Don’t Blame WordPress
90,000 hackers are trying to get into your WordPress installation right now. That’s a ridiculous statistic but also points to the popularity of the world’s most popular content management system. While we’re fairly agnostic about content management systems, we have a deep respect for WordPress and support most of our clients’ installations on it.
I don’t necessarily agree with the founder of WordPress who largely deflects the attention on security issues with the CMS. While folks can change their administrative login from admin, the biggest benefit of WordPress has always been the 1-click install. If you want them to change the login, that’s more than 1 click!
Additionally, I don’t like that the login screen is a hard-coded path that cannot be modified. It would be pretty simple for WordPress to allow a custom path.
That said, any agency that builds and supports WordPress sites holds most of the responsibility. We host all our clients on managed WordPress hosting instances since they do a fantastic job of monitoring for security and ensuring stronger passwords. WP Engine also requires you to utilize a different login than admin when you create a WordPress instance with them.
Other clients have had severe issues with WordPress such as bugs, performance issues, and difficult administration. All of these aren’t WordPress issues, though. They’re WordPress developer issues. One of our clients is a sales proposal platform – and they have some very customized content throughout their site. Designed by another agency, the administration of their pages is quite simple, using some advanced custom fields:
Using Advanced Custom Fields, Gravity Forms and some good theme development, DK New Media built an entire job staffing site for a client. It works flawlessly, and their staff said that the administration is a dream.
Your WordPress site and your WordPress security are only as good as the infrastructure it’s built on and as good as the development of the theme and plugins you’ve included. Don’t blame WordPress… find a new developer and a new place to host it!