[HN Gopher] Do any startups still use WordPress after 20 years?
___________________________________________________________________
Do any startups still use WordPress after 20 years?
Author : catsarebetter
Score : 41 points
Date : 2023-06-01 18:06 UTC (4 hours ago)
(HTM) web link (autopitch.ai)
(TXT) w3m dump (autopitch.ai)
| syntheticnature wrote:
| This seems like a bit of the perennially-linked "Choose Boring
| Technology" bit. Your corporate landing page/blog is unlikely to
| need anything fancy. This is true especially if you aren't in
| tech, while the article focuses on YC startups, so a tech subset
| of (or subset of tech) startups. The categories listed do seem
| most likely to be cases where there isn't much need for anything
| fancy on the website front.
| catsarebetter wrote:
| I chose YC startups bc they tend to be locked into early
| technology trends specifically bc 1. everyone tries them out on
| each other and 2. they need to leverage every advantage to make
| great product, being a tech early adopter is one of them.
|
| It's true, choosing boring tech works. I analyzed some data to
| show that most YC companies in the last few years prefer
| Webflow by far. They seem to prefer it for their marketing
| sites. But I do think that it's impressive that some people in
| this tech-obsessed niche chose WP still.
| lobochrome wrote:
| Never heard of Webflow before.
|
| My god 11 years old. 335M$ funding. 600+ employees.
|
| Not public.
|
| How on earth would you make a call to rely on something like
| this? All the runway they might have had last summer will end
| soon...
| ttul wrote:
| WordPress is dominant because it's the Lingua Franca of the web
| design world. Despite PHP sucking, WordPress is well known by
| everyone in the industry and competitors - even with far superior
| technology - have an impossible task disrupting something with
| such platform dominance.
|
| For comparison, Microsoft Windows still holds about 75% market
| share, a figure that has barely budged in the last five years,
| despite Apple making major inroads.
|
| https://www.statista.com/statistics/218089/global-market-sha...
| babuloseo wrote:
| Its a good honeypot.
| o_____________o wrote:
| Recently tried Wordpress again, thinking maybe it has matured.
|
| Terrible idea, terrible platform. For example, you want metadata
| on posts, you install ACF. You want to filter on that metadata,
| good luck if it's over a couple filters simultaneously, the SQL
| queries will time out. You're guaranteed to need different tweaks
| that get dumped into a scripts file, feels like patterns from 20
| years ago. There are some people trying to untangle the Wordpress
| trash pile by refactoring and bolting Laravel onto it[1], but
| every layer is just a nightmare; the authors of different parts
| can barely assess why things randomly break.
|
| You might find WP appealing for the plugin ecosystem, but the
| plugins are completely random in implementation, so you're likely
| to get a bloated scramble of CSS and JS pushed to your users.
|
| I moved to Directus and Astro, but I would probably use a
| Laravel-based CMS like October or Statamic for more generalized
| PHP deployment.
|
| [1]: https://roots.io/
| PeterCorless wrote:
| I used WordPress at my last job. We don't at my new job and I
| miss it terribly.
| EGreg wrote:
| We use it:
|
| https://rational.app
|
| https://teaching.app
|
| Just as two examples
| koromak wrote:
| Yes. Keep the real application on a subdomain, and make your
| marketing website a simple wordpress install. Minimal effort, and
| works great if you don't care about authorization / integration
| between the two.
| daveslash wrote:
| Yes.
|
| Put the Wordpress on a completely separate server so the
| WordPress instance is properly firewalled from your main
| application/database. But don't leave it on a subdomain -- set
| up a reverse proxy so you can route to a subdirectory on your
| main domain. Better SEO. I'm not an SEO hawk, but if the point
| of Wordpress is marketing, then it's important.
|
| Edit: All good replies regarding cookies. Thank you for the
| correction. It is not "properly firewalled". The server side
| code is on a different machine, but this doesn't get you
| "proper firewall".
| chadd wrote:
| this is dangerous because then a rogue piece of content in
| your wordpress instance can exfiltrate user cookies.
| subdomains are much safer, if worse for SEO.
| vermilingua wrote:
| And then a malicious/compromised plugin has access to your
| primary sites cookies. I think that'd be worse for SEO.
| jansommer wrote:
| Couldn't one set the path of cookies to be for your app?
| Then a malicious plugin shouldn't be able to read your apps
| cookies, since they won't be sent to Wordpress
| xp84 wrote:
| The thing is, your real app doesn't need any SEO. just your
| marketing site. That's what they need to find (and if they're
| customers they go for that Login button that takes them to
| the app).
|
| Marketing site on www
|
| Real app on app.example.com or similar
| hobobaggins wrote:
| Warning, that's _NOT_ "firewalled" from your main
| application/database.
|
| If it's just part of the path on the same domain, then almost
| any Wordpress security vulnerability can leak over into your
| main application (i.e., cookies, credential stuffing, xss,
| etc)
| kerblang wrote:
| Worked at a company that combined the two, which eventually led
| to half the dev team working for... the marketing dept.
|
| It was a horrible mess.
| anotherhue wrote:
| Yup, I've seen that. Catastrophic.
| ssss11 wrote:
| Reminds me of when IT reported to Supply Chain in a company I
| was at. For some strange reason supporting supply chain
| systems and initiatives made up 60% of our work...
| kylecazar wrote:
| I've noticed some which only offer an app use WP for their basic
| web presence/brand landing page.
| xp84 wrote:
| I beg of you, if you use Wordpress, and don't have some reason
| you can't do this:
|
| _Use a static site generator plugin for Wordpress_ , host it
| completely behind IP restrictions or firewall rules, for only
| whoever needs to actually update it. The static site plugin will
| regenerate/update plain HTML files out of your WP instance
| whenever you tell it to; then it transfers those to your location
| of choice where they'll just be hosted statically.
|
| Wordpress is a pile of garbage from a security standpoint and
| having it exposed to the internet is basically asking to be
| hacked _constantly_ by spammers and script kiddies. But it is
| useful as an easy content generation tool anyone can use, and at
| the cadence most people actually update it, the regeneration
| compute time is trivial.
| WheelsAtLarge wrote:
| Wordpress has value in its ability to get a site up very quickly.
| If I, one person, want to I can get a pretty professional site up
| in a day. That's a powerful. I can then come back to it later and
| improve it given my needs. Startups are all about limited
| resources and Wordpress is a good tool to use. What's a better
| alternative?
| paulpauper wrote:
| WordPress is great for finding site and hosting/config
| vulnerabilities, which you can fix and then delete WordPress.
| it's like outsourcing for free a bug bounty.
| robotnikman wrote:
| Hah! I laughed too hard at this.
| catsarebetter wrote:
| Could you link me some info about this? I'd like to update the
| article with this ^
| donutshop wrote:
| WordPress? That's too simple. We use a static webpage, served up
| through kubernetes.
| CharlesW wrote:
| WordPress is a CMS, but it doesn't have to also your site
| runtime. Many people use WordPress as an SSG using tools like
| Simply Static.
| devoutsalsa wrote:
| Coming soon, running Kubernetes as a Wordpress plugin.
| donohoe wrote:
| At one point The New Yorker, with its 90 year archive, was on
| WordPress.
|
| It only moved off that because Conde Nast (parent company) had
| their own CMS and wanted to unify what all their brands used.
|
| Many publishers (large and small) use it quite reliably at an
| enterprise level.
| nkozyra wrote:
| > Many publishers (large and small) use it quite reliably at an
| enterprise level.
|
| Not out of the box, and the things they have to do to make it
| scale would make most devs cry.
|
| I've seen it up close and personal.
|
| WordPress out of the box is good for a low traffic blog. Even
| then it's not well designed software.
| yawnxyz wrote:
| Does anyone use Headless Wordpress here?
|
| It's been quiet since they launched that, and I've never used it
| but it sounds like a good option for those who never really
| learned PHP
| karaterobot wrote:
| I did some consulting work for a name-brand online retailer who
| uses headless WordPress for managing at least some of their
| content. I didn't work on it to the level where I know all the
| places it touched, though.
| JohnFen wrote:
| I don't. I dropped Wordpress years ago, because I got tired of
| dealing with all of the security problems.
| EGreg wrote:
| Can you list the main ones?
|
| I know they exist, I just need the info so we can assess our
| own platform
| donohoe wrote:
| I am guessing the issues were mostly plugin related, thats the
| main vector and where people get sloppy by installing unvetted
| code.
| aidos wrote:
| Unfortunately eventually everyone gives in to the marketing
| team installing plugins. And to be fair, they're just trying
| to do their job and you get sick of saying no. We all know
| how it ends though...it's a sea of issues waiting to happen.
| JohnFen wrote:
| Yes, but Wordpress is substantially less useful if you avoid
| using plugins. I dropped wordpress because it was more effort
| than it was worth to deal with the issue.
| edmundsauto wrote:
| I found Wordpress worked best when it wasn't publicly
| available. I always cached/proxied the content via a CDN and
| then restricted access to the backend via an internal network.
| Helped a lot, if anyone is going through something similar
| frizlab wrote:
| Yes we do in (both) my startups. And I know a friend who does
| too. Interestingly we're actually coming back to WP after a time
| w/o it!
| catsarebetter wrote:
| Interesting! What kind of products are you building and what
| were the tradeoffs that you made with other similar tools?
| poomer wrote:
| Quite a few do - here is databricks https://www.databricks.com/
| throwaway106382 wrote:
| [dead]
| pacifika wrote:
| The article misspells the product
| ramesh31 wrote:
| I'm certain there are still endless amounts of little lifestyle
| businesses out there doing a few million in revenue on the same
| WP installation they've been configuring since 2011. I know
| because I built them back then and literally nothing has actually
| changed. I honestly can't say I'd reccomend anything else to
| someone intent on self hosting even today.
| icelancer wrote:
| Yep. Mine does. Works fine.
| catsarebetter wrote:
| It's hard to argue against the technology that's been around
| forever. Have you tried new tech recently ie. Vercel?
| singingfish wrote:
| we were looking at this the other day while trying to assess what
| the standard tools are for ecommerce these days. We were using
| google trends.
|
| There is still a lot of interest in wordpress, compared to say
| joomla which had its day in the sun but is now on the way out.
| However there seems to be a big move towards people using more
| SAAS (e.g. your broucure site being instagram) and less
| maintaining your own kit.
|
| Also anecdote: my sax repair guy is moving off woocommerce onto
| an offering provided by his PoS vendor. PoS integration is also
| quite common - a local non profit I'm involved in also does this.
| catsarebetter wrote:
| If you want, you can email me with a few ecommerce domains. I
| can generate some data and send you a report with the custom
| tech I used for this article.
| singingfish wrote:
| Not really relevant to our problem tbh. At our scale (b2b)
| the answer seems to be there's a big trend away from places
| owning their own IP and using partnerships instead. Which is
| a problem when your competitive advantage is closely linked
| to owning your own IP, as it's hard to get external partners
| to advise you well in a way that's going to get the dev team
| and the execs aligned. However there have been many attempts
| to kill our code over the years, all of which has been
| unsuccessful to date because someone's got to route around
| the horrors of the ERP and the rest of the enterprise stack.
| catsarebetter wrote:
| Agh we're facing the same problem at my job, build vs buy
| conversation a long time ago that resulted in a buy
| decision that we're suffering from. Even worse is no one
| involved in that decision is around today
___________________________________________________________________
(page generated 2023-06-01 23:01 UTC)