Never rush your website solution.
Before you commit to a particular framework or content management system (CMS), always make sure you ask yourself the following questions:
- Will a WordPress website offer sufficient security?
- What levels of support are included in a bespoke framework build?
- Can I manage all aspects of the site without a website development team constantly on hand?
This leaves us with one fundamental thing to consider, the big question behind all of these thoughts…
Which platform is the best fit for my website needs and how should I utilise it?
Used by over a quarter of all websites, WordPress is the first choice for a lot of businesses out there. It certainly allows for an attractive turnaround time, access to thousands of plugins, large pool of developers that can work with the code base and no licensing costs (thank you, open-source).
However, we shouldn’t overlook the constant inflow of hacked sites running WordPress. Sucuri’s 2016 report states that “over 78% of all websites the security company has worked with used WordPress.” This leads us to the conclusion that other platforms are more secure. However there is more at play in these numbers. Sucuri also say that “in all instances, regardless of platform, the leading cause of infection could be traced to the exploitation of software vulnerabilities in the platform’s extensible components, not its core.”
Let’s take a look at a few other options.
A number of the websites we have built at CandidSky utilise our in-house framework, Ebb.
With Ebb, there is no plugin directory and only a small group of developers are skilled in using every aspect. There is also an absence of malicious code that targets the framework and no vulnerable core or extensible components. Expert knowledge of 100% of the code base, in-house, offers a higher level of security, support and updates.
Numbers of Drupal vulnerabilities and affected websites is quite low, however only around 2% of websites use Drupal, and the ecosystem is similar to that of WordPress, although it requires more advanced knowledge to use than its alternatives. Sucuri reports that “81% of infected Drupal sites were outdated”, which is definitely an important metric.
It goes to show how critical website maintenance is, and that focus should lie not just in the development of a site but also its post-launch life.
More functions = more support
Some businesses require functionality that goes far beyond managing content, or the buying and selling process needed for online shop.
Another viable solution for more complex uses is Umbraco, an open source CMS which uses Microsoft’s .NET software framework. Umbraco runs on MS Windows, as opposed to more commonly used Linux solutions. It is regarded as a more secure option when compared to WordPress and Drupal, largely due to the relatively closed environment. However, this does not mean that vulnerabilities are sparse.
One of the key takeaways from our many years of experience in offering digital services, backed by many other reputable sources and research, is that the number one reason for the majority of security breaches does not lie in the code base, but rather in humans.
Our tendency to use memorable (weak) passwords, overlooking the importance of developers looking after your site once it’s launched, plus a lack of time and money dedicated to regular updates, all contribute to issues further down the line.
WordPress is a fantastic choice for anything from a one-person business site, to e-commence shops and sophisticated multi-site solutions. “Who” builds the solution and “how” that solution is maintained is the most important decision to make. Our team are experts in making the most of a platform, creating beautiful themes and secure, functional features that help businesses to flourish online.
But we also recognise the shortcomings of WordPress and fill the needs of more advanced projects with our in-house framework, ebb, which allows for a custom solution that is secure, scalable and well supported. In order to minimise the human error and prevent security breaches, we advise you to invest in regular maintenance, ensuring that professionals are there to run checks, apply updates and ensure that the administrators and users are kept secure.
Combined with an effective SEO & content strategy, the online world is your oyster. We would love to speak to you about your website needs and offer our advice, feel free to drop us a message if you still have any questions regarding which solution is best for your business, or pop in for a coffee and a chat about all things digital.