Home > NewsRelease > 3 Scary Truths about WordPress That Can Keep You Up at Night
3 Scary Truths about WordPress That Can Keep You Up at Night
Jennifer Beever --  B2B Chief Marketing Officer for Hire Jennifer Beever -- B2B Chief Marketing Officer for Hire
For Immediate Release:
Dateline: Los Angeles, CA
Friday, February 23, 2018


Beware 5164166031_462b41515a_bThe advent of open source, templated WordPress websites that non-programmers can create and maintain has been revolutionary. But beware, there are some very scary things that can go on behind the scenes you need to know about and prevent!

[I originally published this post in 2015. Last night I attended a really great WordPress meetup and decided to update the post. And, yes, there are still reasons to beware of open source, templated websites!]

As a marketing consultant, I’ve been working with websites since 2000 and on WordPress sites since 2009. I’ve seen some great successes and real nightmares with the WordPress platform. Today I and my associates prefer to create websites in WordPress, because it is so cost-effective and flexible. But, it’s not right for every project, and there are some things you need to watch out for.

WordPress is an open source technology. That means that the source code is available to anyone who wishes to modify or expand upon the code. It is widely used and relatively easy to access and modify.  Because its open source, programmers have developed design themes that your can purchase to quickly implement and website with a nice design. They have also developed add-ons for the websites called plugins, so that depending on what features you want to create on your website, you can pick and choose plugins to install without having to program the features yourself. Many templates and plugins are free, which can be very cost-effective.

But, here are some of the nightmares that I’ve seen:

1. Because WordPress is open source, it can be hacked.

But, you say, “I’m a small business, and I don’t do sales transactions on my site. Why would someone hack my my site?

Because! (Really, some hackers hack WordPress sites just because it’s there.) Some hack sites so that they can install malware or use the site to conduct attacks on other sites or programs.

This became really clear to me in 2011 when a web developer casually mentioned he had noticed some malware on a client’s WordPress site and removed it.

Me: “Whaaaaat?

All businesses could be hurt by malware inserted into their website, but in particular, this was a business for which reputation was critical!  There are standard security procedures and tools you can implement to help prevent this, and regular reviews of your WordPress site for malware and hacks are a must.

Since I originally wrote this post, I had to work with a web developer and with Google to help a client get malware removed from their hacked site. The site had been hosted on a legacy hosting service that had some security holes, and there is a possibility that the client’s network was not secured against hackers. We had done a good job of optimizing content for this client and getting them found online, so it was disappointing when we had to take time out to remove malware and resubmit it for review by Google. I learned in this process that there are new ways to secure a WordPress installation from hackers, and I’m sure the methods and tools continue to evolve.

2. WordPress templates or plugins can result in a bad website.

There are good templates and plugins and bad ones. Don’t buy a bad template or plugin! Have an experienced WordPress programmer evaluate it first. Check to make sure the author does regular updates. This is one reason you may want to buy your template instead of using a free one. At least with a paid template, it is more likely that there is someone with “financial skin-in-the-game” (e.g. someone who is incentivized) who will maintain it properly.

I learned from my WordPress web developer that when they download templates, they have seen that some WordPress template creators load in a bunch of plugins, which they don’t disclose before you purchase. Even if you do research on the template, now you have the plugins on your server, and you may not know who created them or if they are maintained.

I’ve run into some businesses that updated their site in the last couple of years but are still using a non-responsive template. A responsive template automatically adjusts for whatever device (desktop computer, tablet or phone) is used to view the site. Google announced that sites that are non-responsive will not rank well in the search results well in advance of making the change in April 2015. It’s a shame to invest money in a new site or site update and not have it responsive, when Google pre-announced the change to give everyone time to update their site – something Google rarely or never does! Before you choose a template, make sure it has all the features that are necessary to perform well for visitors and with the search engines.

I have worked on client websites that were set up incorrectly. Sometimes the templates are modified, and if the site was not set up properly,  installing an update to the template (critical to plug possible security holes) wipes out the modifications. In one case, a business’s home page was heavily modified so that the client could not edit the content, and our team could not optimize it for the search engines. Graphics were not the correct resolution and load slowly. If websites are not set up with the proper security measures in place, and they get hacked.

3. There is a wide range of quality when it comes to WordPress development.

Today, almost anyone can say they are a web developer, create a website, create graphics and optimize the site for the search engines. Graphic designers create websites. Web developers create graphics and provide search engine optimization (SEO). Heck, I even created a very simple site for a client (they begged me). But, does the SEO that was done get results? Is the site really secure from hackers? Are the images and graphics designed and optimized for the web? Does the site have loads of plugins and widgets that slow down the performance (another factor Google takes into consideration when it evaluates websites for search results).

Some really successful traditional, print-oriented graphic designers do not understand how to create graphics for the web. Some graphic designers and some web developers do not keep up with the ever-changing SEO techniques. Programmers are not always good web developers and some are not experienced in WordPress. And, now that content marketing and social media make a difference in how a website gets found in searches, there are also many web developers and graphic designers don’t know how to integrate this into a WordPress (or any) website.

This was not a blog post written to bash web developers, programmers and graphic designers. For me, the last few years of working on WordPress websites have taught me is that there are many aspects of a website that need an experienced professional.  There are talented professionals out there that create good, optimized, well-performing websites. But, unfortunately, there are also a lot of bad WordPress website creators. They may not even know what they don’t know. If you, the website owner, doesn’t know what to look for when buying web development services, you may end up with a website that’s very, very scary.

If you need a new website or wish to update your existing site, contact me at New Incite today. I provide written website creation or update plans that include the design, security, marketing and technology details you need. I  have reviewed proposals for websites and social media projects and consulted with businesses to help them choose the best provider. I continue to work hard to continue to identify and work with the good guys and gals – designers and developers who create great websites that generate results.

Photo by David Goerhing on Flickr. Some Rights Reserved.

News Media Interview Contact
Name: Jennifer Beever
Group: New Incite
Dateline: Simi Valley, CA United States
Direct Phone: 818-347-4248
Jump To Jennifer Beever --  B2B Chief Marketing Officer for Hire Jump To Jennifer Beever -- B2B Chief Marketing Officer for Hire
Contact Click to Contact