The Great WordPress Community Implosion
The case for wordpress diminishes with every competing platform release… and with conflicts within its own community!
For more years than I care to remember, we’ve found ourselves as a pitching agency trying - only occasionally successfully - to dissuade potential clients from taking the WordPress route when choosing their Content Management System (CMS).
We have nothing against WordPress as a means of building and managing web content; it’s a perfectly wonderful blogging tool and we understand why so many web admins like it. The problem is mainly its community support - or lack of it - and the fact that as a platform it’s become a victim of its own success.
Wordpress: so what’s the beef?
To explain: the community of plugin builders is so large and chaotic that releases often conflict with each other (or the core platform itself), and developers and admins only find out that things are going awry once it’s already too late. Accordingly, the clients that we have on the platform pay excessive maintenance and security retainers for us to keep on top of things for them, as well as occasionally for fixes and updates that’d be quite unnecessary were their sites on other open source or third-party supported CMS platforms.
Wordpress Community problems
“(the developer)’s actions are extraordinarily concerning and pose the grave risk of upending and irreparably harming the entire WordPress ecosystem.”
We note with some dismay the recent shenanigans concerning the ACF Plugin on WordPress.org, resulting from a situation where a developer appropriated the widely-used Advanced Custom Fields plugin, resulting in millions of existing installations being updated with code that was unapproved and untrusted by the experts on the approved ACF team at WP Engine - see advancedcustomfields.com/blog/acf-plugin-no-longer-available-on-WordPress-org. This sort of thing rings alarm bells with clients that are sensitive to security issues (which ought to be all of them!) and very much reinforces our assertion here at 3B Digital that site code and associated management tools need to be secure to the point of reasonable confidence, client and agency-side.
In conclusion, if your site is managed using WordPress, now is the time to properly audit plugins (of which there’ll doubtless be many) and review your security schedule… and to perhaps consider a move to a platform that’s easier to manage in these key areas (in almost every case Squarespace, Shopify or Drupal offer solutions that are more fully featured and cost effective).
