Where the design community meets.
I'm actually curious: what exact issues do you have with the speed and security of WordPress? I'm constantly hearing that criticism, but I’ve had the exact opposite experience. I’ve been able to optimize the security and speed of WordPress so it outperforms most of the alternatives. I have a few suggestions: a properly-configured security plugin like iThemes Security, a good webhost, a robust caching plugin like W3 Total Cache, a good CDN, and a good image optimizer tool like EWWW Image Optimizer.
I have no affiliation with any those plugins. Part of my business is to help my clients optimize WordPress by using the right combination of plugins and other performance strategies. iThemes Security closes most of the popular ways to attack WordPress installations. W3 Total Cache is complicated, but it's extremely important for caching optimizations. A properly configured CDN will improve your page load speed and actually help your SEO performance too. Lastly, the image optimizer will do the things most of us are too lazy to actually do ourselves - resize and compress images so they load properly.
With those plugins properly configured — yes, it takes time to learn them -- WordPress performs brilliantly. Here are a couple pingdom tools examples of sites I’ve optimized:
eciov.com is a blog that I’ve optimized. It’s very image-heavy but still loads the entire homepage under 2MB. The main reason it scores 91% on the scale is that I have external resources like analytics, twitter, and facebook loading on the site. Every external tool slows down your website. Use them sparingly. driftmgmt.com, on the other hand, scores a 98% because I use fewer external resources.
Sure, a static CMS is an alternative, but since you're already familiar with WordPress, maybe it'd be good to learn how to optimize it instead of giving up on it. I'm guessing that would probably take less time than learning a completely new CMS. I personally have no interest in moving away from WordPress, but that’s because I like its flexibility and expandability — and I’m good at optimizing its performance.
Thanks for the in-depth response. The main issue I have with WordPress is the fact that it's a big target for security attacks. Even optimized, WordPress still feels "heavy" to me. I've made use of all the plugins you mentioned here, and while yes, they dramatically make a huge impact on a website's rendering speed, it's a shame you have to rely on them completely.
I'm not worried about learning something new in regards to technology under the hood of a new CMS. I'm more concerned about how many "plugins" I don't have to depend on to get my website to perform as it should. Yes, this will likely mean more manual optimizations but at least I will be in better control you know?
I guess you could say I'm going after the "Less is more" approach rather than when I have a problem, simply installing a plugin isn't the "fix" I'm after.
I definitely understand your perspective. Security hasn't really been an issue for me. WordPress is certainly a target, but you can eliminate the typical attack points with very little effort. Of course, there are always unknown vulnerabilities, but that happens with every piece of software ever written. It's also true that WordPress exploits are more sought-after than say, Jekyll, but I trust the WordPress core devs to fix vulnerabilities quicker than anyone else.
I also know and trust the developers who produce the optimization plugins i use. If something breaks, they'll fix it quickly. I don't have that same level of trust with another platform -- especially the lesser-known static CMS's. Less can be more, but this works for me and I have no desire to change.
Would I say that maintaining a professional-level WordPress site is easy? Absolutely not. It certainly takes effort. But I've developed standards and workflows that work well for me over the years and wouldn't choose to give up the power of WordPress for something easier.
None of this means I don't have to talk customers into WordPress from time to time. Everyone has an opinion. Some customers come to me after talking with someone who's hardcore drupal or joomla and anti-WordPress. I laugh on the inside. It's not difficult to sell them on WordPress because most of their fears are baseless -- if you know what you're doing.
That's my final point. Most people don't know what they're doing. Few people have as much experience with WordPress as I do. I'm 10 years into the ecosystem at this point. It's actually tough for me to come in and clean up after different WordPress developers as I see really stupid things every single day. But it's my job... and if I didn't do it, my clients would have severe on-going problems.
Point being: I hear, understand, and validate your criticisms, but I'm comfortable with what WordPress is. It's certainly not for everyone.
Exactly! I used WordPress RestfullAPI with AngularJS for example. Crazy fast and still with WP
Where the design community meets.
Designer News is a large, global community of people working or interested in design and technology.