordPress!

    I hate the Drupal update mechanism, or lack thereof. When something like this happens it's much easier to fix WordPress - just press a single button to update.

  • On some WordPress installations I've managed in the past, I had to get my client to setup a development WordPress site and once they were done with it, I literally cleared all PHP FastCGI handlers in directories where WordPress shouldn't be executing any code.

    That trick worked out pretty well until somebody exploited an insecure plugin and started to infect the site again for spam and hosting malware on it.

    BuyPrivacy | Privacy focused VPN's starting from $2.05/month | PayPal and CryptoCurrencies (BTC,BCC,DOGE,ETH and more) Accepted!

    Also, a .NET Core evangelist.

  • @MikeA said: I run a few Wordpress installs (Nginx, PHP 7.2 + CloudFlare). Obviously secured, they're fast and I've never had a problem. Most of the problem is probably people installing a shit load of random plugins or never updating them.

    Two of my WP sites were hacked into and both were pretty up to date. So it's not always outdated WP sites that gets hit. I did some hardening after that and no issues since.

    I also looked at other CMS, Drupal, Joomla, Bolt, and some others. Nothing really beats WP in terms of convenience and ease of uses. I do like Bolt.cm though, but only for sites I rarely change.

  • joepie91joepie91 Member, Provider

    YokedEgg said: I know people say it's insecure, but that seems to only be so without the right configuration (which could happen to any script, really), and insecure plugins being installed.

    No. It still uses MD5 for password hashing. It blindly installs automated updates without verifying their authenticity, meaning that you can pwn a quarter of the web by compromising the update server. Security issues in Wordpress absolutely are not limited to plugins. Not to mention that something that's only secure "with the right configuration" counts as insecure full stop.

    The entire codebase is a mess structurally, making it easy to introduce bugs, including security-critical ones.

    From a quality perspective, Wordpress is an absolute trashfire. Its popularity has nothing to do with technical quality, and everything with optimizing for short-term benefits in exchange for long-term costs, like so many bad technologies do.

    Thanked by 1vimalware
  • YokedEggYokedEgg Member
    edited April 17

    @joepie91 said:

    YokedEgg said: I know people say it's insecure, but that seems to only be so without the right configuration (which could happen to any script, really), and insecure plugins being installed.

    No. It still uses MD5 for password hashing. It blindly installs automated updates without verifying their authenticity, meaning that you can pwn a quarter of the web by compromising the update server. Security issues in Wordpress absolutely are not limited to plugins. Not to mention that something that's only secure "with the right configuration" counts as insecure full stop.

    The entire codebase is a mess structurally, making it easy to introduce bugs, including security-critical ones.

    From a quality perspective, Wordpress is an absolute trashfire. Its popularity has nothing to do with technical quality, and everything with optimizing for short-term benefits in exchange for long-term costs, like so many bad technologies do.

    I know more than one person making millions through WordPress.

    Example:

    https://www.digitalmarketer.com/

    I'm sorry, but really, these baseless accusations don't really hold ground. If it's so insecure, I challenge you to hack them. But it won't be possible. WP is fine in terms of security and just fine in terms of loading speeds. Pros outweigh the cons.

    Yoked or Yolked? You decide.

  • Master_BoMaster_Bo Member
    edited April 17

    @FHR said: I hate the Drupal update mechanism, or lack thereof. When something like this happens it's much easier to fix WordPress - just press a single button to update.

    Inconvenient update scheme isn't an excuse to use WP instead.

    Also, when dealing with Drupal, I usually use automation tools like drush. Oh yes, and backup everything prior to any update/change, to avoid crying over corrupt data.

    @YokedEgg said:

    I'm sorry, but really, these baseless accusations don't really hold ground. If it's so insecure, I challenge you to hack them. But it won't be possible. WP is fine in terms of security and just fine in terms of loading speeds. Pros outweigh the cons.

    Your right to deem them baseless. I also get my part of income off WordPress - repairing broken/hacked installations, applying those security measures that do not come with bare bone CMS.

    As for "challenge you to hack" - sorry, I do not respond to sandbox-level taunts.

    Monitor your network assets with IPHost (PM me for discount code)
  • HxxxHxxx Member

    I disagree with a lot of the content here in this thread and without offending anyone, I must respectfully say there is a lot of clueless people throwing shit here.

    Saying drupal in here, I mean you lost the argument already with that card.

    I agree about the MD5 stuff, there are remedies to that. As always @joepie91 is knowledgeable , from dev to dev I can see his point of view.

    You should not run Wordpress vanilla. Wordfence, even the free version, is so effective, specially verifying the update sources, file versions, modifications, bruteforce, real time protection to prevent SQL Injections, I mean... shit if you are going to install plugins without reviewing their code, you better have some sort of security installed. In my books Wordfence is top and if anyone disagrees I invite you to take a look at what the product does, these guys are pioneers in the area.

    If you are going to use ANY CMS , all of them have vulnerabilities, all of them have shit plugins, etc. In the case of Wordpress, since is very popular, the community is huge, this is like Microsoft users vs Linux users.

    Even if you code your own CMS chances are you are going to do worst than WP in terms of security.

    Thanked by 1YokedEgg
  • kasslekassle Member

    YokedEgg said: I'm sorry, but really, these baseless accusations don't really hold ground. If it's so insecure, I challenge you to hack them. But it won't be possible. WP is fine in terms of security and just fine in terms of loading speeds. Pros outweigh the cons.

    it's @joepie91 opinion, challenge him to hack wordpress is useless. if you want to counter, prove his claim is wrong. for example show him if the password is hashed using SHA-512. or this discussion become destructive (wordpress vs the world ?)

  • YokedEggYokedEgg Member
    edited April 17

    @kassle said:

    YokedEgg said: I'm sorry, but really, these baseless accusations don't really hold ground. If it's so insecure, I challenge you to hack them. But it won't be possible. WP is fine in terms of security and just fine in terms of loading speeds. Pros outweigh the cons.

    it's @joepie91 opinion, challenge him to hack wordpress is useless. if you want to counter, prove his claim is wrong. for example show him if the password is hashed using SHA-512. or this discussion become destructive (wordpress vs the world ?)

    Well, for example, he's right about MD5 being the default hash but what he left out is the fact you can change the hash itself.

    I'm not in the slightest expecting the site to be hacked, but you can't say you've looked into the code and seen exploits without understanding how to actually use the exploit yourself.

    "If you can't explain it simply, you don't understand it well enough."

    -Alber Einstein

    The same fundamental principle could be applied here, if you cannot execute the exploit yourself, you don't understand it or it doesn't exist.

    P.S. I'm not really interested in arguing why everyone should use WordPress but you can't throw out something with no actual basis or facts behind it.

    Yoked or Yolked? You decide.

    Thanked by 2Hxxx kassle
  • kasslekassle Member

    alright then, back to topic

    honestly i have question about securing wordpress, some or most said to rename the wp-admin folder. yeah it will obscure hacker, but is this method will break the (auto) update mechanism ?

  • YokedEggYokedEgg Member
    edited April 17

    @Master_Bo said:

    @FHR said: I hate the Drupal update mechanism, or lack thereof. When something like this happens it's much easier to fix WordPress - just press a single button to update.

    Inconvenient update scheme isn't an excuse to use WP instead.

    Also, when dealing with Drupal, I usually use automation tools like drush. Oh yes, and backup everything prior to any update/change, to avoid crying over corrupt data.

    @YokedEgg said:

    I'm sorry, but really, these baseless accusations don't really hold ground. If it's so insecure, I challenge you to hack them. But it won't be possible. WP is fine in terms of security and just fine in terms of loading speeds. Pros outweigh the cons.

    Your right to deem them baseless. I also get my part of income off WordPress - repairing broken/hacked installations, applying those security measures that do not come with bare bone CMS.

    As for "challenge you to hack" - sorry, I do not respond to sandbox-level taunts.

    It wasn't directed at you.

    But it applies to anyone saying "I've reviewed the code, it's terrible, and has exploits". They will just look stupid unless they've already proved authority in the security field, or they can demonstrate it themselves.

    Yoked or Yolked? You decide.

  • HxxxHxxx Member

    Take a look at wordfence, the free version at least.

    You don't need to rename anything, that will break a few things.

    @kassle said: alright then, back to topic

    honestly i have question about securing wordpress, some or most said to rename the wp-admin folder. yeah it will obscure hacker, but is this method will break the (auto) update mechanism ?

    Thanked by 1kassle
  • YokedEggYokedEgg Member
    edited April 17

    @kassle said: alright then, back to topic

    honestly i have question about securing wordpress, some or most said to rename the wp-admin folder. yeah it will obscure hacker, but is this method will break the (auto) update mechanism ?

    By default, yes, you should rename it but that won't in the slightest really do anything for actual security, it's pseudo security by hiding. It's just for bots, etc.

    There's so many things you can do it's hard to give any advice really, start by renaming the admin folder and installing WordFence.

    If you want an easy way to lock down WordPress (such as double auth for login pages with nginx), try Centminmods autoinstaller with the default settings enabled.

    Yoked or Yolked? You decide.

    Thanked by 1kassle
  • FHR said: I hate the Drupal update mechanism, or lack thereof. When something like this happens it's much easier to fix WordPress - just press a single button to update.

    ..yeah, if convenience is a main factor to you, you might have to stick with Wordpress. On a developer's perspective Drupal as a CMS solution is a gazillion times better than Wordpress.

  • @ZiriusPH said:

    FHR said: I hate the Drupal update mechanism, or lack thereof. When something like this happens it's much easier to fix WordPress - just press a single button to update.

    ..yeah, if convenience is a main factor to you, you might have to stick with Wordpress. On a developer's perspective Drupal as a CMS solution is a gazillion times better than Wordpress.

    You really should say "In my opinion as a developer, Drupal as a CMS solution is a gazillion times better than Wordpress".

    Yoked or Yolked? You decide.

  • jetchiragjetchirag Member
    edited April 17

    Many peeps using WordPress have no idea about security and they would install any random plugin or theme. Many of those use nulled ones (because it's, well, free) but they have no clue that there site is compromised until the host suspends them for sending out large chunk of spam. They would then blame the host with threats and pointing out that their servers are insecure.

    /my 2c

    Doo-doo-doo, doo-doo-doo

    Doo-doo-doo, doo-doo-doo

    Thanked by 1DataPacket
  • @jetchirag said:

    Many peeps using WordPress have no idea about security and they would install any random plugin or theme. Many of those use nulled ones (because it's, well, free) but they have no clue that there site is compromised until the host suspends them for sending out large chunk of spam. They would then blame the host with threats and pointing out that their servers are insecure.

    /my 2c

    /me TL;DR: It's users not WordPress which makes it insecure

    True, true.

    Yoked or Yolked? You decide.

  • YokedEgg said: /me TL;DR: It's users not WordPress which makes it insecure

    I thought it'd work with content :?

    Doo-doo-doo, doo-doo-doo

    Doo-doo-doo, doo-doo-doo

    Thanked by 1YokedEgg
  • FHRFHR Member

    @ZiriusPH said:

    FHR said: I hate the Drupal update mechanism, or lack thereof. When something like this happens it's much easier to fix WordPress - just press a single button to update.

    ..yeah, if convenience is a main factor to you, you might have to stick with Wordpress. On a developer's perspective Drupal as a CMS solution is a gazillion times better than Wordpress.

    From my perspective as a developer I don't particularly like WordPress or Drupal - however I use WordPress because that's what clients want.

    Most people using the CMS won't know much about the system, they just want a working website. With a built-in updater, they will either update with a single button press or the CMS will update itself automatically (I always turn on auto update for my clients). If something like this doesn't exist, tell people who have no idea what FTP is to replace a bunch of files. I don't even mention Drush because that thing obviously doesn't work without SSH, a thing unknown on most shared hostings.

Sign In or Register to comment.