The Internet is abuzz over last month’s major WordPress update.
After massive data breaches at Ashley Madison, CareFirst BlueCross BlueShield and the U.S. Office of Personnel Management, cybersecurity has become a top priority for consumers, businesses, and even federal agencies. So WordPress, a platform used by nearly a quarter of all the Internet’s websites, has installed advanced new privacy features. Observers are eager to see if these enhancements make a difference and prevent future breaches.
But despite the update, some people are still skeptical of using WordPress, chiefly because of some baseless myths about the platform. Here are the five most prevalent — and why they’re wrong.
Myth No. 1: WordPress is just for blogs.
While primarily used as a blogging tool in its early days, WordPress is now a full-featured “content management system.” That means users can customize their site’s appearance with thousands of themes and specialty functions via downloadable “plugins.”
WordPress can serve as the backbone for powerful, dynamic websites far more advanced than a cookie-cutter blog.
Myth No. 2: WordPress isn’t secure.
With over 60 million websites, this system is certainly targeted by hackers. The vast majority get blocked. WordPress comes with robust security plugins, which are particularly useful for sites hosting ecommerce or other sensitive client information. And those plugins, along with other security measures, are only getting stronger.
Last month’s update, for example, includes enhanced password security features. Password reset links will now only stay live for a limited time and passwords themselves will never end up in inboxes — a feeding ground for hackers. WordPress will even advise individual users on the safest possible password.
And even those scant few successful breaches don’t mean WordPress is any less secure than rival platforms. The websites of CitiGroup, Google, and Zappos don’t run on WordPress and have also been hacked or attacked. Regular, commonsense precautions — like avoiding “password” as your password — will protect average users from any shenanigans.
Myth No. 3: WordPress isn’t suitable for big businesses.
Many large companies with high-traffic sites use WordPress, including Forbes, CNN, TIME magazine, The New York Post, and General Electric. Most of the speed and security issues that might affect a well-trodden site can be solved by hosting the site on a private server.
Even the experts trust WordPress. TechCrunch, a major technology news site with millions of visitors each month, runs on the platform. And The Seattle Times now entrusts its entire online presence to WordPress.
Myth No. 4: Open-source software doesn’t provide good user support.
WordPress uses software that can be edited by any web developer. Some critics claim that such “open sourcing” leaves gaps in user support.
The opposite is true.
Open-source software allows millions of developers from all around the world to add and refine the WordPress programming. That means if a user runs into an issue, chances are someone else has bumped into it too — and already found the solution. WordPress forums are a massive base of community knowledge and offer fixes to almost every potential problem.
Compare that to a closed-source platform. Even the most dedicated support team probably includes at most a dozen or so people. They’re responsible for solving a wide and sprawling mass of glitches. Even common user issues often go unaddressed.
Myth No. 5: The plugins can’t be trusted.
It’s safe to assume that some of WordPress’s 30,000 plugins haven’t been coded to the highest standards. But that’s why the platform has a robust review system that allows users to flag any problems.
With millions of sites giving feedback, glitches are ferreted out quickly. And just as you wouldn’t buy a blender on Amazon with one-star reviews, users would do well to avoid installing a plugin with less-than-stellar ratings.
Whether you want to run a basic blog or an online empire, WordPress is a solid platform option. And last month’s security upgrade is bound to make it even more so.
Kristen Thomaselli is a director at Keybridge Web, a leading web development company based in Washington, DC.