WorPress, like any tall poppy, can cop a fair bit of flack from the vocal minority over it’s vulnerabilities. It is the most popular website platform in the world right now and with that comes a few negatives (that can be managed and often overcome) More here: The WordPress isn’t insecure – you are! It also comes with a huge list of upsides that can be taken advantage of and leveraged very successfully in all sorts of ways.
Some of the pitfalls to avoid when building or running a WordPress website
Set and forget:
We don’t recommend this approach to managing any website in the increasingly active community of hackers, spammers and manipulators of the internet. Any website platform that is left idle, without applying software/security updates and some form of hacking protection and security monitoring, leaves the door wide open for those looking to take advantage easy targets.
Out of the box settings:
Simple changes can have a big impact, using the same login name as the majority of WordPress installs is just asking for trouble. If your username is “admin” you’ve just given a would-be intruder half the information they need to gain access…
Using free themes and plugins:
While not a complete no-no, in the past there have been (and no doubt there still are) free plugins and themes that contain malicious malware applications and backdoors that allow access to sites to the wrong people. How good is that, you install their software on your site, so they can have access to do bad things, now that’s some smart hacking!
Other downsides to “free” components can be; there is little or no support provided if you have an issue, they may not be updated when a new security exploit is discovered and the developers can walk away at any time and leave the software with no support what so ever.
There is always a good time to use free options, you just need to be selective and smart about your decisions. Downloading random plugins and themes from random sources on the internet will eventually bring you undone. The assets available on WordPress.org are a great start and you will find a lot of the quality components available will offer a “premium” or paid version of the theme or plugin. I’m always happy to see this option as it offers the opportunity to upgrade, get support and is an indication that the developer is serious and running a business, they have some skin in the game and the success of their software is important to their businesses success.
Everyone is a WordPress consultant:
But not all consultants are created equal, it’s a bit like choosing between a designer and developer, which do you need? They can be completely different in their approach and delivery method, it’s a trap that a lot of people fall into.
If you can define the outcome you are looking for, and present this to potential consultants they “should” be able to give you a response you can decode that will help you identify the right fit. If you need something technical resolved, like an advanced function added to your website or a plugin modified to create a specific outcome – you’ll be looking for a developer or programmer. If you need your website to look like your business and speak to your target market – then the designer will be your saviour. Get these two mixed up and you’ll be out of luck.
There are a LOT of WordPress consultants on the market now, some with little to no web design or development experience. While not always a deal breaker, it does demonstrate the transformational effect WordPress has had on the web “design” landscape. Finding the right match for you is a matter of aligning your requirements with the products, services and abilities of the right supplier, only then can you achieve a fantastic outcome.