We're talking about WordPress.org - the software you download and install. We love it because it's versatile, customizable, and secure. Thanks to Open Peeps
When it’s time for the website development part of a project, I start wringing my hands in anticipation. I love starting a new WordPress website. I like starting over, a clean slate, a perfect beginning free of code that could have been written better. This is a technical post about being a nerd. But it’s also about my favorite content management system (called a CMS) and content publishing platform. If you’re unsure what WordPress is, then I might as well start there. If you think you don’t like WordPress, read on.
WordPress.com is a service that allows you to build a website yourself. They take care of hosting, security, and it’s very DIY. But this post is not about the difference between them, or to convince you which one is better for your situation.
This post is about the WordPress software that anyone can download and install on a web server. WordPress software is what we use to develop a web project, create custom programming for clients, and deliver a website from tip to tail that a client can make changes to.
The CMS I know the best
This website is built without a CMS. There’s no login, no plugins, and no editor. I can’t give a website like this to a client! How would they edit their content, create new pages, or add photos and videos? They need a CMS to do those things. To put it simply, a CMS uses a database to display content on a website. When a person edits text in a text editor, adds a photo, aligns it to the left, and clicks Update, they just saved their content to a database. The web page then asks the database for the content and violà! It appears.
A client website needs a CMS to edit its content and there are few to choose from. I choose WordPress because it’s the one I know the best. I started working with it 12 years ago when Chris Coyier and Jeff Star published their book Digging Into WordPress in 2009. “425 Pages of practical WordPress wisdom in full-color printed format.” Indeed it was. It was even spiral-bound so you could lay it flat while coding. Thanks, guys - you helped my career evolve.
If there has been a time when I told a client that “we can’t do that with WordPress” it is likely because I didn’t know that we could. Using plugins like Advanced Custom Fields and Custom Post Type UI, we can do a lot. A well-written website can have relationships with pages. We can pull a list of pages that relate to this one, and display them in a sidebar. We can create lots of menus, blogs posts, and custom content to do some very cool stuff. Allow me to give an example.
Most things we dream up for clients can be done with WordPress. I thought I could explain this best with an example.
Our client, Ward’s Nursery in Great Barrington, MA, is a wealth of information. Everyone in town knows to ask someone at Ward’s when they have a question about plants. They are constantly answering questions via email every day. How could we use their website to answer these questions? How could we make their website an information resource for their customers to peruse? Since WordPress is already driven by a database and it’s searchable, why not feed it questions and answers?
We created a custom post type called FAQs. Ward’s staff can create a new FAQ, enter the question as the post title, and answer the question in the editor. The website visitor can now see a grid of questions and answers. They can click to read it and see a few more questions related to that one. We made it searchable by keyword and created a list of categories to keep it all organized. Ward’s staff can create new FAQs at any time and the database will grow with them for years to come.
Windows computers are popular so they’re targeted more often by hackers. WordPress is in the same boat - it’s a popular platform on the web and any exploit is quickly known across the internet. WordPress websites get hacked every day. But it’s mostly the fault of its users. The two big reasons a WordPress site is hacked are out of date software and weak login credentials.
The developers at WordPress are always evolving their software and at no cost to the user. Updates to WordPress are provided often, making it more secure than it was before. Plugin authors have taken this work further by developing new ways to keep websites free from attack. It is the website admin that is responsible for keeping their WordPress website up to date and out of easy reach for bad actors. A well-maintained WordPress site is not on the hacker’s list of sites to hack today.