WordPress is the most popular Content Management System (CMS) on the Internet. Contrary to common beliefs - it does not come for free, though. There are many cases when teams build complex systems on top of WordPress without realizing the consequences of choosing this community-supported system.
Many teams select WordPress as the system where they store and manage content because of its familiar look and feel and simple setup. Until they release their product they rarely realize how much cost and effort it will require to support that system in the long run - in order to provide security, performance and business continuity guarantees.
This is where headless CMS systems really shine. Managed headless systems, like Contentful, DatoCMS or Flotiq, are available as Software as a Service and offer developer-centric approach combined with the easy-to-use interface for content editors, often resembling the UI of WordPress. These systems come at a monthly fee, but take the responsibility for providing the infrastructure, security and availability of your content.
Let's look deeper into the pros & cons of each of the solutions.
Pros & cons (TLDR)
- Rich plugin marketplace
- Community support (limited)
- Low initial cost
- No Service Level Agreement
- Security vulnerabilities discovered daily, fixed at the author's convenience
- Bloated plugins, conflicts between plugins
- Limited system scalability
- Higher TCO (Total Cost of Ownership)
- Forced to use PHP
- Vendor lock-in - your content is locked in your WordPress website (REST API is limited and often considered insecure)
A headless system without bloat and overhead, resulting in:
- better site performance,
- content and data separation,
- easier management,
- tighter security (external pentesting audits)
- a cohesive system built from compatible components
- robust support (via Discord) and SLA (for enterprise users)
- lower TCO (Total Cost of Ownership)
- variety of programming languages supported
- content delivery for omnichannel (website, mobile app, interactive billboard advertising, etc.)
- Higher initial cost (for bigger projects)
When (not) to choose WordPress
Open-source, traditional CMS platforms like WordPress are a great solution for simple platforms, early in their lifecycle. The common availability of WordPress developers and an extensive plugin marketplace make it easy to assemble a site and possibly extend its features with several plugins. Unfortunately - with most websites - these features quickly turn into obstacles that are hard to overcome. Plugin dependencies become a nightmare to support in the long run and vendor management is not an easy task itself.
Systems like WordPress are built in a very generic way so that you can use them in a broad set of applications. Customizations (and every site needs some set of those), are done by installing plugins from the WordPress marketplace. It is an uncurated library, where anyone can publish their code, without any supervision. Plugins are often maintained by a single author or a community, without a real business behind them. That leads to significant risks for projects based on WordPress (or similar systems):
- security vulnerabilities can remain unpatched (more here and here),
- voluntaries handle features/requests,
- their authors can abandon plugins at any time,
- the end-users often handle quality assurance,
- no enforceable SLAs,
- forced to use PHP also on front-end,
- you can use your data only in one place.
Most businesses quickly identify these risks and move away from WordPress. Those which do not - often fall victim to attacks, which are growing in numbers and WordPress is the unfamous winner in the number of hacked websites contest.
The chart above is published by Sucuri and covers 60 299 infected websites, of those - 94% were running WordPress.
Flotiq lets businesses keep the most critical benefit of the WordPress-like system - the possibility to create new content without the need to engage a development team. At the same time, it eliminates the risks identified previously, as the platform provides a fully-managed and secured Content as a Service solution and access to a network of vetted development agencies, who can look after the core of the system.
Flotiq strongly encourages separation of concerns and isolates the data from the presentation layer (unlike traditional CMS like WordPress). Thanks to that - you can easily use your data anywhere you need them, e.g.:
- Mobile apps,
- Billboard advertising,
- Desktop applications,
- Amazon Lambda functions,
- Mailing systems,
To help companies use Flotiq to power omnichannel experiences - we provide many project boilerplates in different languages to jump-start your project. See our open-source repositories on our GitHub account.
WordPress and similar systems offer amazing opportunities for the do-it-yourself type and people who care more about initial investment than the long term cost. This will work great for a large number of cases, but if you're are planning to base your business online presence on a system that only offers best-effort community-driven support - you might want to rethink your strategy. Flotiq, and other commercially-supported headless CMS systems, also bring value in terms of development speed, security and content reusability which are all difficult to achieve in WordPress-based solutions.